You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "haosdent (JIRA)" <ji...@apache.org> on 2016/11/06 12:50:58 UTC

[jira] [Comment Edited] (MESOS-5410) Support cgroup namespace in unified container

    [ https://issues.apache.org/jira/browse/MESOS-5410?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15620207#comment-15620207 ] 

haosdent edited comment on MESOS-5410 at 11/6/16 12:50 PM:
-----------------------------------------------------------

| Added cgroup namespace support for unified container. | https://reviews.apache.org/r/53296/ |
| Fixed a typo in slave_recovery_tests.cpp. | https://reviews.apache.org/r/53515 |
| Moved `namespaces/pid` associated test cases to a separate file. | https://reviews.apache.org/r/53516 |
| Added test case for cgroup namespace isolator. | https://reviews.apache.org/r/53517 |


was (Author: haosdent@gmail.com):
| Added cgroup namespace support for unified container. | https://reviews.apache.org/r/53296/ |

> Support cgroup namespace in unified container
> ---------------------------------------------
>
>                 Key: MESOS-5410
>                 URL: https://issues.apache.org/jira/browse/MESOS-5410
>             Project: Mesos
>          Issue Type: Improvement
>            Reporter: Qian Zhang
>            Assignee: haosdent
>
> In Linux 4.6 kernel, a new namespace (cgroup namespace) was introduced to make a process can be created in its own cgroup namespace so that the global cgroup hierarchy will not be leaked to the process. See the following link for more details about this namespace:
> http://man7.org/linux/man-pages/man7/cgroup_namespaces.7.html
> We need to support this namespace in unified container to provide better isolation for the containers created by Mesos.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)