You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Greg Mann <gr...@mesosphere.io> on 2016/02/25 18:45:22 UTC
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/
-----------------------------------------------------------
(Updated Feb. 25, 2016, 5:45 p.m.)
Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
Changes
-------
Updated persistent volume and dynamic reservation docs.
Summary (updated)
-----------------
Updated docs for reservation, volumes, and authZ.
Bugs: MESOS-4591
https://issues.apache.org/jira/browse/MESOS-4591
Repository: mesos
Description (updated)
-------
Updated docs for reservation, volumes, and authZ.
This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior.
Diffs (updated)
-----
docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
Diff: https://reviews.apache.org/r/43800/diff/
Testing
-------
Thanks,
Greg Mann
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Greg Mann <gr...@mesosphere.io>.
> On Feb. 26, 2016, 5:36 a.m., Neil Conway wrote:
> > This needs a prominent note in `upgrades.md` about the change to the ACL format. Thinking about it, the ACL isn't stored anywhere, so there's no issue with incompatibility of stored state. Similarly, rolling upgrades should be okay -- a mixed cluster would behave in a strange way in the event of master failover, but that's probably to be expected.
Good call; I added a note in `upgrades.md`, let me know what you think.
> On Feb. 26, 2016, 5:36 a.m., Neil Conway wrote:
> > docs/authorization.md, line 37
> > <https://reviews.apache.org/r/43800/diff/4/?file=1271103#file1271103line37>
> >
> > Not yours, but I feel like we need a better way to organize this information. Maybe a table/matrix, showing the action X is used with subjects Y and objects Z?
Yep, I agree. It seems a bit out of scope for these patches, so I've created a ticket for this improvement: https://issues.apache.org/jira/browse/MESOS-4785
I'd be happy to take care of it; next sprint perhaps?
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/#review120823
-----------------------------------------------------------
On Feb. 26, 2016, 5:33 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43800/
> -----------------------------------------------------------
>
> (Updated Feb. 26, 2016, 5:33 p.m.)
>
>
> Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
>
>
> Bugs: MESOS-4591
> https://issues.apache.org/jira/browse/MESOS-4591
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated docs for reservation, volumes, and authZ.
>
> This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior. A note has been added to `upgrades.md` detailing the impact of these changes on upgrades.
>
>
> Diffs
> -----
>
> docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
> docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
> docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
> docs/upgrades.md 4f30d725c6ed28c09a1c5528fd4193c3f06b2d93
>
> Diff: https://reviews.apache.org/r/43800/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/#review120823
-----------------------------------------------------------
This needs a prominent note in `upgrades.md` about the change to the ACL format. Thinking about it, the ACL isn't stored anywhere, so there's no issue with incompatibility of stored state. Similarly, rolling upgrades should be okay -- a mixed cluster would behave in a strange way in the event of master failover, but that's probably to be expected.
docs/authorization.md (line 37)
<https://reviews.apache.org/r/43800/#comment182328>
Not yours, but I feel like we need a better way to organize this information. Maybe a table/matrix, showing the action X is used with subjects Y and objects Z?
docs/persistent-volume.md (line 39)
<https://reviews.apache.org/r/43800/#comment182329>
I'd say "appropriate" rather than "desired".
docs/reservation.md (line 54)
<https://reviews.apache.org/r/43800/#comment182330>
I'd say "appropriate" rather than "desired".
- Neil Conway
On Feb. 25, 2016, 5:45 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43800/
> -----------------------------------------------------------
>
> (Updated Feb. 25, 2016, 5:45 p.m.)
>
>
> Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
>
>
> Bugs: MESOS-4591
> https://issues.apache.org/jira/browse/MESOS-4591
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated docs for reservation, volumes, and authZ.
>
> This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior.
>
>
> Diffs
> -----
>
> docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
> docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
> docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
>
> Diff: https://reviews.apache.org/r/43800/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Mesos ReviewBot <re...@mesos.apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/#review120795
-----------------------------------------------------------
Patch looks great!
Reviews applied: [43776, 43777, 43782, 43778, 43779, 43800]
Passed command: export OS='ubuntu:14.04' CONFIGURATION='--verbose' COMPILER='gcc' ENVIRONMENT='GLOG_v=1 MESOS_VERBOSE=1'; ./support/docker_build.sh
- Mesos ReviewBot
On Feb. 25, 2016, 5:45 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43800/
> -----------------------------------------------------------
>
> (Updated Feb. 25, 2016, 5:45 p.m.)
