You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@mesos.apache.org by gi...@apache.org on 2019/07/12 08:39:25 UTC

[mesos] 03/03: Updated `filesystem/linux` isolator for configurable IPC support.

This is an automated email from the ASF dual-hosted git repository.

gilbert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mesos.git

commit 9932550e9632e7fbb9a45b217793c7f508f57001
Author: Qian Zhang <zh...@gmail.com>
AuthorDate: Fri Jul 12 00:40:11 2019 -0700

    Updated `filesystem/linux` isolator for configurable IPC support.
    
    If `namespaces/ipc` isolator is not enabled, for backward
    compatibility /dev/shm will still be handled in `filesystem/linux`
    isolator as before. Otherwise, both /dev/shm and IPC namespace
    will be handled by `namespaces/ipc` isolator.
    
    Review: https://reviews.apache.org/r/70820/
---
 .../containerizer/mesos/isolators/filesystem/linux.cpp  | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp b/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
index 3cfb6e9..df33b35 100644
--- a/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
+++ b/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
@@ -146,12 +146,6 @@ static const ContainerMountInfo ROOTFS_CONTAINER_MOUNTS[] = {
       "devpts",
       "newinstance,ptmxmode=0666,mode=0620,gid=5",
       MS_NOSUID | MS_NOEXEC),
-  createContainerMount(
-      "tmpfs",
-      "/dev/shm",
-      "tmpfs",
-      "mode=1777",
-      MS_NOSUID | MS_NODEV | MS_STRICTATIME),
 };
 
 
@@ -769,6 +763,17 @@ Future<Option<ContainerLaunchInfo>> LinuxFilesystemIsolatorProcess::prepare(
       }
     }
 
+    // If `namespaces/ipc` isolator is not enabled, /dev/shm will be
+    // handled there.
+    if (!strings::contains(flags.isolation, "namespaces/ipc")) {
+      *launchInfo.add_mounts() = createContainerMount(
+          "tmpfs",
+          path::join(containerConfig.rootfs(), "/dev/shm"),
+          "tmpfs",
+          "mode=1777",
+          MS_NOSUID | MS_NODEV | MS_STRICTATIME);
+    }
+
     Try<Nothing> makedev =
       makeStandardDevices(devicesDir, containerConfig.rootfs(), launchInfo);
     if (makedev.isError()) {