date:20170408

Re: Review Request 58200: Fix mesos runs with docker(pid namespace mismatch).

2017-04-08 Thread Mesos Reviewbot


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58200/#review171403
---



Patch looks great!

Reviews applied: [58200]

Passed command: export OS='ubuntu:14.04' BUILDTOOL='autotools' COMPILER='gcc' 
CONFIGURATION='--verbose' ENVIRONMENT='GLOG_v=1 MESOS_VERBOSE=1'; 
./support/docker-build.sh

- Mesos Reviewbot


On April 8, 2017, 11:12 a.m., Deshi Xiao wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58200/
> ---
> 
> (Updated April 8, 2017, 11:12 a.m.)
> 
> 
> Review request for mesos, Alexander Rukletsov and haosdent huang.
> 
> 
> Bugs: MESOS-7210
> https://issues.apache.org/jira/browse/MESOS-7210
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Becuase MESOS HTTP checks doesn't work when mesos runs with
> --docker_mesos_image ( pid namespace mismatch ).So let docker
> executor run with container add host pid mapping(--pid=host)
> 
> 
> Diffs
> -
> 
>   src/slave/containerizer/docker.cpp be1a298b12374bced44e2467cb7e90a1599abb8f 
> 
> 
> Diff: https://reviews.apache.org/r/58200/diff/3/
> 
> 
> Testing
> ---
> 
> 1. Build the image with latest code. Let's name the image with `mesos-build` 
> here.
> 
> 2. Launch mesos master.
> 
> ```
> $ docker run \
>   -it \
>   --pid host \
>   --net host \
>   --privileged \
>   -v /var/run/docker.sock:/var/run/docker.sock \
>   -v /sys/fs/cgroup:/sys/fs/cgroup \
>   mesos-build \
>   mesos-master \
>   --hostname=127.0.0.1 \
>   --ip=127.0.0.1 \
>   --port=5050 \
>   --work_dir=/tmp/mesos
> ```
> 
> 3. Launch mesos agent.
> 
> ```
> $ docker run \
>   -it \
>   --pid host \
>   --net host \
>   --privileged \
>   -v /var/run/docker.sock:/var/run/docker.sock \
>   -v /sys/fs/cgroup:/sys/fs/cgroup \
>   mesos-build \
>   mesos-agent \
>   --hostname=127.0.0.1 \
>   --ip=127.0.0.1 \
>   --master=127.0.0.1:5050 \
>   --systemd_enable_support=false \
>   --work_dir=/tmp/mesos \
>   --containerizers=docker,mesos \
>   --docker_mesos_image=mesos-build
> ```
> 
> 4. Launch task with health check.
> 
> Define the task with health check.
> 
> ```
> $ cat /tmp/task.json
> {
>   "name": "test-health-check",
>   "task_id": {"value" : "test-health-check"},
>   "agent_id": {"value" : ""},
>   "resources": [
> {
>   "name": "cpus",
>   "type": "SCALAR",
>   "scalar": {
> "value": 0.1
>   },
>   "role": "*"
> },
> {
>   "name": "mem",
>   "type": "SCALAR",
>   "scalar": {
> "value": 32
>   },
>   "role": "*"
> }
>   ],
>   "command": {
> "value": "sleep 1000"
>   },
>   "container": {
> "type": "DOCKER",
> "volumes": [],
> "docker": {
>   "image": "mesos-build",
>   "network": "HOST"
> }
>   },
>   "health_check": {
> "type": "HTTP",
> "http": {
>   "scheme": "http",
>   "port": 5050
> },
> "gracePeriodSeconds": 300,
> "intervalSeconds": 60,
> "timeoutSeconds": 20,
> "maxConsecutiveFailures": 3
>   }
> }
> ```
> 
> Lauch task
> 
> ```
> $ mesos-execute --master=127.0.0.1:5050 --task=/tmp/task.json
> ```
> 
> And verified the healthy status of task is correct.
> 
> ```
> I0407 16:29:57.258509 88767 health_checker.cpp:123] Entered the net namespace 
> of task (pid: '88727') successfully
> I0407 16:29:57.334801 88643 health_checker.cpp:395] Performed HTTP health 
> check for task 'test-health-check' in 86.311186ms
> I0407 16:29:57.334872 88643 health_checker.cpp:319] HTTP health check for 
> task 'test-health-check' passed
> ```
> 
> 
> Thanks,
> 
> Deshi Xiao
> 
>

Re: Review Request 58200: Fix mesos runs with docker(pid namespace mismatch).