>
>
> Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
>
>
> Bugs: MESOS-4591
> https://issues.apache.org/jira/browse/MESOS-4591
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated docs for reservation, volumes, and authZ.
>
> This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior.
>
>
> Diffs
> -----
>
> docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
> docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
> docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
>
> Diff: https://reviews.apache.org/r/43800/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/#review120918
-----------------------------------------------------------
Fix it, then Ship it!
docs/upgrades.md (line 11)
<https://reviews.apache.org/r/43800/#comment182446>
I think we should add an explicit note that previously, a framework could only make reservations for its principal, and that the old behavior can be preserved by configuring ACLs appropriately.
- Neil Conway
On Feb. 26, 2016, 5:33 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43800/
> -----------------------------------------------------------
>
> (Updated Feb. 26, 2016, 5:33 p.m.)
>
>
> Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
>
>
> Bugs: MESOS-4591
> https://issues.apache.org/jira/browse/MESOS-4591
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated docs for reservation, volumes, and authZ.
>
> This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior. A note has been added to `upgrades.md` detailing the impact of these changes on upgrades.
>
>
> Diffs
> -----
>
> docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
> docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
> docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
> docs/upgrades.md 4f30d725c6ed28c09a1c5528fd4193c3f06b2d93
>
> Diff: https://reviews.apache.org/r/43800/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Jie Yu <yu...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/#review120945
-----------------------------------------------------------
Ship it!
Ship It!
- Jie Yu
On Feb. 26, 2016, 7:07 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43800/
> -----------------------------------------------------------
>
> (Updated Feb. 26, 2016, 7:07 p.m.)
>
>
> Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
>
>
> Bugs: MESOS-4591
> https://issues.apache.org/jira/browse/MESOS-4591
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated docs for reservation, volumes, and authZ.
>
> This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior. A note has been added to `upgrades.md` detailing the impact of these changes on upgrades.
>
>
> Diffs
> -----
>
> docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
> docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
> docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
> docs/upgrades.md 4f30d725c6ed28c09a1c5528fd4193c3f06b2d93
>
> Diff: https://reviews.apache.org/r/43800/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/
-----------------------------------------------------------
(Updated Feb. 26, 2016, 7:07 p.m.)
Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
Changes
-------
Addressed comment.
Bugs: MESOS-4591
https://issues.apache.org/jira/browse/MESOS-4591
Repository: mesos
Description
-------
Updated docs for reservation, volumes, and authZ.
This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior. A note has been added to `upgrades.md` detailing the impact of these changes on upgrades.
Diffs (updated)
-----
docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
docs/upgrades.md 4f30d725c6ed28c09a1c5528fd4193c3f06b2d93
Diff: https://reviews.apache.org/r/43800/diff/
Testing
-------
Thanks,
Greg Mann
Re: Review Request 43800: Updated docs for reservation, volumes,
and authZ.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43800/
-----------------------------------------------------------
(Updated Feb. 26, 2016, 5:33 p.m.)
Review request for mesos, Adam B, Jie Yu, Michael Park, and Neil Conway.
Changes
-------
Addressed comments.
Bugs: MESOS-4591
https://issues.apache.org/jira/browse/MESOS-4591
Repository: mesos
Description (updated)
-------
Updated docs for reservation, volumes, and authZ.
This updates the authorization documentation to include the new `roles` object for the `CreateVolume` and `ReserveResources` ACLs. The docs for persistent volumes and dynamic reservations are also updated to reflect the new authorization behavior. A note has been added to `upgrades.md` detailing the impact of these changes on upgrades.
Diffs (updated)
-----
docs/authorization.md bbb4f2adc9348cb1686e6af78f5604d8cf7651ab
docs/persistent-volume.md 2a794a572ff930aa1f95706b89fef9243be627de
docs/reservation.md b98ebe6df0739b48c5fa58e087fd64b1c6c5d456
docs/upgrades.md 4f30d725c6ed28c09a1c5528fd4193c3f06b2d93
Diff: https://reviews.apache.org/r/43800/diff/
Testing
-------
Thanks,
Greg Mann