You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by GitBox <gi...@apache.org> on 2021/01/24 17:25:43 UTC
[GitHub] [mesos] cf-natali opened a new pull request #377: Mesos 10203 handle max capability
cf-natali opened a new pull request #377:
URL: https://github.com/apache/mesos/pull/377
This fixes https://issues.apache.org/jira/browse/MESOS-10203
There are actually 3 problems:
1. The agent shouldn't crash when the kernel supports capabilities the code doesn't support, but report an error cleanly. This is fixed by https://github.com/apache/mesos/commit/8f0ce240e65de0583ecadd60c206a000aa556a68
Before:
```
Reached unreachable statement at ../../src/linux/capabilities.cpp:497
*** Aborted at 1611359313 (unix time) try "date -d @1611359313" if you are using GNU date ***
PC: @ 0x7f108cd057bb gsignal
*** SIGABRT (@0x4332) received by PID 17202 (TID 0x7f108b587000) from PID 17202; stack trace: ***
@ 0x7f108cea1730 (unknown)
@ 0x7f108cd057bb gsignal
@ 0x7f108ccf0535 abort
@ 0x55ba1667870b Unreachable()
@ 0x7f109976e49a mesos::internal::capabilities::operator<<()
@ 0x7f109976f1ab stringify<>()
@ 0x7f109976c7b2 mesos::internal::capabilities::Capabilities::create()
@ 0x7f1099932ab8 mesos::internal::slave::LinuxCapabilitiesIsolatorProcess::create()
@ 0x7f1098e68caa std::_Function_handler<>::_M_invoke()
@ 0x7f1098e59d32 std::function<>::operator()()
@ 0x7f1098e26c13 mesos::internal::slave::MesosContainerizer::create()
@ 0x7f1098cf9494 mesos::internal::slave::Containerizer::create()
@ 0x55ba166743ee main
@ 0x7f108ccf209b __libc_start_main
@ 0x55ba16670eda _start
```
After:
```
E0122 23:54:23.660285 21366 main.cpp:610] EXIT with status 1: Failed to create a containerizer: Could not create MesosContainerizer: Failed to create isolator 'linux/capabilities': Failed to initialize capabilit
ies: System last capability value '37' is greater than maximum supported number of capabilities '37'
```
2. Add support for the new `CAP_PERFMON`, `CAP_BPF` and `CAP_CHECKPOINT_RESTORE` capabilities: https://github.com/apache/mesos/commit/95c5f217bf8281ce7f1360e7f46a9f9e66b862e0
3. It would probably be better if the agent didn't error out just because the kernel supports some new capabilities. From a cursory look at the code, I think it would be safe to change, however I'm not familiar enough with this code to make that call, hence have left it for now.
@jpeach @bmahler
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mesos] jpeach commented on pull request #377: [MESOS-10203] fix agent crash on unknown capabilities
Posted by GitBox <gi...@apache.org>.
jpeach commented on pull request #377:
URL: https://github.com/apache/mesos/pull/377#issuecomment-766530343
LGTM too FWIW 👍
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mesos] bbannier commented on pull request #377: [MESOS-10203] fix agent crash on unknown capabilities
Posted by GitBox <gi...@apache.org>.
bbannier commented on pull request #377:
URL: https://github.com/apache/mesos/pull/377#issuecomment-766458127
Fixed by 4ce33ca..900d233.
```
commit 900d23337c76824328340ca3d3151fb2f1c45ba7
Author: Charles-Francois Natali <cf...@gmail.com>
Date: Sun Jan 24 17:15:34 2021 +0000
Added CAP_PERFMON, CAP_BPF and CAP_CHECKPOINT_RESTORE support.
Part of fix for #10203.
commit 8b5bdb2fb0338c47ed61dbdbe0e4cc4d07386f74
Author: Charles-Francois Natali <cf...@gmail.com>
Date: Sat Jan 23 18:51:57 2021 +0000
Fixed agent crash when kernel supports unknown capabilities.
When capabilities are enabled, the capabilities initialisation code
would check that /proc/sys/kernel/cap_last_cap is less than
MAX_CAPABILITY, i.e. that the kernel doesn't support any capability the
code doesn't expect. However the error message attempted to format
cap_last_cap value as a Capability enum, which would crash.
Part of fix for #10203.
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mesos] bbannier commented on pull request #377: [MESOS-10203] fix agent crash on unknown capabilities
Posted by GitBox <gi...@apache.org>.
bbannier commented on pull request #377:
URL: https://github.com/apache/mesos/pull/377#issuecomment-766458127
Fixed by 4ce33ca..900d233.
```
commit 900d23337c76824328340ca3d3151fb2f1c45ba7
Author: Charles-Francois Natali <cf...@gmail.com>
Date: Sun Jan 24 17:15:34 2021 +0000
Added CAP_PERFMON, CAP_BPF and CAP_CHECKPOINT_RESTORE support.
Part of fix for #10203.
commit 8b5bdb2fb0338c47ed61dbdbe0e4cc4d07386f74
Author: Charles-Francois Natali <cf...@gmail.com>
Date: Sat Jan 23 18:51:57 2021 +0000
Fixed agent crash when kernel supports unknown capabilities.
When capabilities are enabled, the capabilities initialisation code
would check that /proc/sys/kernel/cap_last_cap is less than
MAX_CAPABILITY, i.e. that the kernel doesn't support any capability the
code doesn't expect. However the error message attempted to format
cap_last_cap value as a Capability enum, which would crash.
Part of fix for #10203.
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mesos] bbannier closed pull request #377: [MESOS-10203] fix agent crash on unknown capabilities
Posted by GitBox <gi...@apache.org>.
bbannier closed pull request #377:
URL: https://github.com/apache/mesos/pull/377
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mesos] jpeach commented on pull request #377: [MESOS-10203] fix agent crash on unknown capabilities
Posted by GitBox <gi...@apache.org>.
jpeach commented on pull request #377:
URL: https://github.com/apache/mesos/pull/377#issuecomment-766530343
LGTM too FWIW 👍
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mesos] bbannier closed pull request #377: [MESOS-10203] fix agent crash on unknown capabilities
Posted by GitBox <gi...@apache.org>.
bbannier closed pull request #377:
URL: https://github.com/apache/mesos/pull/377
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org