subject:"Review Request 58250\: Test that bind\-mounted host network configuration is mounted readonly."

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-14 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

(Updated June 14, 2017, 6:31 p.m.)


Review request for mesos and Jie Yu.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs (updated)
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/7/

Changes: https://reviews.apache.org/r/58250/diff/6-7/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-14 Thread Jie Yu



> On June 14, 2017, 4:41 a.m., James Peach wrote:
> > src/tests/containerizer/cni_isolator_tests.cpp
> > Lines 1451 (patched)
> > 
> >
> > This should be `ROOT_INTERNET_ReadOnlyBindMounts` because it doesn't 
> > need `curl`.

You still need CURL filter because downloading docker image needs curl 
(unfortunate, but this is the case for now).


- Jie


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/#review177862
---


On June 14, 2017, 2:12 p.m., Silas Snider wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58250/
> ---
> 
> (Updated June 14, 2017, 2:12 p.m.)
> 
> 
> Review request for mesos and Jie Yu.
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Test that bind-mounted host network configuration is mounted readonly.
> 
> 
> Diffs
> -
> 
>   src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 
> 
> 
> Diff: https://reviews.apache.org/r/58250/diff/6/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Silas Snider
> 
>

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-14 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

(Updated June 14, 2017, 2:12 p.m.)


Review request for mesos and Jie Yu.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs (updated)
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/6/

Changes: https://reviews.apache.org/r/58250/diff/5-6/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread James Peach


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/#review177862
---




src/tests/containerizer/cni_isolator_tests.cpp
Lines 1451 (patched)


This should be `ROOT_INTERNET_ReadOnlyBindMounts` because it doesn't need 
`curl`.


- James Peach


On June 14, 2017, 12:38 a.m., Silas Snider wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58250/
> ---
> 
> (Updated June 14, 2017, 12:38 a.m.)
> 
> 
> Review request for mesos and Jie Yu.
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Test that bind-mounted host network configuration is mounted readonly.
> 
> 
> Diffs
> -
> 
>   src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 
> 
> 
> Diff: https://reviews.apache.org/r/58250/diff/5/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Silas Snider
> 
>

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

(Updated June 14, 2017, 12:38 a.m.)


Review request for mesos and Jie Yu.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs (updated)
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/5/

Changes: https://reviews.apache.org/r/58250/diff/4-5/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

(Updated June 14, 2017, 12:33 a.m.)


Review request for mesos and Jie Yu.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs (updated)
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/4/

Changes: https://reviews.apache.org/r/58250/diff/3-4/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

(Updated June 14, 2017, 12:32 a.m.)


Review request for mesos and Jie Yu.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs (updated)
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/3/

Changes: https://reviews.apache.org/r/58250/diff/2-3/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider



> On June 14, 2017, 12:02 a.m., Jie Yu wrote:
> > FYI, this test does not pass on my box:
> > ```
> > [==] Running 1 test from 1 test case.
> > [--] Global test environment set-up.
> > [--] 1 test from CniIsolatorTest
> > [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > Executing pre-exec command 
> > '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> > Executing pre-exec command 
> > '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/slaves\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0\/frameworks\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-\/executors\/24b4b6bf-db12-416c-8113-cc4c34af6dcf\/runs\/8d2ef480-b21e-48b1-a140-e585a4762969","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/provisioner\/containers\/8d2ef480-b21e-48b1-a140-e585a4762969\/backends\/overlay\/rootfses\/4517faf0-ff27-49d2-8142-96636b8f8475\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> > I0613 17:01:42.720935 37571 exec.cpp:162] Version: 1.4.0
> > I0613 17:01:42.733803 37597 exec.cpp:237] Executor registered on agent 
> > 3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0
> > I0613 17:01:42.738118 37577 executor.cpp:169] Received SUBSCRIBED event
> > I0613 17:01:42.739022 37577 executor.cpp:173] Subscribed executor on 
> > core-dev
> > I0613 17:01:42.739261 37577 executor.cpp:169] Received LAUNCH event
> > I0613 17:01:42.739573 37577 executor.cpp:624] Starting task 
> > 24b4b6bf-db12-416c-8113-cc4c34af6dcf
> > I0613 17:01:42.741453 37577 executor.cpp:468] Running 
> > '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> > '
> > I0613 17:01:42.743849 37577 executor.cpp:636] Forked command at 37611
> > Changing root to 
> > /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS/provisioner/containers/8d2ef480-b21e-48b1-a140-e585a4762969/backends/overlay/rootfses/4517faf0-ff27-49d2-8142-96636b8f8475
> > c: applet not found
> > I0613 17:01:42.906725 37605 executor.cpp:915] Command exited with status 
> > 127 (pid: 37611)
> > /home/jie/workspace/mesos/src/tests/containerizer/cni_isolator_tests.cpp:1526:
> >  Failure
> >   Expected: TASK_FINISHED
> > To be equal to: statusFinished->state()
> >   Which is: TASK_FAILED
> > I0613 17:01:42.918128 37585 exec.cpp:435] Executor asked to shutdown
> > I0613 17:01:42.918589 37592 executor.cpp:169] Received SHUTDOWN event
> > I0613 17:01:42.918645 37592 executor.cpp:733] Shutting down
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts (5056 ms)
> > [--] 1 test from CniIsolatorTest (5057 ms total)
> > 
> > [--] Global test environment tear-down
> > [==] 1 test from 1 test case ran. (5098 ms total)
> > [  PASSED  ] 0 tests.
> > [  FAILED  ] 1 test, listed below:
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > ```
> 
> Jie Yu wrote:
> Added a missing argv[0], still failed for me:
> ```
> [==] Running 1 test from 1 test case.
> [--] Global test environment set-up.
> [--] 1 test from CniIsolatorTest
> [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> Executing pre-exec command 
> '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> Executing pre-exec command 
> '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/slaves\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0\/frameworks\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-\/executors\/55d299b4-2663-4bd5-980a-2b5df95181a4\/runs\/2798da96-2f37-4e27-b737-aa01fc6b4a5d","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/provisioner\/containers\/2798da96-2f37-4e27-b737-aa01fc6b4a5d\/backends\/overlay\/rootfses\/c00bda57-a3eb-435b-9499-2e1c2bfb7a56\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> I0613 17:09:37.193990 36312 exec.cpp:162] Version: 1.4.0
> I0613 17:09:37.209614 36310 exec.cpp:237] Executor registered on agent 
> 31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0
> I0613 17:09:37.213358 36323 executor.cpp:169] Received SUBSCRIBED event
> I0613 17:09:37.214424 36323 executor.cpp:173] Subscribed executor on 
> core-dev
> I0613 17:09:37.214689 36323 executor.cpp:169] Received LAUNCH event
> I0613 17:09:37.214915 36323 executor.cpp:624] Starting task 
> 55d299b4-2663-4bd5-980a-2b5df95181a4
> I0613 17:09:37.216902 36323 executor.cpp:468] Running 
> '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> '
> I0613 17:09:37.219539 36323 executor.cpp:636] Forked command at 36346
> Changing root to 
> /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M/pro

