Merge pull request #95507 from flokli/remove-mesos
mesos: remove package, module and test (and chronos/marathon which depends on it)
This commit is contained in:
commit
b2f3bbd3fb
@ -198,7 +198,7 @@ in
|
|||||||
bosun = 161;
|
bosun = 161;
|
||||||
kubernetes = 162;
|
kubernetes = 162;
|
||||||
peerflix = 163;
|
peerflix = 163;
|
||||||
chronos = 164;
|
#chronos = 164; # removed 2020-08-15
|
||||||
gitlab = 165;
|
gitlab = 165;
|
||||||
tox-bootstrapd = 166;
|
tox-bootstrapd = 166;
|
||||||
cadvisor = 167;
|
cadvisor = 167;
|
||||||
|
@ -472,8 +472,6 @@
|
|||||||
./services/misc/mautrix-telegram.nix
|
./services/misc/mautrix-telegram.nix
|
||||||
./services/misc/mbpfan.nix
|
./services/misc/mbpfan.nix
|
||||||
./services/misc/mediatomb.nix
|
./services/misc/mediatomb.nix
|
||||||
./services/misc/mesos-master.nix
|
|
||||||
./services/misc/mesos-slave.nix
|
|
||||||
./services/misc/metabase.nix
|
./services/misc/metabase.nix
|
||||||
./services/misc/mwlib.nix
|
./services/misc/mwlib.nix
|
||||||
./services/misc/nix-daemon.nix
|
./services/misc/nix-daemon.nix
|
||||||
@ -786,10 +784,8 @@
|
|||||||
./services/networking/znc/default.nix
|
./services/networking/znc/default.nix
|
||||||
./services/printing/cupsd.nix
|
./services/printing/cupsd.nix
|
||||||
./services/scheduling/atd.nix
|
./services/scheduling/atd.nix
|
||||||
./services/scheduling/chronos.nix
|
|
||||||
./services/scheduling/cron.nix
|
./services/scheduling/cron.nix
|
||||||
./services/scheduling/fcron.nix
|
./services/scheduling/fcron.nix
|
||||||
./services/scheduling/marathon.nix
|
|
||||||
./services/search/elasticsearch.nix
|
./services/search/elasticsearch.nix
|
||||||
./services/search/elasticsearch-curator.nix
|
./services/search/elasticsearch-curator.nix
|
||||||
./services/search/hound.nix
|
./services/search/hound.nix
|
||||||
|
@ -17,8 +17,11 @@ with lib;
|
|||||||
(mkAliasOptionModule [ "environment" "checkConfigurationOptions" ] [ "_module" "check" ])
|
(mkAliasOptionModule [ "environment" "checkConfigurationOptions" ] [ "_module" "check" ])
|
||||||
|
|
||||||
# Completely removed modules
|
# Completely removed modules
|
||||||
|
(mkRemovedOptionModule [ "services" "chronos" ] "The corresponding package was removed from nixpkgs.")
|
||||||
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "user" ] "")
|
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "user" ] "")
|
||||||
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "group" ] "")
|
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "group" ] "")
|
||||||
|
(mkRemovedOptionModule [ "services" "marathon" ] "The corresponding package was removed from nixpkgs.")
|
||||||
|
(mkRemovedOptionModule [ "services" "mesos" ] "The corresponding package was removed from nixpkgs.")
|
||||||
(mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")
|
(mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")
|
||||||
(mkRemovedOptionModule [ "networking" "vpnc" ] "Use environment.etc.\"vpnc/service.conf\" instead.")
|
(mkRemovedOptionModule [ "networking" "vpnc" ] "Use environment.etc.\"vpnc/service.conf\" instead.")
|
||||||
(mkRemovedOptionModule [ "environment" "blcr" "enable" ] "The BLCR module has been removed")
|
(mkRemovedOptionModule [ "environment" "blcr" "enable" ] "The BLCR module has been removed")
|
||||||
|
@ -1,125 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.services.mesos.master;
|
|
||||||
|
|
||||||
in {
|
|
||||||
|
|
||||||
options.services.mesos = {
|
|
||||||
|
|
||||||
master = {
|
|
||||||
enable = mkOption {
|
|
||||||
description = "Whether to enable the Mesos Master.";
|
|
||||||
default = false;
|
|
||||||
type = types.bool;
|
|
||||||
};
|
|
||||||
|
|
||||||
ip = mkOption {
|
|
||||||
description = "IP address to listen on.";
|
|
||||||
default = "0.0.0.0";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
port = mkOption {
|
|
||||||
description = "Mesos Master port";
|
|
||||||
default = 5050;
|
|
||||||
type = types.int;
|
|
||||||
};
|
|
||||||
|
|
||||||
advertiseIp = mkOption {
|
|
||||||
description = "IP address advertised to reach this master.";
|
|
||||||
default = null;
|
|
||||||
type = types.nullOr types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
advertisePort = mkOption {
|
|
||||||
description = "Port advertised to reach this Mesos master.";
|
|
||||||
default = null;
|
|
||||||
type = types.nullOr types.int;
|
|
||||||
};
|
|
||||||
|
|
||||||
zk = mkOption {
|
|
||||||
description = ''
|
|
||||||
ZooKeeper URL (used for leader election amongst masters).
|
|
||||||
May be one of:
|
|
||||||
zk://host1:port1,host2:port2,.../mesos
|
|
||||||
zk://username:password@host1:port1,host2:port2,.../mesos
|
|
||||||
'';
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
workDir = mkOption {
|
|
||||||
description = "The Mesos work directory.";
|
|
||||||
default = "/var/lib/mesos/master";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
extraCmdLineOptions = mkOption {
|
|
||||||
description = ''
|
|
||||||
Extra command line options for Mesos Master.
|
|
||||||
|
|
||||||
See https://mesos.apache.org/documentation/latest/configuration/
|
|
||||||
'';
|
|
||||||
default = [ "" ];
|
|
||||||
type = types.listOf types.str;
|
|
||||||
example = [ "--credentials=VALUE" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
quorum = mkOption {
|
|
||||||
description = ''
|
|
||||||
The size of the quorum of replicas when using 'replicated_log' based
|
|
||||||
registry. It is imperative to set this value to be a majority of
|
|
||||||
masters i.e., quorum > (number of masters)/2.
|
|
||||||
|
|
||||||
If 0 will fall back to --registry=in_memory.
