Apache Mesos
isolator.hpp
Go to the documentation of this file.
1 // Licensed to the Apache Software Foundation (ASF) under one
2 // or more contributor license agreements. See the NOTICE file
3 // distributed with this work for additional information
4 // regarding copyright ownership. The ASF licenses this file
5 // to you under the Apache License, Version 2.0 (the
6 // "License"); you may not use this file except in compliance
7 // with the License. You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 
17 #ifndef __NVIDIA_GPU_ISOLATOR_HPP__
18 #define __NVIDIA_GPU_ISOLATOR_HPP__
19 
20 #include <map>
21 #include <set>
22 #include <vector>
23 
24 #include <process/future.hpp>
25 
26 #include <stout/hashmap.hpp>
27 #include <stout/option.hpp>
28 #include <stout/path.hpp>
29 #include <stout/try.hpp>
30 
31 #include "linux/cgroups.hpp"
32 
33 #include "slave/flags.hpp"
34 
36 
40 
41 namespace mesos {
42 namespace internal {
43 namespace slave {
44 
45 // This isolator uses the cgroups devices subsystem to control
46 // access to Nvidia GPUs. Since this is the very first device
47 // isolator, it currently contains generic device isolation
48 // logic that needs to be pulled up into a generic device
49 // isolator.
50 //
51 // GPUs are allocated to containers in an arbitrary fashion.
52 // For example, if a container requires 2 GPUs, we will
53 // arbitrarily choose 2 from the GPUs that are available.
54 // This may not behave well if tasks within an executor use
55 // GPUs since we cannot identify which task are using which
56 // GPUs (i.e. when a task terminates, we may remove a GPU
57 // that is still being used by a different task!).
58 //
59 // Note that this isolator is not responsible for ensuring
60 // that the necessary Nvidia libraries are visible in the
61 // container. If filesystem isolation is not enabled, this
62 // means that the container can simply use the libraries
63 // available on the host. When filesystem isolation is
64 // enabled, it is the responsibility of the operator /
65 // application developer to ensure that the necessary
66 // libraries are visible to the container (note that they
67 // must be version compatible with the kernel driver on
68 // the host).
69 //
70 // TODO(klueska): To better support containers with a
71 // provisioned filesystem, we will need to add a mechanism
72 // for operators to inject the libraries as a volume into
73 // containers that require GPU access.
74 //
75 // TODO(klueska): If multiple containerizers are enabled,
76 // they need to co-ordinate their allocation of GPUs.
77 //
78 // TODO(klueska): Move generic device isolation logic
79 // out into its own component.
81 {
82 public:
84  const Flags& flags,
85  const NvidiaComponents& components);
86 
87  virtual bool supportsNesting();
88  virtual bool supportsStandalone();
89 
91  const std::vector<mesos::slave::ContainerState>& states,
92  const hashset<ContainerID>& orphans);
93 
95  const ContainerID& containerId,
96  const mesos::slave::ContainerConfig& containerConfig);
97 
99  const ContainerID& containerId,
100  const Resources& resources);
101 
103  const ContainerID& containerId);
104 
106  const ContainerID& containerId);
107 
108 private:
110  const Flags& _flags,
111  const std::string& hierarchy,
112  const NvidiaGpuAllocator& _allocator,
113  const NvidiaVolume& _volume,
114  const std::map<Path, cgroups::devices::Entry>& _controlDeviceEntries);
115 
117  const mesos::slave::ContainerConfig& containerConfig);
118 
119  process::Future<Nothing> _update(
120  const ContainerID& containerId,
121  const std::set<Gpu>& allocation);
122 
123  struct Info
124  {
125  Info(const ContainerID& _containerId, const std::string& _cgroup)
126  : containerId(_containerId), cgroup(_cgroup) {}
127 
128  const ContainerID containerId;
129  const std::string cgroup;
130  std::set<Gpu> allocated;
131  };
132 
133  const Flags flags;
134 
135  // The path to the cgroups subsystem hierarchy root.
136  const std::string hierarchy;
137 
138  // TODO(bmahler): Use Owned<Info>.
140 
141  NvidiaGpuAllocator allocator;
142  NvidiaVolume volume;
143 
144  const std::map<Path, cgroups::devices::Entry> controlDeviceEntries;
145 };
146 
147 } // namespace slave {
148 } // namespace internal {
149 } // namespace mesos {
150 
151 #endif // __NVIDIA_GPU_ISOLATOR_HPP__
virtual process::Future< Option< mesos::slave::ContainerLaunchInfo > > prepare(const ContainerID &containerId, const mesos::slave::ContainerConfig &containerConfig)
Definition: check.hpp:33
virtual process::Future< ResourceStatistics > usage(const ContainerID &containerId)
Definition: resources.hpp:79
Definition: allocator.hpp:52
Definition: flags.hpp:39
virtual process::Future< Nothing > cleanup(const ContainerID &containerId)
virtual process::Future< Nothing > update(const ContainerID &containerId, const Resources &resources)
Definition: components.hpp:34
Definition: spec.hpp:30
Result< std::string > cgroup(pid_t pid)
static Try< mesos::slave::Isolator * > create(const Flags &flags, const NvidiaComponents &components)
Definition: attributes.hpp:24
virtual process::Future< Nothing > recover(const std::vector< mesos::slave::ContainerState > &states, const hashset< ContainerID > &orphans)
Definition: parse.hpp:33
Definition: volume.hpp:36