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Jie Yu



> On June 14, 2017, 12:02 a.m., Jie Yu wrote:
> > FYI, this test does not pass on my box:
> > ```
> > [==] Running 1 test from 1 test case.
> > [--] Global test environment set-up.
> > [--] 1 test from CniIsolatorTest
> > [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > Executing pre-exec command 
> > '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> > Executing pre-exec command 
> > '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/slaves\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0\/frameworks\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-\/executors\/24b4b6bf-db12-416c-8113-cc4c34af6dcf\/runs\/8d2ef480-b21e-48b1-a140-e585a4762969","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/provisioner\/containers\/8d2ef480-b21e-48b1-a140-e585a4762969\/backends\/overlay\/rootfses\/4517faf0-ff27-49d2-8142-96636b8f8475\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> > I0613 17:01:42.720935 37571 exec.cpp:162] Version: 1.4.0
> > I0613 17:01:42.733803 37597 exec.cpp:237] Executor registered on agent 
> > 3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0
> > I0613 17:01:42.738118 37577 executor.cpp:169] Received SUBSCRIBED event
> > I0613 17:01:42.739022 37577 executor.cpp:173] Subscribed executor on 
> > core-dev
> > I0613 17:01:42.739261 37577 executor.cpp:169] Received LAUNCH event
> > I0613 17:01:42.739573 37577 executor.cpp:624] Starting task 
> > 24b4b6bf-db12-416c-8113-cc4c34af6dcf
> > I0613 17:01:42.741453 37577 executor.cpp:468] Running 
> > '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> > '
> > I0613 17:01:42.743849 37577 executor.cpp:636] Forked command at 37611
> > Changing root to 
> > /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS/provisioner/containers/8d2ef480-b21e-48b1-a140-e585a4762969/backends/overlay/rootfses/4517faf0-ff27-49d2-8142-96636b8f8475
> > c: applet not found
> > I0613 17:01:42.906725 37605 executor.cpp:915] Command exited with status 
> > 127 (pid: 37611)
> > /home/jie/workspace/mesos/src/tests/containerizer/cni_isolator_tests.cpp:1526:
> >  Failure
> >   Expected: TASK_FINISHED
> > To be equal to: statusFinished->state()
> >   Which is: TASK_FAILED
> > I0613 17:01:42.918128 37585 exec.cpp:435] Executor asked to shutdown
> > I0613 17:01:42.918589 37592 executor.cpp:169] Received SHUTDOWN event
> > I0613 17:01:42.918645 37592 executor.cpp:733] Shutting down
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts (5056 ms)
> > [--] 1 test from CniIsolatorTest (5057 ms total)
> > 
> > [--] Global test environment tear-down
> > [==] 1 test from 1 test case ran. (5098 ms total)
> > [  PASSED  ] 0 tests.
> > [  FAILED  ] 1 test, listed below:
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > ```
> 
> Jie Yu wrote:
> Added a missing argv[0], still failed for me:
> ```
> [==] Running 1 test from 1 test case.
> [--] Global test environment set-up.
> [--] 1 test from CniIsolatorTest
> [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> Executing pre-exec command 
> '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> Executing pre-exec command 
> '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/slaves\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0\/frameworks\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-\/executors\/55d299b4-2663-4bd5-980a-2b5df95181a4\/runs\/2798da96-2f37-4e27-b737-aa01fc6b4a5d","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/provisioner\/containers\/2798da96-2f37-4e27-b737-aa01fc6b4a5d\/backends\/overlay\/rootfses\/c00bda57-a3eb-435b-9499-2e1c2bfb7a56\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> I0613 17:09:37.193990 36312 exec.cpp:162] Version: 1.4.0
> I0613 17:09:37.209614 36310 exec.cpp:237] Executor registered on agent 
> 31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0
> I0613 17:09:37.213358 36323 executor.cpp:169] Received SUBSCRIBED event
> I0613 17:09:37.214424 36323 executor.cpp:173] Subscribed executor on 
> core-dev
> I0613 17:09:37.214689 36323 executor.cpp:169] Received LAUNCH event
> I0613 17:09:37.214915 36323 executor.cpp:624] Starting task 
> 55d299b4-2663-4bd5-980a-2b5df95181a4
> I0613 17:09:37.216902 36323 executor.cpp:468] Running 
> '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> '
> I0613 17:09:37.219539 36323 executor.cpp:636] Forked command at 36346
> Changing root to 
> /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M/pro