|
|
||||||
'';
|
|
||||||
default = 0;
|
|
||||||
type = types.int;
|
|
||||||
};
|
|
||||||
|
|
||||||
logLevel = mkOption {
|
|
||||||
description = ''
|
|
||||||
The logging level used. Possible values:
|
|
||||||
'INFO', 'WARNING', 'ERROR'
|
|
||||||
'';
|
|
||||||
default = "INFO";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
"d '${cfg.workDir}' 0700 - - - -"
|
|
||||||
];
|
|
||||||
systemd.services.mesos-master = {
|
|
||||||
description = "Mesos Master";
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" ];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = ''
|
|
||||||
${pkgs.mesos}/bin/mesos-master \
|
|
||||||
--ip=${cfg.ip} \
|
|
||||||
--port=${toString cfg.port} \
|
|
||||||
${optionalString (cfg.advertiseIp != null) "--advertise_ip=${cfg.advertiseIp}"} \
|
|
||||||
${optionalString (cfg.advertisePort != null) "--advertise_port=${toString cfg.advertisePort}"} \
|
|
||||||
${if cfg.quorum == 0
|
|
||||||
then "--registry=in_memory"
|
|
||||||
else "--zk=${cfg.zk} --registry=replicated_log --quorum=${toString cfg.quorum}"} \
|
|
||||||
--work_dir=${cfg.workDir} \
|
|
||||||
--logging_level=${cfg.logLevel} \
|
|
||||||
${toString cfg.extraCmdLineOptions}
|
|
||||||
'';
|
|
||||||
Restart = "on-failure";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -1,220 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.services.mesos.slave;
|
|
||||||
|
|
||||||
mkAttributes =
|
|
||||||
attrs: concatStringsSep ";" (mapAttrsToList
|
|
||||||
(k: v: "${k}:${v}")
|
|
||||||
(filterAttrs (k: v: v != null) attrs));
|
|
||||||
attribsArg = optionalString (cfg.attributes != {})
|
|
||||||
"--attributes=${mkAttributes cfg.attributes}";
|
|
||||||
|
|
||||||
containerizersArg = concatStringsSep "," (
|
|
||||||
lib.unique (
|
|
||||||
cfg.containerizers ++ (optional cfg.withDocker "docker")
|
|
||||||
)
|
|
||||||
);
|
|
||||||
|
|
||||||
imageProvidersArg = concatStringsSep "," (
|
|
||||||
lib.unique (
|
|
||||||
cfg.imageProviders ++ (optional cfg.withDocker "docker")
|
|
||||||
)
|
|
||||||
);
|
|
||||||
|
|
||||||
isolationArg = concatStringsSep "," (
|
|
||||||
lib.unique (
|
|
||||||
cfg.isolation ++ (optionals cfg.withDocker [ "filesystem/linux" "docker/runtime"])
|
|
||||||
)
|
|
||||||
);
|
|
||||||
|
|
||||||
in {
|
|
||||||
|
|
||||||
options.services.mesos = {
|
|
||||||
slave = {
|
|
||||||
enable = mkOption {
|
|
||||||
description = "Whether to enable the Mesos Slave.";
|
|
||||||
default = false;
|
|
||||||
type = types.bool;
|
|
||||||
};
|
|
||||||
|
|
||||||
ip = mkOption {
|
|
||||||
description = "IP address to listen on.";
|
|
||||||
default = "0.0.0.0";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
port = mkOption {
|
|
||||||
description = "Port to listen on.";
|
|
||||||
default = 5051;
|
|
||||||
type = types.int;
|
|
||||||
};
|
|
||||||
|
|
||||||
advertiseIp = mkOption {
|
|
||||||
description = "IP address advertised to reach this agent.";
|
|
||||||
default = null;
|
|
||||||
type = types.nullOr types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
advertisePort = mkOption {
|
|
||||||
description = "Port advertised to reach this agent.";
|
|
||||||
default = null;
|
|
||||||
type = types.nullOr types.int;
|
|
||||||
};
|
|
||||||
|
|
||||||
containerizers = mkOption {
|
|
||||||
description = ''
|
|
||||||
List of containerizer implementations to compose in order to provide
|
|
||||||
containerization. Available options are mesos and docker.
|
|
||||||
The order the containerizers are specified is the order they are tried.
|
|
||||||
'';
|
|
||||||
default = [ "mesos" ];
|
|
||||||
type = types.listOf types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
imageProviders = mkOption {
|
|
||||||
description = "List of supported image providers, e.g., APPC,DOCKER.";
|
|
||||||
default = [ ];
|
|
||||||
type = types.listOf types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
imageProvisionerBackend = mkOption {
|
|
||||||
description = ''
|
|
||||||
Strategy for provisioning container rootfs from images,
|
|
||||||
e.g., aufs, bind, copy, overlay.
|
|
||||||
'';
|
|
||||||
default = "copy";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
isolation = mkOption {
|
|
||||||
description = ''
|
|
||||||
Isolation mechanisms to use, e.g., posix/cpu,posix/mem, or
|
|
||||||
cgroups/cpu,cgroups/mem, or network/port_mapping, or `gpu/nvidia` for nvidia
|
|
||||||
specific gpu isolation.
|
|
||||||
'';
|
|
||||||
default = [ "posix/cpu" "posix/mem" ];
|
|
||||||
type = types.listOf types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
master = mkOption {
|
|
||||||
description = ''
|
|
||||||
May be one of:
|
|
||||||
zk://host1:port1,host2:port2,.../path
|
|
||||||
zk://username:password@host1:port1,host2:port2,.../path
|
|
||||||
'';
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
withHadoop = mkOption {
|
|
||||||
description = "Add the HADOOP_HOME to the slave.";
|
|
||||||
default = false;
|
|
||||||
type = types.bool;
|
|
||||||
};
|
|
||||||
|
|
||||||
withDocker = mkOption {
|
|
||||||
description = "Enable the docker containerizer.";
|
|
||||||
default = config.virtualisation.docker.enable;
|
|
||||||
type = types.bool;
|
|
||||||
};
|
|
||||||
|
|
||||||
dockerRegistry = mkOption {
|
|
||||||
description = ''
|
|
||||||
The default url for pulling Docker images.
|
|
||||||
It could either be a Docker registry server url,
|
|
||||||
or a local path in which Docker image archives are stored.
|
|
||||||
'';
|
|
||||||
default = null;
|
|
||||||
type = types.nullOr (types.either types.str types.path);
|
|
||||||
};
|
|
||||||
|
|
||||||
workDir = mkOption {
|
|
||||||
description = "The Mesos work directory.";
|
|
||||||
default = "/var/lib/mesos/slave";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
extraCmdLineOptions = mkOption {
|
|
||||||
description = ''
|
|
||||||
Extra command line options for Mesos Slave.
|
|
||||||
|
|
||||||
See https://mesos.apache.org/documentation/latest/configuration/
|
|
||||||
'';
|
|
||||||
default = [ "" ];
|
|
||||||
type = types.listOf types.str;
|
|
||||||
example = [ "--gc_delay=3days" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
logLevel = mkOption {
|
|
||||||
description = ''
|
|
||||||
The logging level used. Possible values:
|
|
||||||
'INFO', 'WARNING', 'ERROR'
|
|
||||||
'';
|
|
||||||
default = "INFO";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
attributes = mkOption {
|
|
||||||
description = ''
|
|
||||||
Machine attributes for the slave instance.
|
|
||||||
|
|
||||||
Use caution when changing this; you may need to manually reset slave
|
|
||||||
metadata before the slave can re-register.
|
|
||||||
'';
|
|
||||||
default = {};
|
|
||||||
type = types.attrsOf types.str;
|
|
||||||
example = { rack = "aa";
|
|
||||||
host = "aabc123";
|
|
||||||
os = "nixos"; };
|
|
||||||
};
|
|
||||||
|
|
||||||
executorEnvironmentVariables = mkOption {
|
|
||||||
description = ''
|
|
||||||
The environment variables that should be passed to the executor, and thus subsequently task(s).
