Hi Xiaodong, If you follow the reviewboard you'll see that the fix is not correct, I believe Jojy will be posting a new patch.
Tim On Fri, Oct 30, 2015 at 6:58 PM, Xiaodong Zhang <[email protected]> wrote: > it is still not working! > > Only if I remove SSL_ENABLED from envs before I start the slave it works > well. > > I applied the patch in version 0.24.1. And rebuild it with `--enable-libevent > --enable-ssl` 。 > > 发件人: Xiaodong Zhang <[email protected]> > 日期: 2015年10月31日 星期六 上午7:45 > > 至: "[email protected]" <[email protected]> > 主题: Re: Can't start docker container when SSL_ENABLED is on. > > Thanks Jojy. > > I will patch this in version 0.24.1, and rebuild it. I will let you know > if it work well after I finish testing. > > 发件人: Jojy Varghese <[email protected]> > 答复: "[email protected]" <[email protected]> > 日期: 2015年10月31日 星期六 上午12:45 > 至: "[email protected]" <[email protected]> > 主题: Re: Can't start docker container when SSL_ENABLED is on. > > Thanks Xiaodong. > > Based on the hypothesis that the container process launched with > SSL_ENABLED in environment is the problem, I have created a patch > https://reviews.apache.org/r/39818/. This might be a quick and dirty was > to test the hypothesis. Would it be possible for you to test again after > applying the patch? > > -Jojy > > > > On Oct 30, 2015, at 8:29 AM, Xiaodong Zhang <[email protected]> wrote: > > Thanks @Jojy > > > > Flags at startup: --appc_store_dir="/tmp/mesos/store/appc" > --authenticatee="crammd5" --cgroups_cpu_enable_pids_and_tids_count="false" > --cgroups_enable_cfs="false" --cgroups_hierarchy="/sys/fs/cgroup" > --cgroups_limit_swap="false" --cgroups_root="mesos" > --container_disk_watch_interval="15secs" --containerizers="docker,mesos" > --credential="/etc/mesos-slave-auth" --default_role="*" > --disk_watch_interval="1mins" --docker="/usr/bin/docker" > --docker_kill_orphans="true" --docker_remove_delay="6hrs" > --docker_socket="/var/run/docker.sock" --docker_stop_timeout="0ns" > --enforce_container_disk_quota="false" > --executor_registration_timeout="1hrs" > --executor_shutdown_grace_period="5secs" > --fetcher_cache_dir="/tmp/mesos/fetch" --fetcher_cache_size="2GB" > --frameworks_home="" --gc_delay="1weeks" --gc_disk_headroom="0.1" > --hadoop_home="" --help="false" --initialize_driver_logging="true" > --isolation="posix/cpu,posix/mem" --launcher_dir="/usr/libexec/mesos" > --log_dir="/var/log/mesos" --logbufsecs="0" --logging_level="INFO" > --master="zk://172.31.43.77:2181,172.31.44.2:2181,172.31.36.91:2181/mesos" > --oversubscribed_resources_interval="15secs" --perf_duration="10secs" > --perf_interval="1mins" --port="5051" --qos_correction_interval_min="0ns" > --quiet="false" --recover="reconnect" --recovery_timeout="15mins" > --registration_backoff_factor="1secs" > --resource_monitoring_interval="1secs" --revocable_cpu_low_priority="true" > --sandbox_directory="/mnt/mesos/sandbox" --strict="true" > --switch_user="true" --version="false" --work_dir="/tmp/mesos" > > 发件人: Jojy Varghese <[email protected]> > 答复: "[email protected]" <[email protected]> > 日期: 2015年10月30日 星期五 下午11:17 > 至: "[email protected]" <[email protected]> > 主题: Re: Can't start docker container when SSL_ENABLED is on. > > Hi Xiaodong > This might be because the executor inherits the SSL environment > variables of slave and thus expects SSL key password to launch. Could you > please add the part of the slave logs that says "Flags at startup” so that > we can have more information? > > thanks > Jojy > > > On Oct 29, 2015, at 8:55 PM, Xiaodong Zhang <[email protected]> wrote: > > Thanks a lot !