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider



> On June 14, 2017, 12:02 a.m., Jie Yu wrote:
> > FYI, this test does not pass on my box:
> > ```
> > [==] Running 1 test from 1 test case.
> > [--] Global test environment set-up.
> > [--] 1 test from CniIsolatorTest
> > [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > Executing pre-exec command 
> > '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> > Executing pre-exec command 
> > '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/slaves\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0\/frameworks\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-\/executors\/24b4b6bf-db12-416c-8113-cc4c34af6dcf\/runs\/8d2ef480-b21e-48b1-a140-e585a4762969","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/provisioner\/containers\/8d2ef480-b21e-48b1-a140-e585a4762969\/backends\/overlay\/rootfses\/4517faf0-ff27-49d2-8142-96636b8f8475\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> > I0613 17:01:42.720935 37571 exec.cpp:162] Version: 1.4.0
> > I0613 17:01:42.733803 37597 exec.cpp:237] Executor registered on agent 
> > 3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0
> > I0613 17:01:42.738118 37577 executor.cpp:169] Received SUBSCRIBED event
> > I0613 17:01:42.739022 37577 executor.cpp:173] Subscribed executor on 
> > core-dev
> > I0613 17:01:42.739261 37577 executor.cpp:169] Received LAUNCH event
> > I0613 17:01:42.739573 37577 executor.cpp:624] Starting task 
> > 24b4b6bf-db12-416c-8113-cc4c34af6dcf
> > I0613 17:01:42.741453 37577 executor.cpp:468] Running 
> > '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> > '
> > I0613 17:01:42.743849 37577 executor.cpp:636] Forked command at 37611
> > Changing root to 
> > /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS/provisioner/containers/8d2ef480-b21e-48b1-a140-e585a4762969/backends/overlay/rootfses/4517faf0-ff27-49d2-8142-96636b8f8475
> > c: applet not found
> > I0613 17:01:42.906725 37605 executor.cpp:915] Command exited with status 
> > 127 (pid: 37611)
> > /home/jie/workspace/mesos/src/tests/containerizer/cni_isolator_tests.cpp:1526:
> >  Failure
> >   Expected: TASK_FINISHED
> > To be equal to: statusFinished->state()
> >   Which is: TASK_FAILED
> > I0613 17:01:42.918128 37585 exec.cpp:435] Executor asked to shutdown
> > I0613 17:01:42.918589 37592 executor.cpp:169] Received SHUTDOWN event
> > I0613 17:01:42.918645 37592 executor.cpp:733] Shutting down
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts (5056 ms)
> > [--] 1 test from CniIsolatorTest (5057 ms total)
> > 
> > [--] Global test environment tear-down
> > [==] 1 test from 1 test case ran. (5098 ms total)
> > [  PASSED  ] 0 tests.
> > [  FAILED  ] 1 test, listed below:
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > ```
> 
> Jie Yu wrote:
> Added a missing argv[0], still failed for me:
> ```
> [==] Running 1 test from 1 test case.
> [--] Global test environment set-up.
> [--] 1 test from CniIsolatorTest
> [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> Executing pre-exec command 
> '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> Executing pre-exec command 
> '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/slaves\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0\/frameworks\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-\/executors\/55d299b4-2663-4bd5-980a-2b5df95181a4\/runs\/2798da96-2f37-4e27-b737-aa01fc6b4a5d","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/provisioner\/containers\/2798da96-2f37-4e27-b737-aa01fc6b4a5d\/backends\/overlay\/rootfses\/c00bda57-a3eb-435b-9499-2e1c2bfb7a56\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> I0613 17:09:37.193990 36312 exec.cpp:162] Version: 1.4.0
> I0613 17:09:37.209614 36310 exec.cpp:237] Executor registered on agent 
> 31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0
> I0613 17:09:37.213358 36323 executor.cpp:169] Received SUBSCRIBED event
> I0613 17:09:37.214424 36323 executor.cpp:173] Subscribed executor on 
> core-dev
> I0613 17:09:37.214689 36323 executor.cpp:169] Received LAUNCH event
> I0613 17:09:37.214915 36323 executor.cpp:624] Starting task 
> 55d299b4-2663-4bd5-980a-2b5df95181a4
> I0613 17:09:37.216902 36323 executor.cpp:468] Running 
> '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> '
> I0613 17:09:37.219539 36323 executor.cpp:636] Forked command at 36346
> Changing root to 
> /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M/pro