|
|
||||||
'';
|
|
||||||
default = {
|
|
||||||
PATH = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin";
|
|
||||||
};
|
|
||||||
type = types.attrsOf types.str;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
"d '${cfg.workDir}' 0701 - - - -"
|
|
||||||
];
|
|
||||||
systemd.services.mesos-slave = {
|
|
||||||
description = "Mesos Slave";
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" ] ++ optionals cfg.withDocker [ "docker.service" ] ;
|
|
||||||
path = [ pkgs.runtimeShellPackage ];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = ''
|
|
||||||
${pkgs.mesos}/bin/mesos-slave \
|
|
||||||
--containerizers=${containerizersArg} \
|
|
||||||
--image_providers=${imageProvidersArg} \
|
|
||||||
--image_provisioner_backend=${cfg.imageProvisionerBackend} \
|
|
||||||
--isolation=${isolationArg} \
|
|
||||||
--ip=${cfg.ip} \
|
|
||||||
--port=${toString cfg.port} \
|
|
||||||
${optionalString (cfg.advertiseIp != null) "--advertise_ip=${cfg.advertiseIp}"} \
|
|
||||||
${optionalString (cfg.advertisePort != null) "--advertise_port=${toString cfg.advertisePort}"} \
|
|
||||||
--master=${cfg.master} \
|
|
||||||
--work_dir=${cfg.workDir} \
|
|
||||||
--logging_level=${cfg.logLevel} \
|
|
||||||
${attribsArg} \
|
|
||||||
${optionalString cfg.withHadoop "--hadoop-home=${pkgs.hadoop}"} \
|
|
||||||
${optionalString cfg.withDocker "--docker=${pkgs.docker}/libexec/docker/docker"} \
|
|
||||||
${optionalString (cfg.dockerRegistry != null) "--docker_registry=${cfg.dockerRegistry}"} \
|
|
||||||
--executor_environment_variables=${lib.escapeShellArg (builtins.toJSON cfg.executorEnvironmentVariables)} \
|
|
||||||
${toString cfg.extraCmdLineOptions}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
@ -1,54 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.services.chronos;
|
|
||||||
|
|
||||||
in {
|
|
||||||
|
|
||||||
###### interface
|
|
||||||
|
|
||||||
options.services.chronos = {
|
|
||||||
enable = mkOption {
|
|
||||||
description = "Whether to enable graphite web frontend.";
|
|
||||||
default = false;
|
|
||||||
type = types.bool;
|
|
||||||
};
|
|
||||||
|
|
||||||
httpPort = mkOption {
|
|
||||||
description = "Chronos listening port";
|
|
||||||
default = 4400;
|
|
||||||
type = types.int;
|
|
||||||
};
|
|
||||||
|
|
||||||
master = mkOption {
|
|
||||||
description = "Chronos mesos master zookeeper address";
|
|
||||||
default = "zk://${head cfg.zookeeperHosts}/mesos";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
zookeeperHosts = mkOption {
|
|
||||||
description = "Chronos mesos zookepper addresses";
|
|
||||||
default = [ "localhost:2181" ];
|
|
||||||
type = types.listOf types.str;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
###### implementation
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
systemd.services.chronos = {
|
|
||||||
description = "Chronos Service";
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" "zookeeper.service" ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${pkgs.chronos}/bin/chronos --master ${cfg.master} --zk_hosts ${concatStringsSep "," cfg.zookeeperHosts} --http_port ${toString cfg.httpPort}";
|
|
||||||
User = "chronos";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.chronos.uid = config.ids.uids.chronos;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,98 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
|
|
||||||
cfg = config.services.marathon;
|
|
||||||
|
|
||||||
in {
|
|
||||||
|
|
||||||
###### interface
|
|
||||||
|
|
||||||
options.services.marathon = {
|
|
||||||
enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description = ''
|
|
||||||
Whether to enable the marathon mesos framework.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
master = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "zk://${concatStringsSep "," cfg.zookeeperHosts}/mesos";
|
|
||||||
example = "zk://1.2.3.4:2181,2.3.4.5:2181,3.4.5.6:2181/mesos";
|
|
||||||
description = ''
|
|
||||||
Mesos master address. See <link xlink:href="https://mesosphere.github.io/marathon/docs/"/> for details.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
zookeeperHosts = mkOption {
|
|
||||||
type = types.listOf types.str;
|
|
||||||
default = [ "localhost:2181" ];
|
|
||||||
example = [ "1.2.3.4:2181" "2.3.4.5:2181" "3.4.5.6:2181" ];
|
|
||||||
description = ''
|
|
||||||
ZooKeeper hosts' addresses.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
user = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "marathon";
|
|
||||||
example = "root";
|
|
||||||
description = ''
|
|
||||||
The user that the Marathon framework will be launched as. If the user doesn't exist it will be created.
|
|
||||||
If you want to run apps that require root access or you want to launch apps using arbitrary users, that
|
|
||||||
is using the `--mesos_user` flag then you need to change this to `root`.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
httpPort = mkOption {
|
|
||||||
type = types.int;
|
|
||||||
default = 8080;
|
|
||||||
description = ''
|
|
||||||
Marathon listening port for HTTP connections.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
extraCmdLineOptions = mkOption {
|
|
||||||
type = types.listOf types.str;
|
|
||||||
default = [ ];
|
|
||||||
example = [ "--https_port=8443" "--zk_timeout=10000" "--marathon_store_timeout=2000" ];
|
|
||||||
description = ''
|
|
||||||
Extra command line options to pass to Marathon.
