[jira] [Deleted] (MESOS-10078) Cgroups isolator: update cgroups subsystems to support nested cgroups

[Andrei Budnik (Jira)]

 [ 
https://issues.apache.org/jira/browse/MESOS-10078?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Budnik deleted MESOS-10078:
--


> Cgroups isolator: update cgroups subsystems to support nested cgroups
> -
>
> Key: MESOS-10078
> URL: https://issues.apache.org/jira/browse/MESOS-10078
> Project: Mesos
>  Issue Type: Task
>Reporter: Andrei Budnik
>Assignee: Andrei Budnik
>Priority: Major
>  Labels: cgroups, containerization
>
> Update Cgroups Subsystems to support nested cgroups.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (MESOS-10099) Operator API can silently drop objects due to authorization errors.

[Andrei Sekretenko (Jira)]

Andrei Sekretenko created MESOS-10099:
-

 Summary: Operator API can silently drop objects due to 
authorization errors.
 Key: MESOS-10099
 URL: https://issues.apache.org/jira/browse/MESOS-10099
 Project: Mesos
  Issue Type: Bug
  Components: master
Reporter: Andrei Sekretenko
Assignee: Andrei Sekretenko



Currently, `ObjectApproves` does not discern declined authorization from error 
returned by `ObjectApprovers::approved()`:

https://github.com/apache/mesos/blob/e3db054d639b79a7b0246d2431ff8eece3e394e8/src/master/master.cpp#L13274

As a consequence, authorization errors in ObjectApprover result in silently 
filtering objects in operator API calls, example: 
https://github.com/apache/mesos/blob/998aee66bfedd1fe15bb1e1fc43a637fe91662a5/src/master/readonly_handler.cpp#L196

This issue is potentially exacerbated by introduction of synchronous 
authorization (which will result in _transient_ failures propagated as errors 
returned by `approved(...)`.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)