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Jie Yu



> On June 14, 2017, 12:02 a.m., Jie Yu wrote:
> > FYI, this test does not pass on my box:
> > ```
> > [==] Running 1 test from 1 test case.
> > [--] Global test environment set-up.
> > [--] 1 test from CniIsolatorTest
> > [ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > Executing pre-exec command 
> > '{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
> > Executing pre-exec command 
> > '{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/slaves\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0\/frameworks\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-\/executors\/24b4b6bf-db12-416c-8113-cc4c34af6dcf\/runs\/8d2ef480-b21e-48b1-a140-e585a4762969","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/provisioner\/containers\/8d2ef480-b21e-48b1-a140-e585a4762969\/backends\/overlay\/rootfses\/4517faf0-ff27-49d2-8142-96636b8f8475\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
> > I0613 17:01:42.720935 37571 exec.cpp:162] Version: 1.4.0
> > I0613 17:01:42.733803 37597 exec.cpp:237] Executor registered on agent 
> > 3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0
> > I0613 17:01:42.738118 37577 executor.cpp:169] Received SUBSCRIBED event
> > I0613 17:01:42.739022 37577 executor.cpp:173] Subscribed executor on 
> > core-dev
> > I0613 17:01:42.739261 37577 executor.cpp:169] Received LAUNCH event
> > I0613 17:01:42.739573 37577 executor.cpp:624] Starting task 
> > 24b4b6bf-db12-416c-8113-cc4c34af6dcf
> > I0613 17:01:42.741453 37577 executor.cpp:468] Running 
> > '/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
> > '
> > I0613 17:01:42.743849 37577 executor.cpp:636] Forked command at 37611
> > Changing root to 
> > /tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS/provisioner/containers/8d2ef480-b21e-48b1-a140-e585a4762969/backends/overlay/rootfses/4517faf0-ff27-49d2-8142-96636b8f8475
> > c: applet not found
> > I0613 17:01:42.906725 37605 executor.cpp:915] Command exited with status 
> > 127 (pid: 37611)
> > /home/jie/workspace/mesos/src/tests/containerizer/cni_isolator_tests.cpp:1526:
> >  Failure
> >   Expected: TASK_FINISHED
> > To be equal to: statusFinished->state()
> >   Which is: TASK_FAILED
> > I0613 17:01:42.918128 37585 exec.cpp:435] Executor asked to shutdown
> > I0613 17:01:42.918589 37592 executor.cpp:169] Received SHUTDOWN event
> > I0613 17:01:42.918645 37592 executor.cpp:733] Shutting down
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts (5056 ms)
> > [--] 1 test from CniIsolatorTest (5057 ms total)
> > 
> > [--] Global test environment tear-down
> > [==] 1 test from 1 test case ran. (5098 ms total)
> > [  PASSED  ] 0 tests.
> > [  FAILED  ] 1 test, listed below:
> > [  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
> > ```