|
|
||||||
See <link xlink:href="https://mesosphere.github.io/marathon/docs/command-line-flags.html"/> for all possible flags.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
environment = mkOption {
|
|
||||||
default = { };
|
|
||||||
type = types.attrs;
|
|
||||||
example = { JAVA_OPTS = "-Xmx512m"; MESOSPHERE_HTTP_CREDENTIALS = "username:password"; };
|
|
||||||
description = ''
|
|
||||||
Environment variables passed to Marathon.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
###### implementation
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
systemd.services.marathon = {
|
|
||||||
description = "Marathon Service";
|
|
||||||
environment = cfg.environment;
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" "zookeeper.service" "mesos-master.service" "mesos-slave.service" ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${pkgs.marathon}/bin/marathon --master ${cfg.master} --zk zk://${concatStringsSep "," cfg.zookeeperHosts}/marathon --http_port ${toString cfg.httpPort} ${concatStringsSep " " cfg.extraCmdLineOptions}";
|
|
||||||
User = cfg.user;
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "2";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.${cfg.user}.isSystemUser = true;
|
|
||||||
};
|
|
||||||
}
|
|
@ -200,7 +200,6 @@ in
|
|||||||
matrix-synapse = handleTest ./matrix-synapse.nix {};
|
matrix-synapse = handleTest ./matrix-synapse.nix {};
|
||||||
mediawiki = handleTest ./mediawiki.nix {};
|
mediawiki = handleTest ./mediawiki.nix {};
|
||||||
memcached = handleTest ./memcached.nix {};
|
memcached = handleTest ./memcached.nix {};
|
||||||
mesos = handleTest ./mesos.nix {};
|
|
||||||
metabase = handleTest ./metabase.nix {};
|
metabase = handleTest ./metabase.nix {};
|
||||||
miniflux = handleTest ./miniflux.nix {};
|
miniflux = handleTest ./miniflux.nix {};
|
||||||
minio = handleTest ./minio.nix {};
|
minio = handleTest ./minio.nix {};
|
||||||
|
@ -1,92 +0,0 @@
|
|||||||
import ./make-test.nix ({ pkgs, ...} : rec {
|
|
||||||
name = "mesos";
|
|
||||||
meta = with pkgs.stdenv.lib.maintainers; {
|
|
||||||
maintainers = [ offline kamilchm cstrahan ];
|
|
||||||
};
|
|
||||||
|
|
||||||
nodes = {
|
|
||||||
master = { ... }: {
|
|
||||||
networking.firewall.enable = false;
|
|
||||||
services.zookeeper.enable = true;
|
|
||||||
services.mesos.master = {
|
|
||||||
enable = true;
|
|
||||||
zk = "zk://master:2181/mesos";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
slave = { ... }: {
|
|
||||||
networking.firewall.enable = false;
|
|
||||||
networking.nat.enable = true;
|
|
||||||
virtualisation.docker.enable = true;
|
|
||||||
services.mesos = {
|
|
||||||
slave = {
|
|
||||||
enable = true;
|
|
||||||
master = "master:5050";
|
|
||||||
dockerRegistry = registry;
|
|
||||||
executorEnvironmentVariables = {
|
|
||||||
PATH = "/run/current-system/sw/bin";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
simpleDocker = pkgs.dockerTools.buildImage {
|
|
||||||
name = "echo";
|
|
||||||
tag = "latest";
|
|
||||||
contents = [ pkgs.stdenv.shellPackage pkgs.coreutils ];
|
|
||||||
config = {
|
|
||||||
Env = [
|
|
||||||
# When shell=true, mesos invokes "sh -c '<cmd>'", so make sure "sh" is
|
|
||||||
# on the PATH.
|
|
||||||
"PATH=${pkgs.stdenv.shellPackage}/bin:${pkgs.coreutils}/bin"
|
|
||||||
];
|
|
||||||
Entrypoint = [ "echo" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
registry = pkgs.runCommand "registry" { } ''
|
|
||||||
mkdir -p $out
|
|
||||||
cp ${simpleDocker} $out/echo:latest.tar
|
|
||||||
'';
|
|
||||||
|
|
||||||
testFramework = pkgs.pythonPackages.buildPythonPackage {
|
|
||||||
name = "mesos-tests";
|
|
||||||
propagatedBuildInputs = [ pkgs.mesos ];
|
|
||||||
catchConflicts = false;
|
|
||||||
src = ./mesos_test.py;
|
|
||||||
phases = [ "installPhase" "fixupPhase" ];
|
|
||||||
installPhase = ''
|
|
||||||
install -Dvm 0755 $src $out/bin/mesos_test.py
|
|
||||||
|
|
||||||
echo "done" > test.result
|
|
||||||
tar czf $out/test.tar.gz test.result
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
testScript =
|
|
||||||
''
|
|
||||||
startAll;
|
|
||||||
$master->waitForUnit("zookeeper.service");
|
|
||||||
$master->waitForUnit("mesos-master.service");
|
|
||||||
$slave->waitForUnit("docker.service");
|
|
||||||
$slave->waitForUnit("mesos-slave.service");
|
|
||||||
$master->waitForOpenPort(2181);
|
|
||||||
$master->waitForOpenPort(5050);
|
|
||||||
$slave->waitForOpenPort(5051);
|
|
||||||
|
|
||||||
# is slave registered?
|
|
||||||
$master->waitUntilSucceeds("curl -s --fail http://master:5050/master/slaves".
|
|
||||||
" | grep -q \"\\\"hostname\\\":\\\"slave\\\"\"");
|
|
||||||
|
|
||||||
# try to run docker image
|
|
||||||
$master->succeed("${pkgs.mesos}/bin/mesos-execute --master=master:5050".
|
|
||||||
" --resources=\"cpus:0.1;mem:32\" --name=simple-docker".
|
|
||||||
" --containerizer=mesos --docker_image=echo:latest".
|
|
||||||
" --shell=true --command=\"echo done\" | grep -q TASK_FINISHED");
|
|
||||||
|
|
||||||
# simple command with .tar.gz uri
|
|
||||||
$master->succeed("${testFramework}/bin/mesos_test.py master ".
|
|
||||||
"${testFramework}/test.tar.gz");
|
|
||||||
'';
|
|
||||||
})
|
|
@ -1,72 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
import uuid
|
|
||||||
import time
|
|
||||||
import subprocess
|
|
||||||
import os
|
|
||||||
|
|
||||||
import sys
|
|
||||||
|
|
||||||
from mesos.interface import Scheduler
|
|
||||||
from mesos.native import MesosSchedulerDriver
|
|
||||||
from mesos.interface import mesos_pb2
|
|
||||||
|
|
||||||
def log(msg):
|
|
||||||
process = subprocess.Popen("systemd-cat", stdin=subprocess.PIPE)
|
|
||||||
(out,err) = process.communicate(msg)
|
|
||||||
|
|
||||||
class NixosTestScheduler(Scheduler):
|
|
||||||
def __init__(self):
|
|
||||||
self.master_ip = sys.argv[1]
|
|
||||||
self.download_uri = sys.argv[2]
|
|
||||||
|
|
||||||
def resourceOffers(self, driver, offers):
|
|
||||||
log("XXX got resource offer")
|
|
||||||
|
|
||||||
offer = offers[0]
|
|
||||||
task = self.new_task(offer)
|
|
||||||
uri = task.command.uris.add()
|
|
||||||
uri.value = self.download_uri
|
|
||||||
task.command.value = "cat test.result"
|
|
||||||
driver.launchTasks(offer.id, [task])
|
|
||||||
|
|
||||||
def statusUpdate(self, driver, update):
|
|
||||||
log("XXX status update")
|
|
||||||
if update.state == mesos_pb2.TASK_FAILED:
|
|
||||||
