Apache Mesos
ports.hpp
Go to the documentation of this file.
1 // Licensed to the Apache Software Foundation (ASF) under one
2 // or more contributor license agreements. See the NOTICE file
3 // distributed with this work for additional information
4 // regarding copyright ownership. The ASF licenses this file
5 // to you under the Apache License, Version 2.0 (the
6 // "License"); you may not use this file except in compliance
7 // with the License. You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 
17 #ifndef __NETWORK_PORTS_ISOLATOR_HPP__
18 #define __NETWORK_PORTS_ISOLATOR_HPP__
19 
20 #include <stdint.h>
21 
22 #include <string>
23 #include <vector>
24 
25 #include <process/owned.hpp>
26 
27 #include <stout/duration.hpp>
28 #include <stout/hashmap.hpp>
29 #include <stout/interval.hpp>
30 #include <stout/option.hpp>
31 
33 
34 #include "slave/flags.hpp"
35 
37 
38 namespace mesos {
39 namespace internal {
40 namespace slave {
41 
42 // The `network/ports` isolator provides isolation of TCP listener
43 // ports for tasks that share the host network namespace. It ensures
44 // that tasks listen only on ports for which they hold `ports` resources.
46 {
47 public:
50 
52 
54 
56 
57  virtual bool supportsNesting();
58 
60  const std::list<mesos::slave::ContainerState>& states,
61  const hashset<ContainerID>& orphans);
62 
64  const ContainerID& containerId,
65  const mesos::slave::ContainerConfig& containerConfig);
66 
68  const ContainerID& containerId);
69 
71  const ContainerID& containerId,
72  const Resources& resources);
73 
75  const ContainerID& containerId);
76 
77  // Public only for testing.
79  const hashmap<ContainerID, IntervalSet<uint16_t>>& listeners);
80 
81 protected:
82  virtual void initialize();
83 
84 private:
86  bool _cniIsolatorEnabled,
87  const Duration& _watchInterval,
88  const bool& _enforcePortsEnabled,
89  const std::string& _cgroupsRoot,
90  const std::string& _freezerHierarchy,
91  const Option<IntervalSet<uint16_t>>& agentPorts);
92 
93  struct Info
94  {
95  Option<IntervalSet<uint16_t>> allocatedPorts;
96  Option<IntervalSet<uint16_t>> activePorts;
98  };
99 
100  const bool cniIsolatorEnabled;
101  const Duration watchInterval;
102  const bool enforceContainerPorts;
103  const std::string cgroupsRoot;
104  const std::string freezerHierarchy;
105  const Option<IntervalSet<uint16_t>> agentPorts;
106 
108 };
109 
110 } // namespace slave {
111 } // namespace internal {
112 } // namespace mesos {
113 
114 #endif // __NETWORK_PORTS_ISOLATOR_HPP__
virtual process::Future< mesos::slave::ContainerLimitation > watch(const ContainerID &containerId)
virtual process::Future< Nothing > update(const ContainerID &containerId, const Resources &resources)
Definition: option.hpp:28
Definition: check.hpp:33
virtual process::Future< Option< mesos::slave::ContainerLaunchInfo > > prepare(const ContainerID &containerId, const mesos::slave::ContainerConfig &containerConfig)
Definition: resources.hpp:79
static Try< std::vector< uint32_t > > getProcessSockets(pid_t pid)
Definition: flags.hpp:39
Definition: duration.hpp:32
virtual void initialize()
Invoked when a process gets spawned.
Definition: hashmap.hpp:38
DWORD pid_t
Definition: windows.hpp:181
process::Future< Nothing > check(const hashmap< ContainerID, IntervalSet< uint16_t >> &listeners)
virtual process::Future< Nothing > cleanup(const ContainerID &containerId)
Definition: spec.hpp:30
static Try< mesos::slave::Isolator * > create(const Flags &flags)
virtual process::Future< Nothing > recover(const std::list< mesos::slave::ContainerState > &states, const hashset< ContainerID > &orphans)
Definition: attributes.hpp:24
virtual ~NetworkPortsIsolatorProcess()
Definition: ports.hpp:55
static Try< hashmap< uint32_t, routing::diagnosis::socket::Info > > getListeningSockets()
Definition: parse.hpp:33