Added a missing argv[0], still failed for me:
```
[==] Running 1 test from 1 test case.
[--] Global test environment set-up.
[--] 1 test from CniIsolatorTest
[ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
Executing pre-exec command 
'{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
Executing pre-exec command 
'{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/slaves\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0\/frameworks\/31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-\/executors\/55d299b4-2663-4bd5-980a-2b5df95181a4\/runs\/2798da96-2f37-4e27-b737-aa01fc6b4a5d","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M\/provisioner\/containers\/2798da96-2f37-4e27-b737-aa01fc6b4a5d\/backends\/overlay\/rootfses\/c00bda57-a3eb-435b-9499-2e1c2bfb7a56\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
I0613 17:09:37.193990 36312 exec.cpp:162] Version: 1.4.0
I0613 17:09:37.209614 36310 exec.cpp:237] Executor registered on agent 
31e24c6c-cb37-4125-9b4c-d1eb95fea3d9-S0
I0613 17:09:37.213358 36323 executor.cpp:169] Received SUBSCRIBED event
I0613 17:09:37.214424 36323 executor.cpp:173] Subscribed executor on core-dev
I0613 17:09:37.214689 36323 executor.cpp:169] Received LAUNCH event
I0613 17:09:37.214915 36323 executor.cpp:624] Starting task 
55d299b4-2663-4bd5-980a-2b5df95181a4
I0613 17:09:37.216902 36323 executor.cpp:468] Running 
'/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
'
I0613 17:09:37.219539 36323 executor.cpp:636] Forked command at 36346
Changing root to 
/tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_OTI05M/provisioner/containers/2798da96-2f37-4e27-b737-aa01fc6b4a5d/backends/overlay/rootfses/c00bda57-a3eb-435b-9499-2e1c2bfb7a56
/dev/mapper/cento

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Jie Yu


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/#review177834
---



FYI, this test does not pass on my box:
```
[==] Running 1 test from 1 test case.
[--] Global test environment set-up.
[--] 1 test from CniIsolatorTest
[ RUN  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
Executing pre-exec command 
'{"arguments":["mesos-containerizer","mount","--help=false","--operation=make-rslave","--path=\/"],"shell":false,"value":"\/home\/jie\/workspace\/dist\/mesos\/build\/src\/mesos-containerizer"}'
Executing pre-exec command 
'{"arguments":["mount","-n","--rbind","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/slaves\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0\/frameworks\/3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-\/executors\/24b4b6bf-db12-416c-8113-cc4c34af6dcf\/runs\/8d2ef480-b21e-48b1-a140-e585a4762969","\/tmp\/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS\/provisioner\/containers\/8d2ef480-b21e-48b1-a140-e585a4762969\/backends\/overlay\/rootfses\/4517faf0-ff27-49d2-8142-96636b8f8475\/mnt\/mesos\/sandbox"],"shell":false,"value":"mount"}'
I0613 17:01:42.720935 37571 exec.cpp:162] Version: 1.4.0
I0613 17:01:42.733803 37597 exec.cpp:237] Executor registered on agent 
3fd3e062-7fd7-4a6a-b5c3-f59b4e44fa0c-S0
I0613 17:01:42.738118 37577 executor.cpp:169] Received SUBSCRIBED event
I0613 17:01:42.739022 37577 executor.cpp:173] Subscribed executor on core-dev
I0613 17:01:42.739261 37577 executor.cpp:169] Received LAUNCH event
I0613 17:01:42.739573 37577 executor.cpp:624] Starting task 
24b4b6bf-db12-416c-8113-cc4c34af6dcf
I0613 17:01:42.741453 37577 executor.cpp:468] Running 
'/home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch 
'
I0613 17:01:42.743849 37577 executor.cpp:636] Forked command at 37611
Changing root to 
/tmp/CniIsolatorTest_ROOT_INTERNET_CURL_ReadOnlyBindMounts_44c0WS/provisioner/containers/8d2ef480-b21e-48b1-a140-e585a4762969/backends/overlay/rootfses/4517faf0-ff27-49d2-8142-96636b8f8475
c: applet not found
I0613 17:01:42.906725 37605 executor.cpp:915] Command exited with status 127 
(pid: 37611)
/home/jie/workspace/mesos/src/tests/containerizer/cni_isolator_tests.cpp:1526: 
Failure
  Expected: TASK_FINISHED
To be equal to: statusFinished->state()
  Which is: TASK_FAILED
I0613 17:01:42.918128 37585 exec.cpp:435] Executor asked to shutdown
I0613 17:01:42.918589 37592 executor.cpp:169] Received SHUTDOWN event
I0613 17:01:42.918645 37592 executor.cpp:733] Shutting down
[  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts (5056 ms)
[--] 1 test from CniIsolatorTest (5057 ms total)