log("XXX test task failed with message: " + update.message)
|
|
||||||
driver.stop()
|
|
||||||
sys.exit(1)
|
|
||||||
elif update.state == mesos_pb2.TASK_FINISHED:
|
|
||||||
driver.stop()
|
|
||||||
sys.exit(0)
|
|
||||||
|
|
||||||
def new_task(self, offer):
|
|
||||||
task = mesos_pb2.TaskInfo()
|
|
||||||
id = uuid.uuid4()
|
|
||||||
task.task_id.value = str(id)
|
|
||||||
task.slave_id.value = offer.slave_id.value
|
|
||||||
task.name = "task {}".format(str(id))
|
|
||||||
|
|
||||||
cpus = task.resources.add()
|
|
||||||
cpus.name = "cpus"
|
|
||||||
cpus.type = mesos_pb2.Value.SCALAR
|
|
||||||
cpus.scalar.value = 0.1
|
|
||||||
|
|
||||||
mem = task.resources.add()
|
|
||||||
mem.name = "mem"
|
|
||||||
mem.type = mesos_pb2.Value.SCALAR
|
|
||||||
mem.scalar.value = 32
|
|
||||||
|
|
||||||
return task
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
log("XXX framework started")
|
|
||||||
|
|
||||||
framework = mesos_pb2.FrameworkInfo()
|
|
||||||
framework.user = "root"
|
|
||||||
framework.name = "nixos-test-framework"
|
|
||||||
driver = MesosSchedulerDriver(
|
|
||||||
NixosTestScheduler(),
|
|
||||||
framework,
|
|
||||||
sys.argv[1] + ":5050"
|
|
||||||
)
|
|
||||||
driver.run()
|
|
@ -1,14 +0,0 @@
|
|||||||
{stdenv, curl}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
name = "chronos-maven-deps";
|
|
||||||
builder = ./fetch-chronos-deps.sh;
|
|
||||||
|
|
||||||
outputHashAlgo = "sha256";
|
|
||||||
outputHashMode = "recursive";
|
|
||||||
outputHash = "0mm2sb1p5zz6b0z2s4zhdlix6fafydsxmqjy8zbkwzw4f6lazzyl";
|
|
||||||
|
|
||||||
nativeBuildInputs = [ curl ];
|
|
||||||
|
|
||||||
impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars;
|
|
||||||
}
|
|
@ -1,39 +0,0 @@
|
|||||||
{ stdenv, lib, makeWrapper, fetchgit, curl, jdk, maven, nodejs, mesos }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
pname = "chronos";
|
|
||||||
version = "286b2ccb8e4695f8e413406ceca85b60d3a87e22";
|
|
||||||
|
|
||||||
src = fetchgit {
|
|
||||||
url = "https://github.com/airbnb/chronos";
|
|
||||||
rev = version;
|
|
||||||
sha256 = "0hrln3ad2g2cq2xqmy5mq32cdxxb9vb6v6jp6kcq03f8km6v3g9c";
|
|
||||||
};
|
|
||||||
|
|
||||||
buildInputs = [ makeWrapper curl jdk maven nodejs mesos ];
|
|
||||||
|
|
||||||
mavenRepo = import ./chronos-deps.nix { inherit stdenv curl; };
|
|
||||||
|
|
||||||
buildPhase = ''
|
|
||||||
ln -s $mavenRepo .m2
|
|
||||||
mvn package -Dmaven.repo.local=$(pwd)/.m2
|
|
||||||
'';
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/{bin,libexec/chronos}
|
|
||||||
cp target/chronos*.jar $out/libexec/chronos/${pname}-${version}.jar
|
|
||||||
|
|
||||||
makeWrapper ${jdk.jre}/bin/java $out/bin/chronos \
|
|
||||||
--add-flags "-Xmx384m -Xms384m -cp $out/libexec/chronos/${pname}-${version}.jar com.airbnb.scheduler.Main" \
|
|
||||||
--prefix "MESOS_NATIVE_LIBRARY" : "$MESOS_NATIVE_LIBRARY"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "http://airbnb.github.io/chronos";
|
|
||||||
license = licenses.asl20;
|
|
||||||
description = "Fault tolerant job scheduler for Mesos which handles dependencies and ISO8601 based schedules";
|
|
||||||
maintainers = with maintainers; [ offline ];
|
|
||||||
platforms = platforms.unix;
|
|
||||||
broken = true; # doesn't build https://hydra.nixos.org/build/25768319
|
|
||||||
};
|
|
||||||
}
|
|
File diff suppressed because it is too large
Load Diff
@ -1,30 +0,0 @@
|
|||||||
{ stdenv, makeWrapper, jdk, mesos, fetchurl }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
pname = "marathon";
|
|
||||||
version = "1.4.2";
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://downloads.mesosphere.com/marathon/v${version}/marathon-${version}.tgz";
|
|
||||||
sha256 = "6eab65a95c87a989e922aca2b49ba872b50a94e46a8fd4831d1ab41f319d6932";
|
|
||||||
};
|
|
||||||
|
|
||||||
buildInputs = [ makeWrapper jdk mesos ];
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/{bin,libexec/marathon}
|
|
||||||
cp target/scala-*/marathon*.jar $out/libexec/marathon/${pname}-${version}.jar
|
|
||||||
|
|
||||||
makeWrapper ${jdk.jre}/bin/java $out/bin/marathon \
|
|
||||||
--add-flags "-Xmx512m -jar $out/libexec/marathon/${pname}-${version}.jar" \
|
|
||||||
--set "MESOS_NATIVE_JAVA_LIBRARY" "$MESOS_NATIVE_JAVA_LIBRARY"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
|
||||||
homepage = "https://mesosphere.github.io/marathon";
|
|
||||||
description = "Cluster-wide init and control system for services in cgroups or Docker containers";
|
|
||||||
license = licenses.asl20;
|
|
||||||
maintainers = with maintainers; [ kamilchm pradeepchhetri ];
|
|
||||||
platforms = platforms.linux;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,263 +0,0 @@
|
|||||||
{ stdenv, lib, makeWrapper, fetchurl, curl, sasl, openssh
|
|
||||||
, unzip, gnutar, jdk, python, wrapPython
|
|
||||||
, setuptools, boto, pythonProtobuf, apr, subversion, gzip
|
|
||||||
, leveldb, glog, perf, utillinux, libnl, iproute, openssl, libevent
|
|
||||||
, ethtool, coreutils, which, iptables, maven
|
|
||||||
, bash, autoreconfHook
|
|
||||||
, utf8proc, lz4
|
|
||||||
, withJava ? !stdenv.isDarwin
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
mavenRepo = import ./mesos-deps.nix { inherit stdenv curl; };
|
|
||||||
# `tar -z` requires gzip on $PATH, so wrap tar.
|
|
||||||
# At some point, we should try to patch mesos so we add gzip to the PATH when
|
|
||||||
# tar is invoked. I think that only needs to be done here:
|
|
||||||
# src/common/command_utils.cpp
|
|
||||||
# https://github.com/NixOS/nixpkgs/issues/13783
|
|
||||||
tarWithGzip = lib.overrideDerivation gnutar (oldAttrs: {
|
|
||||||
# Original builder is bash 4.3.42 from bootstrap tools, too old for makeWrapper.
|
|
||||||
builder = "${bash}/bin/bash";
|
|
||||||
buildInputs = (oldAttrs.buildInputs or []) ++ [ makeWrapper ];
|
|
||||||
postInstall = (oldAttrs.postInstall or "") + ''
|
|
||||||
wrapProgram $out/bin/tar --prefix PATH ":" "${gzip}/bin"
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
|
|
||||||
in stdenv.mkDerivation rec {
|
|
||||||
version = "1.4.1";
|
|
||||||
pname = "mesos";
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
|
||||||
dontDisableStatic = true;
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "mirror://apache/mesos/${version}/${pname}-${version}.tar.gz";
|
|
||||||
sha256 = "1c7l0rim9ija913gpppz2mcms08ywyqhlzbbspqsi7wwfdd7jwsr";
|
|
||||||
};