2017-04-08 Thread haosdent huang


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58200/#review171402
---




src/slave/containerizer/docker.cpp
Lines 366 (patched)


I think it is fine to use priviliged to lauch mesos-executor. But after 
discussed with @xiaods, let me find if we could avoid to use privileged via 
--cap-add.


- haosdent huang


On April 8, 2017, 11:12 a.m., Deshi Xiao wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58200/
> ---
> 
> (Updated April 8, 2017, 11:12 a.m.)
> 
> 
> Review request for mesos, Alexander Rukletsov and haosdent huang.
> 
> 
> Bugs: MESOS-7210
> https://issues.apache.org/jira/browse/MESOS-7210
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Becuase MESOS HTTP checks doesn't work when mesos runs with
> --docker_mesos_image ( pid namespace mismatch ).So let docker
> executor run with container add host pid mapping(--pid=host)
> 
> 
> Diffs
> -
> 
>   src/slave/containerizer/docker.cpp be1a298b12374bced44e2467cb7e90a1599abb8f 
> 
> 
> Diff: https://reviews.apache.org/r/58200/diff/3/
> 
> 
> Testing
> ---
> 
> 1. Build the image with latest code. Let's name the image with `mesos-build` 
> here.
> 
> 2. Launch mesos master.
> 
> ```
> $ docker run \
>   -it \
>   --pid host \
>   --net host \
>   --privileged \
>   -v /var/run/docker.sock:/var/run/docker.sock \
>   -v /sys/fs/cgroup:/sys/fs/cgroup \
>   mesos-build \
>   mesos-master \
>   --hostname=127.0.0.1 \
>   --ip=127.0.0.1 \
>   --port=5050 \
>   --work_dir=/tmp/mesos
> ```
> 
> 3. Launch mesos agent.
> 
> ```
> $ docker run \
>   -it \
>   --pid host \
>   --net host \
>   --privileged \
>   -v /var/run/docker.sock:/var/run/docker.sock \
>   -v /sys/fs/cgroup:/sys/fs/cgroup \
>   mesos-build \
>   mesos-agent \
>   --hostname=127.0.0.1 \
>   --ip=127.0.0.1 \
>   --master=127.0.0.1:5050 \
>   --systemd_enable_support=false \
>   --work_dir=/tmp/mesos \
>   --containerizers=docker,mesos \
>   --docker_mesos_image=mesos-build
> ```
> 
> 4. Launch task with health check.
> 
> Define the task with health check.
> 
> ```
> $ cat /tmp/task.json
> {
>   "name": "test-health-check",
>   "task_id": {"value" : "test-health-check"},
>   "agent_id": {"value" : ""},
>   "resources": [
> {
>   "name": "cpus",
>   "type": "SCALAR",
>   "scalar": {
> "value": 0.1
>   },
>   "role": "*"
> },
> {
>   "name": "mem",
>   "type": "SCALAR",
>   "scalar": {
> "value": 32
>   },
>   "role": "*"
> }
>   ],
>   "command": {
> "value": "sleep 1000"
>   },
>   "container": {
> "type": "DOCKER",
> "volumes": [],
> "docker": {
>   "image": "mesos-build",
>   "network": "HOST"
> }
>   },
>   "health_check": {
> "type": "HTTP",
> "http": {
>   "scheme": "http",
>   "port": 5050
> },
> "gracePeriodSeconds": 300,
> "intervalSeconds": 60,
> "timeoutSeconds": 20,
> "maxConsecutiveFailures": 3
>   }
> }
> ```
> 
> Lauch task
> 
> ```
> $ mesos-execute --master=127.0.0.1:5050 --task=/tmp/task.json
> ```
> 
> And verified the healthy status of task is correct.
> 
> ```
> I0407 16:29:57.258509 88767 health_checker.cpp:123] Entered the net namespace 
> of task (pid: '88727') successfully
> I0407 16:29:57.334801 88643 health_checker.cpp:395] Performed HTTP health 
> check for task 'test-health-check' in 86.311186ms
> I0407 16:29:57.334872 88643 health_checker.cpp:319] HTTP health check for 
> task 'test-health-check' passed
> ```
> 
> 
> Thanks,
> 
> Deshi Xiao
> 
>

Re: Review Request 58200: Fix mesos runs with docker(pid namespace mismatch).

