> On March 9, 2018, 11:40 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/isolators/network/cni/cni.cpp > > Line 389 (original), 389-397 (patched) > > <https://reviews.apache.org/r/65987/diff/1/?file=1972679#file1972679line389> > > > > Instead of relying on an additional checkpoint file, I think we can > > infer if a nested container joins its parent container's network or not by > > first listing all entries in `rootDir`, and then recover those known > > containers, and then cleanup unknown orphans. Something like the following: > > > > ``` > > // Build ContainerID -> ContainerState mapping > > // List rootDir > > // For each entry, find the corresponding ContainerState state (state > > is optional) > > // Call _recover(containerId, state), if containerId is nested, set > > joinsParentsNetwork to false. > > // Cleanup unknown orphans (not in container state mapping or orphans > > map) > > ```
This is a good idea. > On March 9, 2018, 11:40 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/isolators/network/cni/cni.cpp > > Lines 1269-1285 (patched) > > <https://reviews.apache.org/r/65987/diff/1/?file=1972679#file1972679line1303> > > > > I don't think we need to checkpoint this additional information. You > > should be able to infer if a nested container has its own network namespace > > or not by checking if there's a container directory under > > `cni::paths::ROOT_DIR`. See > > src/slave/containerizer/mesos/isolators/network/cni/paths.hpp Yeah, you are right. Did not consider this! :( > On March 9, 2018, 11:40 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/isolators/network/cni/cni.cpp > > Lines 1488 (patched) > > <https://reviews.apache.org/r/65987/diff/1/?file=1972679#file1972679line1526> > > > > What about top level containers? I think `joinParentsNetwork` should be > > orthogonol to whether it is nested or not. Top level container can join its > > parent's network (agent) too. > > > > If you think about that way, here we should do > > ``` > > if (isNestedContainer && joinsParentsNetwork) > > ``` hmm.. did not think about it. - Sagar ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/65987/#review198968 ----------------------------------------------------------- On March 8, 2018, 5:07 p.m., Sagar Patwardhan wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/65987/ > ----------------------------------------------------------- > > (Updated March 8, 2018, 5:07 p.m.) > > > Review request for mesos and Jie Yu. > > > Bugs: MESOS-8534 > https://issues.apache.org/jira/browse/MESOS-8534 > > > Repository: mesos > > > Description > ------- > > Continued from https://github.com/apache/mesos/pull/263 > > > Diffs > ----- > > src/master/validation.cpp f0b86775b7919ba6aa4a73038edb78a0adca68f4 > src/slave/containerizer/mesos/isolators/network/cni/cni.hpp > 1d01915c2db66e54ed68a3dbaa12ea061ca5f6b2 > src/slave/containerizer/mesos/isolators/network/cni/cni.cpp > 896656987012b3ffe5008ce6873c9a5249c058de > src/slave/containerizer/mesos/isolators/network/cni/paths.hpp > 7678a7c81c3cdb27410c1f066021eb34bd02a83f > src/slave/containerizer/mesos/isolators/network/cni/paths.cpp > f9056c90f1075cb19c4f554e7d5b629561d06035 > > > Diff: https://reviews.apache.org/r/65987/diff/1/ > > > Testing > ------- > > Manually tested. > > Working on unit tests. > > > Thanks, > > Sagar Patwardhan > >