|
|
||||||
|
|
||||||
patches = [
|
|
||||||
# https://reviews.apache.org/r/36610/
|
|
||||||
# TODO: is this still needed?
|
|
||||||
./rb36610.patch
|
|
||||||
|
|
||||||
# see https://github.com/cstrahan/mesos/tree/nixos-${version}
|
|
||||||
./nixos.patch
|
|
||||||
];
|
|
||||||
nativeBuildInputs = [
|
|
||||||
autoreconfHook
|
|
||||||
];
|
|
||||||
buildInputs = [
|
|
||||||
makeWrapper curl sasl
|
|
||||||
python wrapPython boto setuptools leveldb
|
|
||||||
subversion apr glog openssl libevent
|
|
||||||
utf8proc lz4
|
|
||||||
] ++ lib.optionals stdenv.isLinux [
|
|
||||||
libnl
|
|
||||||
] ++ lib.optionals withJava [
|
|
||||||
jdk maven
|
|
||||||
];
|
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
|
||||||
pythonProtobuf
|
|
||||||
];
|
|
||||||
|
|
||||||
NIX_CFLAGS_COMPILE = "-Wno-error=format-overflow -Wno-error=class-memaccess";
|
|
||||||
|
|
||||||
preConfigure = ''
|
|
||||||
# https://issues.apache.org/jira/browse/MESOS-6616
|
|
||||||
configureFlagsArray+=(
|
|
||||||
"CXXFLAGS=-O2 -Wno-error=strict-aliasing"
|
|
||||||
)
|
|
||||||
|
|
||||||
substituteInPlace 3rdparty/stout/include/stout/jsonify.hpp \
|
|
||||||
--replace '<xlocale.h>' '<locale.h>'
|
|
||||||
# Fix cases where makedev(),major(),minor() are referenced through
|
|
||||||
# <sys/types.h> instead of <sys/sysmacros.h>
|
|
||||||
sed 1i'#include <sys/sysmacros.h>' -i src/linux/fs.cpp
|
|
||||||
sed 1i'#include <sys/sysmacros.h>' -i src/slave/containerizer/mesos/isolators/gpu/isolator.cpp
|
|
||||||
substituteInPlace 3rdparty/stout/include/stout/os/posix/chown.hpp \
|
|
||||||
--subst-var-by chown ${coreutils}/bin/chown
|
|
||||||
|
|
||||||
substituteInPlace 3rdparty/stout/Makefile.am \
|
|
||||||
--replace "-lprotobuf" \
|
|
||||||
"${pythonProtobuf.protobuf}/lib/libprotobuf.a"
|
|
||||||
|
|
||||||
substituteInPlace 3rdparty/stout/include/stout/os/posix/fork.hpp \
|
|
||||||
--subst-var-by sh ${bash}/bin/bash
|
|
||||||
|
|
||||||
substituteInPlace 3rdparty/stout/include/stout/posix/os.hpp \
|
|
||||||
--subst-var-by tar ${tarWithGzip}/bin/tar
|
|
||||||
|
|
||||||
substituteInPlace src/cli/mesos-scp \
|
|
||||||
--subst-var-by scp ${openssh}/bin/scp
|
|
||||||
|
|
||||||
substituteInPlace src/common/command_utils.cpp \
|
|
||||||
--subst-var-by curl ${curl}/bin/curl \
|
|
||||||
--subst-var-by gzip ${gzip}/bin/gzip \
|
|
||||||
--subst-var-by sha512sum ${coreutils}/bin/sha512sum \
|
|
||||||
--subst-var-by tar ${tarWithGzip}/bin/tar
|
|
||||||
|
|
||||||
substituteInPlace src/launcher/fetcher.cpp \
|
|
||||||
--subst-var-by cp ${coreutils}/bin/cp \
|
|
||||||
--subst-var-by gzip ${gzip}/bin/gzip \
|
|
||||||
--subst-var-by tar ${tarWithGzip}/bin/tar \
|
|
||||||
--subst-var-by unzip ${unzip}/bin/unzip
|
|
||||||
|
|
||||||
substituteInPlace src/python/cli/src/mesos/cli.py \
|
|
||||||
--subst-var-by mesos-resolve $out/bin/mesos-resolve
|
|
||||||
|
|
||||||
substituteInPlace src/python/native_common/ext_modules.py.in \
|
|
||||||
--replace "-lprotobuf" \
|
|
||||||
"${pythonProtobuf.protobuf}/lib/libprotobuf.a"
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/gpu/volume.cpp \
|
|
||||||
--subst-var-by cp ${coreutils}/bin/cp \
|
|
||||||
--subst-var-by which ${which}/bin/which
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/posix/disk.cpp \
|
|
||||||
--subst-var-by du ${coreutils}/bin/du
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/provisioner/backends/copy.cpp \
|
|
||||||
--subst-var-by cp ${coreutils}/bin/cp \
|
|
||||||
--subst-var-by rm ${coreutils}/bin/rm
|
|
||||||
|
|
||||||
substituteInPlace src/uri/fetchers/copy.cpp \
|
|
||||||
--subst-var-by cp ${coreutils}/bin/cp
|
|
||||||
|
|
||||||
substituteInPlace src/uri/fetchers/curl.cpp \
|
|
||||||
--subst-var-by curl ${curl}/bin/curl
|
|
||||||
|
|
||||||
substituteInPlace src/uri/fetchers/docker.cpp \
|
|
||||||
--subst-var-by curl ${curl}/bin/curl
|
|
||||||
|
|
||||||
substituteInPlace src/Makefile.am \
|
|
||||||
--subst-var-by mavenRepo ${mavenRepo} \
|
|
||||||
--replace "-lprotobuf" \
|
|
||||||
"${pythonProtobuf.protobuf}/lib/libprotobuf.a"
|
|
||||||
|
|
||||||
'' + lib.optionalString stdenv.isLinux ''
|
|
||||||
|
|
||||||
substituteInPlace src/linux/perf.cpp \
|
|
||||||
--subst-var-by perf ${perf}/bin/perf
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/filesystem/linux.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/filesystem/shared.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/gpu/isolator.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/namespaces/pid.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/network/cni/cni.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp \
|
|
||||||
--subst-var-by iptables ${iptables}/bin/iptables
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/network/port_mapping.cpp \
|
|
||||||
--subst-var-by ethtool ${ethtool}/sbin/ethtool \
|
|
||||||
--subst-var-by ip ${iproute}/bin/ip \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount \
|
|
||||||
--subst-var-by tc ${iproute}/bin/tc
