You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Gilbert Song <so...@gmail.com> on 2019/08/15 18:35:18 UTC
Re: Review Request 71201: Implemented `cleanup` method for
`volume/secret` isolator.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71201/#review217224
-----------------------------------------------------------
Ship it!
Ship It!
- Gilbert Song
On July 31, 2019, 12:04 a.m., Qian Zhang wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71201/
> -----------------------------------------------------------
>
> (Updated July 31, 2019, 12:04 a.m.)
>
>
> Review request for mesos, Andrei Budnik and Gilbert Song.
>
>
> Bugs: MESOS-9893
> https://issues.apache.org/jira/browse/MESOS-9893
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Previously, after `volume/secret` isolator resolves a secret and write
> it into a path (i.e., <runtime_dir>/.secret/<UUID>) on agent host for a
> container, if the container fails to launch somehow (e.g., fails in
> another isolator's `prepare` method), that path on the host will never
> be cleaned up. In this patch, `volume/secret` isolator is improved to
> write all the resolved secrets for a container into a single directory
> (i.e., <runtime_dir>/.secret/<containerID>) on agent host, and the
> `cleanup` method of the `volume/secret` isolator is implemented to
> remove that directory when the container is destroyed.
>
>
> Diffs
> -----
>
> src/slave/containerizer/mesos/isolators/volume/secret.hpp a1664915bc6c5ff223fcc9949448408883c3010c
> src/slave/containerizer/mesos/isolators/volume/secret.cpp 4bbcc7af0216a483d71b367c154c24500545a40b
>
>
> Diff: https://reviews.apache.org/r/71201/diff/1/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Qian Zhang
>
>