> On Jan. 15, 2019, 3:02 a.m., Qian Zhang wrote: > > src/slave/containerizer/mesos/isolators/linux/seccomp.cpp > > Lines 17-18 (patched) > > <https://reviews.apache.org/r/68021/diff/12/?file=2117411#file2117411line17> > > > > A newline between.
https://github.com/apache/mesos/blob/2aaf96ecbab316708afb401e43cad2f2f692f687/src/slave/containerizer/mesos/isolators/xfs/utils.cpp#L35-L38 > On Jan. 15, 2019, 3:02 a.m., Qian Zhang wrote: > > src/slave/containerizer/mesos/isolators/linux/seccomp.cpp > > Lines 61 (patched) > > <https://reviews.apache.org/r/68021/diff/12/?file=2117411#file2117411line61> > > > > Can we have a more explicit error message here? Like `The default > > seccomp profile is invalid: ...`. Currenly, the error message is very long and pretty descriptive: ``` E0115 10:23:51.804989 2491 main.cpp:484] EXIT with status 1: Failed to create a containerizer: Could not create MesosContainerizer: Failed to create isolator 'linux/seccomp': Failed to read Seccomp profile file '/home/abudnik/default.json': No such file or directory ``` > On Jan. 15, 2019, 3:02 a.m., Qian Zhang wrote: > > src/slave/containerizer/mesos/isolators/linux/seccomp.cpp > > Lines 97 (patched) > > <https://reviews.apache.org/r/68021/diff/12/?file=2117411#file2117411line97> > > > > Missing Seccomp profile name for container xxx. I don't think we need to mention `containerId`. Other isolators don't specify `containerId` in failure messages. We print `containerId` in `Http::_launchContainer` (and in `Slave::executorLaunched`) on failures. - Andrei ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/68021/#review211985 ----------------------------------------------------------- On Nov. 8, 2018, 3:24 p.m., Andrei Budnik wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/68021/ > ----------------------------------------------------------- > > (Updated Nov. 8, 2018, 3:24 p.m.) > > > Review request for mesos, Gilbert Song, Jie Yu, James Peach, and Qian Zhang. > > > Bugs: MESOS-9035 > https://issues.apache.org/jira/browse/MESOS-9035 > > > Repository: mesos > > > Description > ------- > > This patch introduces `linux/seccomp` isolator which is used for > preparing `ContainerSeccompProfile` for the Mesos containerizer > launcher. If the `ContainerConfig` message has an info about Seccomp > profile name, then this info will be used to locate a Seccomp profile. > The given Seccomp profile is parsed and the resulting > `ContainerSeccompProfile` is stored in the `ContainerLaunchInfo` > message. > > > Diffs > ----- > > src/CMakeLists.txt a574d449dc26b820cbef7ff0b5e94b42b6fe86cf > src/Makefile.am cd785255fcdf1302a8f9fa358039e5d1f200e132 > src/slave/containerizer/mesos/containerizer.cpp > 5016f2e9f0651abcb0a5f364e8eace458f2edeae > src/slave/containerizer/mesos/isolators/linux/seccomp.hpp PRE-CREATION > src/slave/containerizer/mesos/isolators/linux/seccomp.cpp PRE-CREATION > > > Diff: https://reviews.apache.org/r/68021/diff/13/ > > > Testing > ------- > > > Thanks, > > Andrei Budnik > >