2017-04-08 Thread Deshi Xiao


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58200/
---

(Updated 四月 8, 2017, 11:12 a.m.)


Review request for mesos, Alexander Rukletsov and haosdent huang.


Changes
---

Thanks haosdent.


Summary (updated)
-

Fix mesos runs with docker(pid namespace mismatch).


Bugs: MESOS-7210
https://issues.apache.org/jira/browse/MESOS-7210


Repository: mesos


Description (updated)
---

Becuase MESOS HTTP checks doesn't work when mesos runs with
--docker_mesos_image ( pid namespace mismatch ).So let docker
executor run with container add host pid mapping(--pid=host)


Diffs (updated)
-

  src/slave/containerizer/docker.cpp be1a298b12374bced44e2467cb7e90a1599abb8f 


Diff: https://reviews.apache.org/r/58200/diff/3/

Changes: https://reviews.apache.org/r/58200/diff/2-3/


Testing
---

1. Build the image with latest code. Let's name the image with `mesos-build` 
here.

2. Launch mesos master.

```
$ docker run \
-it \
--pid host \
--net host \
--privileged \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /sys/fs/cgroup:/sys/fs/cgroup \
mesos-build \
mesos-master \
--hostname=127.0.0.1 \
--ip=127.0.0.1 \
--port=5050 \
--work_dir=/tmp/mesos
```

3. Launch mesos agent.

```
$ docker run \
-it \
--pid host \
--net host \
--privileged \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /sys/fs/cgroup:/sys/fs/cgroup \
mesos-build \
mesos-agent \
--hostname=127.0.0.1 \
--ip=127.0.0.1 \
--master=127.0.0.1:5050 \
--systemd_enable_support=false \
--work_dir=/tmp/mesos \
--containerizers=docker,mesos \
--docker_mesos_image=mesos-build
```

4. Launch task with health check.

Define the task with health check.

```
$ cat /tmp/task.json
{
  "name": "test-health-check",
  "task_id": {"value" : "test-health-check"},
  "agent_id": {"value" : ""},
  "resources": [
{
  "name": "cpus",
  "type": "SCALAR",
  "scalar": {
"value": 0.1
  },
  "role": "*"
},
{
  "name": "mem",
  "type": "SCALAR",
  "scalar": {
"value": 32
  },
  "role": "*"
}
  ],
  "command": {
"value": "sleep 1000"
  },
  "container": {
"type": "DOCKER",
"volumes": [],
"docker": {
  "image": "mesos-build",
  "network": "HOST"
}
  },
  "health_check": {
"type": "HTTP",
"http": {
  "scheme": "http",
  "port": 5050
},
"gracePeriodSeconds": 300,
"intervalSeconds": 60,
"timeoutSeconds": 20,
"maxConsecutiveFailures": 3
  }
}
```

Lauch task

```
$ mesos-execute --master=127.0.0.1:5050 --task=/tmp/task.json
```

And verified the healthy status of task is correct.

```
I0407 16:29:57.258509 88767 health_checker.cpp:123] Entered the net namespace 
of task (pid: '88727') successfully
I0407 16:29:57.334801 88643 health_checker.cpp:395] Performed HTTP health check 
for task 'test-health-check' in 86.311186ms
I0407 16:29:57.334872 88643 health_checker.cpp:319] HTTP health check for task 
'test-health-check' passed
```


Thanks,

Deshi Xiao

Re: Review Request 58200: Augmented release guide with GPG goodies and a formatting reminder.

2017-04-08 Thread Deshi Xiao


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58200/
---

(Updated 四月 8, 2017, 11:03 a.m.)


Review request for mesos, Alexander Rukletsov and haosdent huang.


Changes
---

with haosdent helps. update new patch.


Summary (updated)
-

Augmented release guide with GPG goodies and a formatting reminder.


Bugs: MESOS-7210
https://issues.apache.org/jira/browse/MESOS-7210


Repository: mesos


Description (updated)
---

Review: https://reviews.apache.org/r/58101

Replaced  tags with formatting in release guide for consistency.

Review: https://reviews.apache.org/r/58103

Used operator<< for `CheckStatusInfo` instead of manual printing.