~ @haosent > > 发件人: haosdent <[email protected]> > 答复: "[email protected]" <[email protected]> > 日期: 2015年10月30日 星期五 上午11:45 > 至: user <[email protected]> > 主题: Re: Can't start docker container when SSL_ENABLED is on. > > Hi, @Xiaodong I interested in your problem. But recently days I don't have > enough time to try reproduce your problem. I think I could try to dig your > problem at this Sunday and give you feedback. > > On Fri, Oct 30, 2015 at 11:30 AM, Xiaodong Zhang <[email protected]> > wrote: > >> Anybody know about this? >> >> 发件人: Xiaodong Zhang <[email protected]> >> 答复: "[email protected]" <[email protected]> >> 日期: 2015年10月29日 星期四 下午7:38 >> >> 至: "[email protected]" <[email protected]> >> 主题: Re: Can't start docker container when SSL_ENABLED is on. >> >> I think it is easy to reproduce this error. >> >> Start master with env: >> >> SSL_SUPPORT_DOWNGRADE >> SSL_ENABLED >> SSL_KEY_FILE >> SSL_CERT_FILE >> >> Start slave with env: >> >> SSL_ENABLED >> SSL_KEY_FILE >> SSL_CERT_FILE >> LIBPROCESS_ADVERTISE_IP >> >> >> Then run a docker task via marathon. >> >> 发件人: Xiaodong Zhang <[email protected]> >> 日期: 2015年10月29日 星期四 下午3:09 >> 至: "[email protected]" <[email protected]> >> 主题: Re: Can't start docker container when SSL_ENABLED is on. >> >> So now, mesos task work well but docker task doesn’t. >> >> 发件人: Xiaodong Zhang <[email protected]> >> 答复: "[email protected]" <[email protected]> >> 日期: 2015年10月29日 星期四 下午2:08 >> 至: "[email protected]" <[email protected]> >> 主题: Re: Can't start docker container when SSL_ENABLED is on. >> >> I run a task by marathon: >> >> { >> "id": "basic-0", >> "cmd": "while [ true ] ; do echo 'Hello Marathon' ; sleep 5 ; done", >> "cpus": 0.1, >> "mem": 10.0, >> "instances": 1} >> >> >> It works well. >> >> <742629F2-78E8-43F2-9015-F3D22720826B.png> >> >> Docker task can pull image but can’t run as I mentioned. >> >> My docker version 1.5.0 >> >> 发件人: Tim Chen <[email protected]> >> 答复: "[email protected]" <[email protected]> >> 日期: 2015年10月29日 星期四 下午1:48 >> 至: "[email protected]" <[email protected]> >> 主题: Re: Can't start docker container when SSL_ENABLED is on. >> >> Does running a task without docker container (Mesos containerizer) works >> with ssl in your environment? >> >> Tim >> >> On Wed, Oct 28, 2015 at 10:19 PM, Xiaodong Zhang <[email protected]> >> wrote: >> >>> Thanks a lot. I find the log file in slave. >>> >>> One of the task: >>> >>> Stdout: >>> >>> --container="mesos-20151029-043755-3549436724-5050-5674-S0.e2c2580f-8082-4f17-b0cc-4e32e040d444" >>> --docker="/home/ubuntu/luna/bin/docker" --help="false" >>> --initialize_driver_logging="true" --logbufsecs="0" --logging_level="INFO" >>> --mapped_directory="/mnt/mesos/sandbox" --quiet="false" >>> --sandbox_directory="/tmp/mesos/slaves/20151029-043755-3549436724-5050-5674-S0/frameworks/20151029-043755-3549436724-5050-5674-0000/executors/e4a3bed5-64e6-4970-8bb1-df6404656a48.e3a20f3b-7dfb-11e5-b57b-0247b493b22f/runs/e2c2580f-8082-4f17-b0cc-4e32e040d444" >>> --stop