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/volume/image.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
|
|
||||||
substituteInPlace src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp \
|
|
||||||
--subst-var-by mount ${utillinux}/bin/mount
|
|
||||||
'';
|
|
||||||
|
|
||||||
configureFlags = [
|
|
||||||
"--sbindir=\${out}/bin"
|
|
||||||
"--with-apr=${apr.dev}"
|
|
||||||
"--with-svn=${subversion.dev}"
|
|
||||||
"--with-leveldb=${leveldb}"
|
|
||||||
"--with-glog=${glog}"
|
|
||||||
"--enable-optimize"
|
|
||||||
"--disable-python-dependency-install"
|
|
||||||
"--enable-ssl"
|
|
||||||
"--with-ssl=${openssl.dev}"
|
|
||||||
"--enable-libevent"
|
|
||||||
"--with-libevent=${libevent.dev}"
|
|
||||||
"--with-protobuf=${pythonProtobuf.protobuf}"
|
|
||||||
"PROTOBUF_JAR=${mavenRepo}/com/google/protobuf/protobuf-java/3.3.0/protobuf-java-3.3.0.jar"
|
|
||||||
(if withJava then "--enable-java" else "--disable-java")
|
|
||||||
] ++ lib.optionals stdenv.isLinux [
|
|
||||||
"--with-network-isolator"
|
|
||||||
"--with-nl=${libnl.dev}"
|
|
||||||
];
|
|
||||||
|
|
||||||
postInstall = ''
|
|
||||||
rm -rf $out/var
|
|
||||||
rm $out/bin/*.sh
|
|
||||||
|
|
||||||
# Inspired by: pkgs/development/python-modules/generic/default.nix
|
|
||||||
pushd src/python
|
|
||||||
mkdir -p $out/lib/${python.libPrefix}/site-packages
|
|
||||||
export PYTHONPATH="$out/lib/${python.libPrefix}/site-packages:$PYTHONPATH"
|
|
||||||
${python}/bin/${python.executable} setup.py install \
|
|
||||||
--install-lib=$out/lib/${python.libPrefix}/site-packages \
|
|
||||||
--old-and-unmanageable \
|
|
||||||
--prefix="$out"
|
|
||||||
rm -f "$out/lib/${python.libPrefix}"/site-packages/site.py*
|
|
||||||
popd
|
|
||||||
|
|
||||||
# optional python dependency for mesos cli
|
|
||||||
pushd src/python/cli
|
|
||||||
${python}/bin/${python.executable} setup.py install \
|
|
||||||
--install-lib=$out/lib/${python.libPrefix}/site-packages \
|
|
||||||
--old-and-unmanageable \
|
|
||||||
--prefix="$out"
|
|
||||||
popd
|
|
||||||
'' + stdenv.lib.optionalString withJava ''
|
|
||||||
mkdir -p $out/share/java
|
|
||||||
cp src/java/target/mesos-*.jar $out/share/java
|
|
||||||
|
|
||||||
MESOS_NATIVE_JAVA_LIBRARY=$out/lib/libmesos${stdenv.hostPlatform.extensions.sharedLibrary}
|
|
||||||
|
|
||||||
mkdir -p $out/nix-support
|
|
||||||
touch $out/nix-support/setup-hook
|
|
||||||
echo "export MESOS_NATIVE_JAVA_LIBRARY=$MESOS_NATIVE_JAVA_LIBRARY" >> $out/nix-support/setup-hook
|
|
||||||
echo "export MESOS_NATIVE_LIBRARY=$MESOS_NATIVE_JAVA_LIBRARY" >> $out/nix-support/setup-hook
|
|
||||||
'';
|
|
||||||
|
|
||||||
postFixup = ''
|
|
||||||
if test -e $out/nix-support/propagated-build-inputs; then
|
|
||||||
ln -s $out/nix-support/propagated-build-inputs $out/nix-support/propagated-user-env-packages
|
|
||||||
fi
|
|
||||||
|
|
||||||
for inputsfile in propagated-build-inputs propagated-native-build-inputs; do
|
|
||||||
if test -e $out/nix-support/$inputsfile; then
|
|
||||||
createBuildInputsPth $inputsfile "$(cat $out/nix-support/$inputsfile)"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
for f in $out/libexec/mesos/python/mesos/*.py; do
|
|
||||||
${python}/bin/${python.executable} -c "import py_compile; py_compile.compile('$f')"
|
|
||||||
done
|
|
||||||
|
|
||||||
# wrap the python programs
|
|
||||||
for prog in mesos-cat mesos-ps mesos-scp mesos-tail; do
|
|
||||||
wrapProgram "$out/bin/$prog" \
|
|
||||||
--prefix PYTHONPATH ":" "$out/lib/${python.libPrefix}/site-packages"
|
|
||||||
true
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "http://mesos.apache.org";
|
|
||||||
license = licenses.asl20;
|
|
||||||
description = "A cluster manager that provides efficient resource isolation and sharing across distributed applications, or frameworks";
|
|
||||||
maintainers = with maintainers; [ cstrahan offline ];
|
|
||||||
platforms = platforms.unix;
|
|
||||||
broken = true; # Broken since 2019-10-22 (https://hydra.nixos.org/build/115475123)
|
|
||||||
};
|
|
||||||
}
|
|
File diff suppressed because it is too large
Load Diff
@ -1,14 +0,0 @@
|
|||||||
{stdenv, curl}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
name = "mesos-maven-deps";
|
|
||||||
builder = ./fetch-mesos-deps.sh;
|
|
||||||
|
|
||||||
outputHashAlgo = "sha256";
|
|
||||||
outputHashMode = "recursive";
|
|
||||||
outputHash = "10h0qs7svw0cqjkyxs8z6s3qraa8ga920zfrr59rdlanbwg4klly";
|
|
||||||
|
|
||||||
nativeBuildInputs = [ curl ];
|
|
||||||
|
|
||||||
impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars;
|
|
||||||
}
|
|
@ -1,731 +0,0 @@
|
|||||||
diff --git i/3rdparty/stout/include/stout/os/posix/fork.hpp w/3rdparty/stout/include/stout/os/posix/fork.hpp
|
|
||||||
index a29967d..290b98b 100644
|
|
||||||
--- i/3rdparty/stout/include/stout/os/posix/fork.hpp
|
|
||||||
+++ w/3rdparty/stout/include/stout/os/posix/fork.hpp
|
|
||||||
@@ -369,7 +369,7 @@ private:
|
|
||||||
if (exec.isSome()) {
|
|
||||||
// Execute the command (via '/bin/sh -c command').