Review: https://reviews.apache.org/r/58108

Fixed a regression hiding previously exposed master and agent flags.

In f441eb9 we in a number of places changed  how 'Flag's were added to
'Flags' by moving from ad-hoc invocations of 'FlagsBase::add' on
particular instances to proper 'Flags' member variables. This was needed
to ensure 'Flags' instances could always safely be copied. For that we
introduced local derived 'Flags' classes to support localized parsing
needs. At the same time, this implementation strategy led to these these
local variables not being accessible through instances of the original
class anymore (this was inevitable when making 'Flags' classes properly
copyable), which e.g., causes a regression in the flags displayed in a
master's '/flags' endpoint.

This commit moves the flags into the respective base class removing the
local classes so that all passed flags are exposed to users.

Review: https://reviews.apache.org/r/57994/

Updated the container image doc about the support of capabilities.

Review: https://reviews.apache.org/r/58117

Updated the container image doc about Docker networking support.

Review: https://reviews.apache.org/r/58118

Fixed a link in the container image doc.


Fixed a formatting issue in executor.proto.


Added Armand Grillet to the contributors list.


Documentation updates to reflect multi-role framework support.

This also updates the roles documentation to reflect the vision
of roles representing the resource consumer.

Review: https://reviews.apache.org/r/58055

Added MULTI_ROLE support to the upgrades documentation.

Review: https://reviews.apache.org/r/58061

Added the design doc for resource provider and CSI.


Removed an old comment from 'v1/mesos.proto'.

This patch removes an old comment in 'include/v1/mesos.proto'
regarding the `DiskInfo.persistence.principal` field. Commit
73790d3c141f91cc3a8f546091ac62594995b788 removed this comment
from 'include/mesos.proto', but neglected to update the v1
proto definitions.

Review: https://reviews.apache.org/r/58150/

Avoid various redundant copies.

Spotted using the "performance-unnecessary-copy-initialization"
clang-tidy check.

Review: https://reviews.apache.org/r/58040

Don't mark a value parameter `const`.

This has no effect on the function's signature.

Spotted using the "readability-avoid-const-params-in-decls" clang-tidy
check.

Review: https://reviews.apache.org/r/58041

Remove unused include in libprocess.

Review: https://reviews.apache.org/r/58042

Cleaned up usage of namespace-qualified identifiers.

Review: https://reviews.apache.org/r/58043

Removed unused "using" statements.

Review: https://reviews.apache.org/r/58044

Adjust `using` style in a few places.

When an identifier is used many times in an implementation file, we
typically add a `using` statement for that identifier.

Review: https://reviews.apache.org/r/58084

Fixed whitespace.


Fixed 'CombinedAuthenticator' to avoid an extra copy.

This patch adds a missing call to `std::move` in the constructor
for `CombinedAuthenticatorProcess` to avoid an unnecessary copy.

Review: https://reviews.apache.org/r/58173/

Fixed the signatures of some test helpers.

This patch fixes some test helpers for
'CombinedAuthenticatorTest.MultipleAuthenticators' to
accept their parameters as const ref.

Review: https://reviews.apache.org/r/58174/

Fixed an iterator bug in 'CombinedAuthenticator::authenticate()'.

This patch updates the `loop()` logic within
`CombinedAuthenticatorProcess::authenticate()` to fix a bug
in which an iterator is incremented past the end of its vector.

Review: https://reviews.apache.org/r/58175/

Fixed some consistency issues in the type utils.


Added resource provider API protobuf template.

Resource provider API will be Event/Call based, similar to the
scheduler or executor API. Resource providers will use this API to
interact with the master, sending Calls to the master and receiving
Event from the master.

Review: https://reviews.apache.org/r/58133

Linked task group doc from home.md.

Review: https://reviews.apache.org/r/58188

Windows: Stout: Rewrote job object wrappers.

`os::create_job` now returns a `Try`

Re: Review Request 58200: Fix mesos runs with docker(pid namespace mismatch).

Re: Review Request 58200: Fix mesos runs with docker(pid namespace mismatch).

Re: Review Request 58200: Fix mesos runs with docker(pid namespace mismatch).

Re: Review Request 58200: Augmented release guide with GPG goodies and a formatting reminder.

4 matches

Site Navigation

Mail list logo

Footer information