_timeout="0ns" >>> --container="mesos-20151029-043755-3549436724-5050-5674-S0.e2c2580f-8082-4f17-b0cc-4e32e040d444" >>> --docker="/home/ubuntu/luna/bin/docker" --help="false" >>> --initialize_driver_logging="true" --logbufsecs="0" --logging_level="INFO" >>> --mapped_directory="/mnt/mesos/sandbox" --quiet="false" >>> --sandbox_directory="/tmp/mesos/slaves/20151029-043755-3549436724-5050-5674-S0/frameworks/20151029-043755-3549436724-5050-5674-0000/executors/e4a3bed5-64e6-4970-8bb1-df6404656a48.e3a20f3b-7dfb-11e5-b57b-0247b493b22f/runs/e2c2580f-8082-4f17-b0cc-4e32e040d444" >>> --stop_timeout="0ns" >>> Shutting down >>> >>> Stderr: >>> >>> I1029 05:14:06.529364 27862 fetcher.cpp:414] Fetcher Info: >>> {"cache_directory":"\/tmp\/mesos\/fetch\/slaves\/20151029-043755-3549436724-5050-5674-S0","items":[{"action":"BYPASS_CACHE","uri":{"extract":false,"value":"file:\/\/\/etc\/.dockercfg"}}],"sandbox_directory":"\/tmp\/mesos\/slaves\/20151029-043755-3549436724-5050-5674-S0\/frameworks\/20151029-043755-3549436724-5050-5674-0000\/executors\/e4a3bed5-64e6-4970-8bb1-df6404656a48.e3a20f3b-7dfb-11e5-b57b-0247b493b22f\/runs\/e2c2580f-8082-4f17-b0cc-4e32e040d444"} >>> I1029 05:14:06.530562 27862 fetcher.cpp:369] Fetching URI ' >>> file:///etc/.dockercfg' >>> I1029 05:14:06.530580 27862 fetcher.cpp:243] Fetching directly into the >>> sandbox directory >>> I1029 05:14:06.530594 27862 fetcher.cpp:180] Fetching URI ' >>> file:///etc/.dockercfg' >>> I1029 05:14:06.530609 27862 fetcher.cpp:160] Copying resource with >>> command:cp '/etc/.dockercfg' >>> '/tmp/mesos/slaves/20151029-043755-3549436724-5050-5674-S0/frameworks/20151029-043755-3549436724-5050-5674-0000/executors/e4a3bed5-64e6-4970-8bb1-df6404656a48.e3a20f3b-7dfb-11e5-b57b-0247b493b22f/runs/e2c2580f-8082-4f17-b0cc-4e32e040d444/.dockercfg' >>> I1029 05:14:06.532165 27862 fetcher.cpp:446] Fetched ' >>> file:///etc/.dockercfg' to >>> '/tmp/mesos/slaves/20151029-043755-3549436724-5050-5674-S0/frameworks/20151029-043755-3549436724-5050-5674-0000/executors/e4a3bed5-64e6-4970-8bb1-df6404656a48.e3a20f3b-7dfb-11e5-b57b-0247b493b22f/runs/e2c2580f-8082-4f17-b0cc-4e32e040d444/.dockercfg' >>> I1029 05:14:07.782054 27955 exec.cpp:133] Version: 0.24.1 >>> I1029 05:14:07.785039 27963 exec.cpp:462] Slave exited ... shutting down >>> E1029 05:14:07.785158 27964 socket.hpp:174] Shutdown failed on fd=7: >>> Transport endpoint is not connected [107] >>> >>> 发件人: haosdent <[email protected]> >>> 答复: "[email protected]" <[email protected]> >>> 日期: 2015年10月29日 星期四 下午1:13 >>> >>> 至: user <[email protected]> >>> 主题: Re: Can't start docker container when SSL_ENABLED is on. >>> >>> <5185_02_04.png> >>> <5185_02_07.png> >>> >>> I capture how I find tasks log in my local webui, could you find the >>> stderr and stdout for your tasks according above screenshots? >>> >>> >>> On Thu, Oct 29, 2015 at 1:07 PM, Xiaodong Zhang <[email protected]> >>> wrote: >>> >>>> I didn’t see some useful info. >>>> >>>> In mesos slave log, there is a line : >>>> I1029 03:29:53.160143 9292 slave.cpp:3399] Executor >>>> '279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713' >>>> of framework 20151029-031549-1294671788-5050-4937-0000 terminated with >>>> signal Killed >>>> >>>> I check the normal log, it shows: >>>> >>>> I1014 15:22:21.276007 23163 