You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ti...@apache.org on 2018/10/22 21:26:43 UTC
[mesos] branch 1.7.x updated (c2d2818 -> 7a7283a)
This is an automated email from the ASF dual-hosted git repository.
tillt pushed a change to branch 1.7.x
in repository https://gitbox.apache.org/repos/asf/mesos.git.
from c2d2818 Added MESOS-9325 to the 1.7.1 CHANGELOG.
new dac745f Updated docker image fetcher to enforce HTTP 1.1 where needed.
new 7a7283a Added MESOS-8907 to the 1.7.1 CHANGELOG.
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
CHANGELOG | 1 +
src/uri/fetchers/docker.cpp | 25 ++++++++++++++++++++++++-
2 files changed, 25 insertions(+), 1 deletion(-)
[mesos] 02/02: Added MESOS-8907 to the 1.7.1 CHANGELOG.
Posted by ti...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
tillt pushed a commit to branch 1.7.x
in repository https://gitbox.apache.org/repos/asf/mesos.git
commit 7a7283a1916b594950abcfe45e2c14f0fdce70f3
Author: Till Toenshoff <to...@me.com>
AuthorDate: Mon Oct 22 22:02:41 2018 +0200
Added MESOS-8907 to the 1.7.1 CHANGELOG.
---
CHANGELOG | 1 +
1 file changed, 1 insertion(+)
diff --git a/CHANGELOG b/CHANGELOG
index 5f65843..08024f1 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,7 @@ Release Notes - Mesos - Version 1.7.1 (WIP)
** Bug
* [MESOS-8545] - AgentAPIStreamingTest.AttachInputToNestedContainerSession is flaky.
+ * [MESOS-8907] - Docker image fetcher fails with HTTP/2.
* [MESOS-8978] - Command executor calling setsid breaks the tty support.
* [MESOS-9131] - Health checks launching nested containers while a container is being destroyed lead to unkillable tasks.
* [MESOS-9228] - SLRP does not clean up plugin containers after it is removed.
[mesos] 01/02: Updated docker image fetcher to enforce HTTP 1.1
where needed.
Posted by ti...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
tillt pushed a commit to branch 1.7.x
in repository https://gitbox.apache.org/repos/asf/mesos.git
commit dac745fce6b28538b62fda1a87d464e96d0e84ad
Author: Till Toenshoff <to...@me.com>
AuthorDate: Mon Oct 22 21:42:53 2018 +0200
Updated docker image fetcher to enforce HTTP 1.1 where needed.
Modifies the 'curl' invocation that is returning an http::Response,
locking it into HTTP 1.1. Our current HTTP parser is unable to process
HTTP 2 responses.
With the advent of curl 7.47, HTTPS connections are being enforced
towards HTTP 2 rather aggressively. As a result, our image fetcher
fails when recent curl versions are being used for pulling images from
a registry that supports HTTP 2.
HTTP 1.1 is chosen as long as the underlying curl supports the
'--http1.1' flag. If curl is old enough to not support that flag, we
can deduct that it will not enforce HTTP 2 and therefore need no
further actions.
For allowing all the benefits of HTTP 2 where possible, we do not
adapt any 'curl' invocations that do not attempt to parse headers.
Review: https://reviews.apache.org/r/69075/
---
src/uri/fetchers/docker.cpp | 25 ++++++++++++++++++++++++-
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/src/uri/fetchers/docker.cpp b/src/uri/fetchers/docker.cpp
index 55ca118..49dfda4 100644
--- a/src/uri/fetchers/docker.cpp
+++ b/src/uri/fetchers/docker.cpp
@@ -23,6 +23,7 @@
#include <process/http.hpp>
#include <process/id.hpp>
#include <process/io.hpp>
+#include <process/once.hpp>
#include <process/process.hpp>
#include <process/subprocess.hpp>
@@ -94,15 +95,37 @@ static Future<http::Response> curl(
const http::Headers& headers,
const Option<Duration>& stallTimeout)
{
+ static process::Once* initialized = new process::Once();
+ static bool http11 = false;
+
+ if (!initialized->once()) {
+ // Test if curl supports locking into HTTP 1.1. We do this as
+ // HTTP 1.1 is more likely than HTTP 1.0 to function accross all
+ // infrastructures. The '--http1.1' flag got added to curl with
+ // with version 7.33.0. Some supported distributions do still come
+ // with curl version 7.19.0. See MESOS-8907.
+ http11 = os::system("curl --http1.1 -V 2>&1 >/dev/null") == 0;
+ VLOG(1) << "Curl accepts --http1.1 flag: " << stringify(http11);
+ initialized->done();
+ }
+
vector<string> argv = {
"curl",
"-s", // Don't show progress meter or error messages.
"-S", // Make curl show an error message if it fails.
"-L", // Follow HTTP 3xx redirects.
"-i", // Include the HTTP-header in the output.
- "--raw", // Disable HTTP decoding of content or transfer encodings.
+ "--raw" // Disable HTTP decoding of content or transfer encodings.
};
+ // Make sure curl does not enforce HTTP 2 as our HTTP parser does
+ // currently not support that. See MESOS-8368.
+ // Older curl versions do not support the HTTP 1.1 flag, but these
+ // versions are also old enough to not default to HTTP/2.
+ if (http11) {
+ argv.push_back("--http1.1");
+ }
+
// Add additional headers.
foreachpair (const string& key, const string& value, headers) {
argv.push_back("-H");