You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by qi...@apache.org on 2017/08/03 07:49:46 UTC

[7/9] mesos git commit: Set container DNS with `--default_container_dns` in CNI isolator.

Set container DNS with `--default_container_dns` in CNI isolator.

Review: https://reviews.apache.org/r/60600


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/30b49016
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/30b49016
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/30b49016

Branch: refs/heads/master
Commit: 30b49016adc30a9598d426ee35af14ee73963f77
Parents: cf841cd
Author: Qian Zhang <zh...@gmail.com>
Authored: Mon Jul 3 21:50:17 2017 +0800
Committer: Qian Zhang <zh...@gmail.com>
Committed: Thu Aug 3 13:53:26 2017 +0800

----------------------------------------------------------------------
 .../mesos/isolators/network/cni/cni.cpp         | 52 +++++++++++++++++---
 .../mesos/isolators/network/cni/cni.hpp         | 12 ++++-
 2 files changed, 55 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/30b49016/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
----------------------------------------------------------------------
diff --git a/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp b/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
index 831bc7d..fc68f04 100644
--- a/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
+++ b/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
@@ -86,7 +86,8 @@ Try<Isolator*> NetworkCniIsolatorProcess::create(const Flags& flags)
     return new MesosIsolator(Owned<MesosIsolatorProcess>(
         new NetworkCniIsolatorProcess(
             flags,
-            hashmap<string, string>())));
+            hashmap<string, string>(),
+            hashmap<std::string, ContainerDNSInfo::MesosInfo>())));
   }
 
   // Check for root permission.
@@ -239,10 +240,32 @@ Try<Isolator*> NetworkCniIsolatorProcess::create(const Flags& flags)
     }
   }
 
+  hashmap<string, ContainerDNSInfo::MesosInfo> cniDNSMap;
+  Option<ContainerDNSInfo::MesosInfo> defaultCniDNS;
+
+  if (flags.default_container_dns.isSome()) {
+    foreach (const ContainerDNSInfo::MesosInfo& dnsInfo,
+             flags.default_container_dns->mesos()) {
+      if (dnsInfo.network_mode() == ContainerDNSInfo::MesosInfo::CNI) {
+        if (!dnsInfo.has_network_name()) {
+          // The DNS info which has network node set as `CNI` and has no
+          // network name set is considered as the default DNS for all CNI
+          // networks, it applies to the container which joins a CNI network
+          // but that network can not be found in `--default_container_dns`.
+          defaultCniDNS = dnsInfo;
+        } else {
+          cniDNSMap[dnsInfo.network_name()] = dnsInfo;
+        }
+      }
+    }
+  }
+
   return new MesosIsolator(Owned<MesosIsolatorProcess>(
       new NetworkCniIsolatorProcess(
           flags,
           networkConfigs.get(),
+          cniDNSMap,
+          defaultCniDNS,
           rootDir.get(),
           flags.network_cni_plugins_dir.get())));
 }
@@ -989,18 +1012,31 @@ Future<Nothing> NetworkCniIsolatorProcess::_isolate(
 
   cni::spec::DNS dns;
 
-  // Collect all the DNS resolver specifications from the networks'
-  // IPAM plugins. Ordering is preserved and for single-value fields,
-  // the last network will win.
+  // For each CNI network that the container joins, collect the DNS resolver
+  // specification returned from the networks' IPAM plugin, if it is not
+  // returned from the plugin, use the DNS resolver specification in the
+  // default container DNS if any. Ordering is preserved and for single-value
+  // fields, the last network will win.
   foreachvalue (const ContainerNetwork& network, info->containerNetworks) {
-    if (network.cniNetworkInfo.isSome() && network.cniNetworkInfo->has_dns()) {
+    if (network.cniNetworkInfo.isSome() &&
+        network.cniNetworkInfo->has_dns() &&
+        network.cniNetworkInfo->dns().nameservers_size() > 0) {
+      // NOTE: Just checking `has_dns()` is not enough since some IPAM plugins
+      // (e.g., host-local) will return an empty `dns` JSON string ("dns": {})
+      // even though the CNI network configuration has not specified DNS
+      // information, that will make `has_dns()` true, so here we further check
+      // the size of the `nameservers`.
       dns.MergeFrom(network.cniNetworkInfo->dns());
+    } else if (cniDNSMap.contains(network.networkName)) {
+      dns.MergeFrom(cniDNSMap.at(network.networkName).dns());
+    } else if (defaultCniDNS.isSome()) {
+      dns.MergeFrom(defaultCniDNS->dns());
     }
   }
 
-  // If IPAM has not specified any DNS servers, then we set
-  // the container 'resolv.conf' to be the same as the host
-  // 'resolv.conf' ('/etc/resolv.conf').
+  // If IPAM plugin has not specified any DNS servers and there is no default
+  // container DNS specified, then we set the container 'resolv.conf' to be the
+  // same as the host 'resolv.conf' ('/etc/resolv.conf').
   if (dns.nameservers().empty()) {
     if (!os::exists("/etc/resolv.conf")){
       return Failure("Cannot find host's /etc/resolv.conf");

http://git-wip-us.apache.org/repos/asf/mesos/blob/30b49016/src/slave/containerizer/mesos/isolators/network/cni/cni.hpp
----------------------------------------------------------------------
diff --git a/src/slave/containerizer/mesos/isolators/network/cni/cni.hpp b/src/slave/containerizer/mesos/isolators/network/cni/cni.hpp
index a04700b..1d01915 100644
--- a/src/slave/containerizer/mesos/isolators/network/cni/cni.hpp
+++ b/src/slave/containerizer/mesos/isolators/network/cni/cni.hpp
@@ -125,11 +125,15 @@ private:
   NetworkCniIsolatorProcess(
       const Flags& _flags,
       const hashmap<std::string, std::string>& _networkConfigs,
+      const hashmap<std::string, ContainerDNSInfo::MesosInfo>& _cniDNSMap,
+      const Option<ContainerDNSInfo::MesosInfo>& _defaultCniDNS = None(),
       const Option<std::string>& _rootDir = None(),
       const Option<std::string>& _pluginDir = None())
     : ProcessBase(process::ID::generate("mesos-network-cni-isolator")),
       flags(_flags),
       networkConfigs(_networkConfigs),
+      cniDNSMap(_cniDNSMap),
+      defaultCniDNS(_defaultCniDNS),
       rootDir(_rootDir),
       pluginDir(_pluginDir) {}
 
@@ -194,9 +198,15 @@ private:
   const Flags flags;
 
   // A map storing the path to CNI network configuration files keyed
-  // on the network name.
+  // by the network name.
   hashmap<std::string, std::string> networkConfigs;
 
+  // DNS informations of CNI networks keyed by CNI network name.
+  hashmap<string, ContainerDNSInfo::MesosInfo> cniDNSMap;
+
+  // Default DNS information for all CNI networks.
+  const Option<ContainerDNSInfo::MesosInfo> defaultCniDNS;
+
   // CNI network information root directory.
   const Option<std::string> rootDir;