slave.cpp:3326] Executor >>>> 'ffc08dce-997f-41f7-9b03-57c1b4bc1f85.47ed02aa-7285-11e5-80d7-000d3a8033de' >>>> of framework 20150814-115157-1677721866-5050-6185-0000 exited with >>>> status 0 >>>> >>>> Is this helpful? >>>> >>>> 发件人: Xiaodong Zhang <[email protected]> >>>> 答复: "[email protected]" <[email protected]> >>>> 日期: 2015年10月29日 星期四 下午12:59 >>>> 至: "[email protected]" <[email protected]> >>>> >>>> 主题: Re: Can't start docker container when SSL_ENABLED is on. >>>> >>>> <9D46724C-457C-4BE1-B0E4-F57B147F6DC8.png> >>>> >>>> The webui have a LOG link, when click it shows like this: >>>> >>>> I1029 04:44:32.293445 5697 http.cpp:321] HTTP GET for >>>> /master/state.json from 114.113.20.135:55682 with >>>> User-Agent='Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) >>>> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36' >>>> I1029 04:44:34.533504 5704 master.cpp:4613] Sending 1 offers to >>>> framework 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:34.539579 5702 master.cpp:2739] Processing ACCEPT call for >>>> offers: [ 20151029-043755-3549436724-5050-5674-O2 ] on slave >>>> 20151029-043755-3549436724-5050-5674-S0 at slave(1)@50.112.136.148:5051 >>>> (ec2-50-112-136-148.us-west-2.compute.amazonaws.com) for framework >>>> 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:34.539710 5702 hierarchical.hpp:814] Recovered cpus(*):1; >>>> mem(*):999; disk(*):3962; ports(*):[31000-32000] (total: cpus(*):1; >>>> mem(*):999; disk(*):3962; ports(*):[31000-32000], allocated: ) on slave >>>> 20151029-043755-3549436724-5050-5674-S0 from framework >>>> 20151029-043755-3549436724-5050-5674-0000 >>>> I1029 04:44:37.360901 5703 master.cpp:4294] Performing implicit task >>>> state reconciliation for framework >>>> 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:40.539989 5704 master.cpp:4613] Sending 1 offers to >>>> framework 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:40.610321 5702 master.cpp:2739] Processing ACCEPT call for >>>> offers: [ 20151029-043755-3549436724-5050-5674-O3 ] on slave >>>> 20151029-043755-3549436724-5050-5674-S0 at slave(1)@50.112.136.148:5051 >>>> (ec2-50-112-136-148.us-west-2.compute.amazonaws.com) for framework >>>> 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:40.610846 5702 master.hpp:170] Adding task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> with resources cpus(*):0.0625; mem(*):256; ports(*):[31864-31864] on slave >>>> 20151029-043755-3549436724-5050-5674-S0 ( >>>> ec2-50-112-136-148.us-west-2.compute.amazonaws.com) >>>> I1029 04:44:40.610911 5702 master.cpp:3069] Launching task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> of framework 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 with >>>> resources cpus(*):0.0625; mem(*):256; ports(*):[31864-31864] on slave >>>> 20151029-043755-3549436724-5050-5674-S0 at slave(1)@50.112.136.148:5051 >>>> (ec2-50-112-136-148.us-west-2.compute.amazonaws.com) >>>> I1029 04:44:40.611095 5702 hierarchical.hpp:814] Recovered >>>> cpus(*):0.9375; mem(*):743; disk(*):3962; ports(*):[31000-31863, >>>> 31865-32000] (total: cpus(*):1; mem(*):999; disk(*):3962; >>>> ports(*):[31000-32000], allocated: cpus(*):0.0625; mem(*):256; >>>> ports(*):[31864-31864]) on slave 20151029-043755-3549436724-5050-5674-S0 >>>> from framework 