[--] Global test environment tear-down
[==] 1 test from 1 test case ran. (5098 ms total)
[  PASSED  ] 0 tests.
[  FAILED  ] 1 test, listed below:
[  FAILED  ] CniIsolatorTest.ROOT_INTERNET_CURL_ReadOnlyBindMounts
```

- Jie Yu


On June 13, 2017, 10:14 p.m., Silas Snider wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58250/
> ---
> 
> (Updated June 13, 2017, 10:14 p.m.)
> 
> 
> Review request for mesos and Jie Yu.
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Test that bind-mounted host network configuration is mounted readonly.
> 
> 
> Diffs
> -
> 
>   src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 
> 
> 
> Diff: https://reviews.apache.org/r/58250/diff/2/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Silas Snider
> 
>

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Mesos Reviewbot Windows


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/#review177831
---



Patch looks great!

Reviews applied: [57884, 58250]

Passed command: support\windows-build.bat

- Mesos Reviewbot Windows


On June 13, 2017, 10:14 p.m., Silas Snider wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58250/
> ---
> 
> (Updated June 13, 2017, 10:14 p.m.)
> 
> 
> Review request for mesos and Jie Yu.
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Test that bind-mounted host network configuration is mounted readonly.
> 
> 
> Diffs
> -
> 
>   src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 
> 
> 
> Diff: https://reviews.apache.org/r/58250/diff/2/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Silas Snider
> 
>

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

(Updated June 13, 2017, 10:14 p.m.)


Review request for mesos and Jie Yu.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs (updated)
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/2/

Changes: https://reviews.apache.org/r/58250/diff/1-2/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Jie Yu


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/#review177808
---


Fix it, then Ship it!





src/tests/containerizer/cni_isolator_tests.cpp
Lines 1451 (patched)


Let's add INTERNET_CURL filter here because this requires docker registry



src/tests/containerizer/cni_isolator_tests.cpp
Lines 1490 (patched)


I would split this into multiple lines. Also, please use multiple lines to 
stick to our style guide:

```
// Verify that the files are not readonly.
command.add_arguments(
  R"~(
  mount | grep /etc/hosts &&
  test -w /etc/hosts &&
  test -w /etc/resolv.conf &&
  test -w /etc/hostname
  )~");
```


- Jie Yu


On June 13, 2017, 4:49 p.m., Silas Snider wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58250/
> ---
> 
> (Updated June 13, 2017, 4:49 p.m.)
> 
> 
> Review request for mesos and Jie Yu.
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Test that bind-mounted host network configuration is mounted readonly.
> 
> 
> Diffs
> -
> 
>   src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 
> 
> 
> Diff: https://reviews.apache.org/r/58250/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Silas Snider
> 
>

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Mesos Reviewbot Windows


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/#review177752
---



Bad review!

Reviews applied: []

Error:
No reviewers specified. Please find a reviewer by asking on JIRA or the mailing 
list.

- Mesos Reviewbot Windows


On June 13, 2017, 3:42 p.m., Silas Snider wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58250/
> ---
> 
> (Updated June 13, 2017, 3:42 p.m.)
> 
> 
> Review request for mesos.
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Test that bind-mounted host network configuration is mounted readonly.
> 
> 
> Diffs
> -
> 
>   src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 
> 
> 
> Diff: https://reviews.apache.org/r/58250/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Silas Snider
> 
>

Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

2017-06-13 Thread Silas Snider


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58250/
---

Review request for mesos.


Repository: mesos


Description
---

Test that bind-mounted host network configuration is mounted readonly.


Diffs
-

  src/tests/containerizer/cni_isolator_tests.cpp 3a5f4ebd4 


Diff: https://reviews.apache.org/r/58250/diff/1/


Testing
---


Thanks,

Silas Snider

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Re: Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

Review Request 58250: Test that bind-mounted host network configuration is mounted readonly.

17 matches

Site Navigation

Mail list logo

Footer information