20151029-043755-3549436724-5050-5674-0000 >>>> I1029 04:44:43.324970 5698 http.cpp:321] HTTP GET for >>>> /master/state.json from 114.113.20.135:55682 with >>>> User-Agent='Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) >>>> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36' >>>> I1029 04:44:46.546671 5703 master.cpp:4613] Sending 1 offers to >>>> framework 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:46.557266 5699 master.cpp:2739] Processing ACCEPT call for >>>> offers: [ 20151029-043755-3549436724-5050-5674-O4 ] on slave >>>> 20151029-043755-3549436724-5050-5674-S0 at slave(1)@50.112.136.148:5051 >>>> (ec2-50-112-136-148.us-west-2.compute.amazonaws.com) for framework >>>> 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 >>>> I1029 04:44:46.557394 5699 hierarchical.hpp:814] Recovered >>>> cpus(*):0.9375; mem(*):743; disk(*):3962; ports(*):[31000-31863, >>>> 31865-32000] (total: cpus(*):1; mem(*):999; disk(*):3962; >>>> ports(*):[31000-32000], allocated: cpus(*):0.0625; mem(*):256; >>>> ports(*):[31864-31864]) on slave 20151029-043755-3549436724-5050-5674-S0 >>>> from framework 20151029-043755-3549436724-5050-5674-0000 >>>> I1029 04:44:47.267562 5700 master.cpp:4069] Status update TASK_FAILED >>>> (UUID: 0ea607fc-bf24-4bda-b107-55a54aba31cf) for task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> of framework 20151029-043755-3549436724-5050-5674-0000 from slave >>>> 20151029-043755-3549436724-5050-5674-S0 at slave(1)@50.112.136.148:5051 >>>> (ec2-50-112-136-148.us-west-2.compute.amazonaws.com) >>>> I1029 04:44:47.267645 5700 master.cpp:4108] Forwarding status update >>>> TASK_FAILED (UUID: 0ea607fc-bf24-4bda-b107-55a54aba31cf) for task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> of framework 20151029-043755-3549436724-5050-5674-0000 >>>> I1029 04:44:47.267774 5700 master.cpp:5576] Updating the latest state >>>> of task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> of framework 20151029-043755-3549436724-5050-5674-0000 to TASK_FAILED >>>> I1029 04:44:47.267907 5700 hierarchical.hpp:814] Recovered >>>> cpus(*):0.0625; mem(*):256; ports(*):[31864-31864] (total: cpus(*):1; >>>> mem(*):999; disk(*):3962; ports(*):[31000-32000], allocated: ) on slave >>>> 20151029-043755-3549436724-5050-5674-S0 from framework >>>> 20151029-043755-3549436724-5050-5674-0000 >>>> I1029 04:44:47.289356 5698 master.cpp:5644] Removing task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> with resources cpus(*):0.0625; mem(*):256; ports(*):[31864-31864] of >>>> framework 20151029-043755-3549436724-5050-5674-0000 on slave >>>> 20151029-043755-3549436724-5050-5674-S0 at slave(1)@50.112.136.148:5051 >>>> (ec2-50-112-136-148.us-west-2.compute.amazonaws.com) >>>> I1029 04:44:47.289459 5698 master.cpp:3398] Processing ACKNOWLEDGE >>>> call 0ea607fc-bf24-4bda-b107-55a54aba31cf for task >>>> e4a3bed5-64e6-4970-8bb1-df6404656a48.c4239b84-7df7-11e5-b57b-0247b493b22f >>>> of framework 20151029-043755-3549436724-5050-5674-0000 (marathon) at >>>> [email protected]:53373 on >>>> slave 20151029-043755-3549436724-5050-5674-S0 >>>> >>>> >>>> >>>> 发件人: haosdent <[email protected]> >>>> 答复: "[email protected]" <[email protected]> >>>> 日期: 2015年10月29日 星期四 下午12:02 >>>> 至: user <[email protected]> >>>> 主题: Re: Can't start docker container when SSL_ENABLED is on. >>>> >>>> Oh, I mean you task logs. They could be get from Mesos webui. >>>> >>>> On Thu, Oct 29, 2015 at 11:52 AM, Xiaodong Zhang <[email protected]> >>>> wrote: >>>> >>>>> Thanks for your reply. >>>>> >>>>> Yes I build mesos with `--enable-libevent --enable-ssl`. If I don’t >>>>> provide key and pem when start slave, it will register fail(That means the >>>>> ssl work well right?) >>>>> >>>>> As I said the odd thing is the container nerver run(`docker ps –a show >>>>> nothing`). So it can’t have any stdout or stderr. >>>>> >>>>> 发件人: haosdent <[email protected]> >>>>> 答复: "[email protected]" <[email protected]> >>>>> 日期: 2015年10月29日 星期四 上午11:47 >>>>> 至: user <[email protected]> >>>>> 主题: Re: Can't start docker container when SSL_ENABLED is on. >>>>> >>>>> Do you compile mesos with ssl support? The default compile don't >>>>> contains ssl. And does docker container have stdour and stderr? >>>>> >>>>> On Thu, Oct 29, 2015 at 11:41 AM, Xiaodong Zhang <[email protected]> >>>>> wrote: >>>>> >>>>>> My scenarios is like previous email says, masters and slaves are in >>>>>> different IaaS. Now the slaves can register to the masters with >>>>>> SSL_ENABLED >>>>>> is on . >>>>>> >>>>>> But I meet another problem. Slaves can’t run container(the odd thing >>>>>> is they can pull image successfully,just can not run container, `docker >>>>>> ps >>>>>> –a ` list nothing) >>>>>> >>>>>> The logs like this: >>>>>> >>>>>> I1029 03:29:45.967741 9288 docker.cpp:758] Starting container >>>>>> 'd4f4e236-0d0a-492c-86df-eef48a414e23' for task >>>>>> '279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713' >>>>>> (and executor >>>>>> '279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713') >>>>>> of framework '20151029-031549-1294671788-5050-4937-0000' >>>>>> I1029 03:29:48.044148 9292 docker.cpp:382] Checkpointing pid 12062 >>>>>> to >>>>>> '/tmp/mesos/meta/slaves/20151029-031549-1294671788-5050-4937-S0/frameworks/20151029-031549-1294671788-5050-4937-0000/executors/279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713/runs/d4f4e236-0d0a-492c-86df-eef48a414e23/pids/forked.pid' >>>>>> I1029 03:29:53.159361 9292 docker.cpp:1576] Executor for container >>>>>> 'd4f4e236-0d0a-492c-86df-eef48a414e23' has exited >>>>>> I1029 03:29:53.159572 9292 docker.cpp:1374] Destroying container >>>>>> 'd4f4e236-0d0a-492c-86df-eef48a414e23' >>>>>> I1029 03:29:53.159822 9292 docker.cpp:1478] Running docker stop on >>>>>> container 'd4f4e236-0d0a-492c-86df-eef48a414e23' >>>>>> I1029 03:29:53.160143 9292 slave.cpp:3399] Executor >>>>>> '279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713' >>>>>> of framework 20151029-031549-1294671788-5050-4937-0000 terminated >>>>>> with signal Killed >>>>>> I1029 03:29:53.160884 9292 slave.cpp:2696] Handling status update >>>>>> TASK_FAILED (UUID: 27a2080a-8807-449e-9077-837ec45b4c51) for task >>>>>> 279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713 >>>>>> of framework 20151029-031549-1294671788-5050-4937-0000 from @ >>>>>> 0.0.0.0:0 >>>>>> W1029 03:29:53.161247 9288 docker.cpp:986] Ignoring updating unknown >>>>>> container: d4f4e236-0d0a-492c-86df-eef48a414e23 >>>>>> I1029 03:29:53.161548 9293 status_update_manager.cpp:322] Received >>>>>> status update TASK_FAILED (UUID: 27a2080a-8807-449e-9077-837ec45b4c51) >>>>>> for >>>>>> task >>>>>> 279bcb34-f705-4857-96ad-d96843b848fb.4b3abdcd-7ded-11e5-a82d-0240afabf713 >>>>>> of framework 20151029-031549-1294671788-5050-4937-0000 >>>>>> >>>>>> I run master node with env: >>>>>> >>>>>> SSL_SUPPORT_DOWNGRADE=true >>>>>> SSL_ENABLED=true >>>>>> SSL_KEY_FILE=/home/ubuntu/xx.key >>>>>> SSL_CERT_FILE=/home/ubuntu/xx.pem >>>>>> >>>>>> Slave node with env: >>>>>> >>>>>> SSL_ENABLED=true >>>>>> SSL_KEY_FILE=/home/ubuntu/xx.key >>>>>> SSL_CERT_FILE=/home/ubuntu/xx.pem >>>>>> LIBPROCESS_ADVERTISE_IP=xxx.xxx.xxx.xxx >>>>>> >>>>>> When I remove all SSL envs. Slaves work well. >>>>>> >>>>>> Did I miss sth? >>>>>> >>>>>> Version: >>>>>> >>>>>> Mesos 0.24.1 >>>>>> Maraton 0.9.2 >>>>>> >>>>>> OS >>>>>> ubuntu 14.04 >>>>>> >>>>>> >>>>>> >>>>>> 发件人: Anindya Sinha <[email protected]> >>>>>> 答复: "[email protected]" <[email protected]> >>>>>> 日期: 2015年10月28日 星期三 下午2:32 >>>>>> 至: "[email protected]" <[email protected]> >>>>>> 主题: Re: How to tell master which ip to connect. >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Oct 27, 2015 at 7:43 PM, Xiaodong Zhang <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> It works! Thanks a lot. >>>>>>> >>>>>> >>>>>> Ok. So we should expose advertise_ip and advertise_port as command >>>>>> line options for mesos-slave as well (instead of using the environment >>>>>> variables)? Opened https://issues.apache.org/jira/browse/MESOS-3809. >>>>>> >>>>>> >>>>>>> >>>>>>> Another question. Do masters and slaves communicate each other via a >>>>>>> safety way?Is the data encrypted? I want to make sure deploy masters and >>>>>>> slaves into different IaaS is PROD-READY. >>>>>>> >>>>>>> 发件人: haosdent <[email protected]> >>>>>>> 答复: "[email protected]" <[email protected]> >>>>>>> 日期: 2015年10月28日 星期三 上午10:23 >>>>>>> 至: user <[email protected]> >>>>>>> 主题: Re: How to tell master which ip to connect. >>>>>>> >>>>>>> Do you try `export LIBPROCESS_ADVERTISE_IP=xxx` and >>>>>>> `LIBPROCESS_ADVERTISE_PORT` when start slave? >>>>>>> >>>>>>> On Wed, Oct 28, 2015 at 10:16 AM, Xiaodong Zhang <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi teams: >>>>>>>> >>>>>>>> My scenarios is like this: >>>>>>>> >>>>>>>> My master nodes were deployed in AWS. My slaves were in AZURE.So >>>>>>>> they communicate via public ip. >>>>>>>> I got trouble when slaves try to register to master. >>>>>>>> Now slaves can get master’s public ip address,and can send register >>>>>>>> request.But they can only send there private ip to master.(Because they >>>>>>>> don’t know there public ip,thus they can’t not bind a public ip via —ip >>>>>>>> flag), thus masters can’t connect slaves.How can the slave to tell >>>>>>>> master >>>>>>>> which ip master should connect(I can’t find any flags like >>>>>>>> —advertise_ip >>>>>>>> in master). >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Best Regards, >>>>>>> Haosdent Huang >>>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Best Regards, >>>>> Haosdent Huang >>>>> >>>> >>>> >>>> >>>> -- >>>> Best Regards, >>>> Haosdent Huang >>>> >>> >>> >>> >>> -- >>> Best Regards, >>> Haosdent Huang >>> >> >> > > > -- > Best Regards, > Haosdent Huang > <5185_02_07.png><9D46724C-457C-4BE1-B0E4-F57B147F6DC8.png> > <742629F2-78E8-43F2-9015-F3D22720826B.png><5185_02_04.png> > > > >