|
|
||||||
const char* command = exec.get().command.c_str();
|
|
||||||
- execlp("sh", "sh", "-c", command, (char*) nullptr);
|
|
||||||
+ execlp("@sh@", "sh", "-c", command, (char*) nullptr);
|
|
||||||
EXIT(EXIT_FAILURE)
|
|
||||||
<< "Failed to execute '" << command << "': " << os::strerror(errno);
|
|
||||||
} else if (wait.isSome()) {
|
|
||||||
diff --git i/3rdparty/stout/include/stout/posix/os.hpp w/3rdparty/stout/include/stout/posix/os.hpp
|
|
||||||
index 8511dfd..1e7be01 100644
|
|
||||||
--- i/3rdparty/stout/include/stout/posix/os.hpp
|
|
||||||
+++ w/3rdparty/stout/include/stout/posix/os.hpp
|
|
||||||
@@ -366,7 +366,7 @@ inline Try<std::set<pid_t>> pids(Option<pid_t> group, Option<pid_t> session)
|
|
||||||
inline Try<Nothing> tar(const std::string& path, const std::string& archive)
|
|
||||||
{
|
|
||||||
Try<std::string> tarOut =
|
|
||||||
- os::shell("tar %s %s %s", "-czf", archive.c_str(), path.c_str());
|
|
||||||
+ os::shell("@tar@ %s %s %s", "-czf", archive.c_str(), path.c_str());
|
|
||||||
|
|
||||||
if (tarOut.isError()) {
|
|
||||||
return Error("Failed to archive " + path + ": " + tarOut.error());
|
|
||||||
diff --git i/src/Makefile.am w/src/Makefile.am
|
|
||||||
index 68fff14..c572f92 100644
|
|
||||||
--- i/src/Makefile.am
|
|
||||||
+++ w/src/Makefile.am
|
|
||||||
@@ -1775,7 +1775,7 @@ if HAS_JAVA
|
|
||||||
|
|
||||||
$(MESOS_JAR): $(MESOS_JAR_SOURCE) $(MESOS_JAR_GENERATED) java/mesos.pom
|
|
||||||
@echo "Building mesos-$(PACKAGE_VERSION).jar ..."
|
|
||||||
- @cd $(abs_top_builddir)/src/java && $(MVN) -B -f mesos.pom clean package
|
|
||||||
+ @cd $(abs_top_builddir)/src/java && $(MVN) -B -f mesos.pom -Dmaven.repo.local=@mavenRepo@ clean package
|
|
||||||
|
|
||||||
# Convenience library for JNI bindings.
|
|
||||||
# TODO(Charles Reiss): We really should be building the Java library
|
|
||||||
diff --git i/src/cli/mesos-scp w/src/cli/mesos-scp
|
|
||||||
index a71ab07..1043d1b 100755
|
|
||||||
--- i/src/cli/mesos-scp
|
|
||||||
+++ w/src/cli/mesos-scp
|
|
||||||
@@ -19,7 +19,8 @@ if sys.version_info < (2,6,0):
|
|
||||||
|
|
||||||
|
|
||||||
def scp(host, src, dst):
|
|
||||||
- cmd = 'scp -pr %s %s' % (src, host + ':' + dst)
|
|
||||||
+ cmd = '@scp@ -pr %s %s' % (src, host + ':' + dst)
|
|
||||||
+
|
|
||||||
try:
|
|
||||||
process = subprocess.Popen(
|
|
||||||
cmd,
|
|
||||||
diff --git i/src/common/command_utils.cpp w/src/common/command_utils.cpp
|
|
||||||
index c50be76..388cc53 100644
|
|
||||||
--- i/src/common/command_utils.cpp
|
|
||||||
+++ w/src/common/command_utils.cpp
|
|
||||||
@@ -142,7 +142,7 @@ Future<Nothing> tar(
|
|
||||||
|
|
||||||
argv.emplace_back(input);
|
|
||||||
|
|
||||||
- return launch("tar", argv)
|
|
||||||
+ return launch("@tar@", argv)
|
|
||||||
.then([]() { return Nothing(); });
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -164,7 +164,7 @@ Future<Nothing> untar(
|
|
||||||
argv.emplace_back(directory.get());
|
|
||||||
}
|
|
||||||
|
|
||||||
- return launch("tar", argv)
|
|
||||||
+ return launch("@tar@", argv)
|
|
||||||
.then([]() { return Nothing(); });
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -172,7 +172,7 @@ Future<Nothing> untar(
|
|
||||||
Future<string> sha512(const Path& input)
|
|
||||||
{
|
|
||||||
#ifdef __linux__
|
|
||||||
- const string cmd = "sha512sum";
|
|
||||||
+ const string cmd = "@sha512sum@";
|
|
||||||
vector<string> argv = {
|
|
||||||
cmd,
|
|
||||||
input // Input file to compute shasum.
|
|
||||||
@@ -208,7 +208,7 @@ Future<Nothing> gzip(const Path& input)
|
|
||||||
input
|
|
||||||
};
|
|
||||||
|
|
||||||
- return launch("gzip", argv)
|
|
||||||
+ return launch("@gzip@", argv)
|
|
||||||
.then([]() { return Nothing(); });
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -221,7 +221,7 @@ Future<Nothing> decompress(const Path& input)
|
|
||||||
input
|
|
||||||
};
|
|
||||||
|
|
||||||
- return launch("gzip", argv)
|
|
||||||
+ return launch("@gzip@", argv)
|
|
||||||
.then([]() { return Nothing(); });
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git i/src/launcher/fetcher.cpp w/src/launcher/fetcher.cpp
|
|
||||||
index 42980f5..3aebeed 100644
|
|
||||||
--- i/src/launcher/fetcher.cpp
|
|
||||||
+++ w/src/launcher/fetcher.cpp
|
|
||||||
@@ -80,17 +80,17 @@ static Try<bool> extract(
|
|
||||||
strings::endsWith(sourcePath, ".tar.bz2") ||
|
|
||||||
strings::endsWith(sourcePath, ".txz") ||
|
|
||||||
strings::endsWith(sourcePath, ".tar.xz")) {
|
|
||||||
- command = {"tar", "-C", destinationDirectory, "-xf", sourcePath};
|
|
||||||
+ command = {"@tar@", "-C", destinationDirectory, "-xf", sourcePath};
|
|
||||||
} else if (strings::endsWith(sourcePath, ".gz")) {
|
|
||||||
string pathWithoutExtension = sourcePath.substr(0, sourcePath.length() - 3);
|
|
||||||
string filename = Path(pathWithoutExtension).basename();
|
|
||||||
string destinationPath = path::join(destinationDirectory, filename);
|
|
||||||
|
|
||||||
- command = {"gunzip", "-d", "-c"};
|
|
||||||
+ command = {"@gunzip@", "-d", "-c"};
|
|
||||||
in = Subprocess::PATH(sourcePath);
|
|
||||||
out = Subprocess::PATH(destinationPath);
|
|
||||||
} else if (strings::endsWith(sourcePath, ".zip")) {
|
|
||||||
- command = {"unzip", "-o", "-d", destinationDirectory, sourcePath};
|
|
||||||
+ command = {"@unzip@", "-o", "-d", destinationDirectory, sourcePath};
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
@@ -193,7 +193,7 @@ static Try<string> copyFile(
|
|
||||||
const string& sourcePath,
|
|
||||||
const string& destinationPath)
|
|
||||||
{
|
|
||||||
- int status = os::spawn("cp", {"cp", sourcePath, destinationPath});
|
|
||||||
+ int status = os::spawn("cp", {"@cp@", sourcePath, destinationPath});
|
|
||||||
|
|
||||||
if (status == -1) {
|
|
||||||
return ErrnoError("Failed to copy '" + sourcePath + "'");
|
|
||||||
diff --git i/src/linux/perf.cpp w/src/linux/perf.cpp
|
|
||||||
index b301e25..356a2cf 100644
|
|
||||||
--- i/src/linux/perf.cpp
|
|
||||||
+++ w/src/linux/perf.cpp
|
|
||||||
@@ -128,7 +128,7 @@ private:
|
|
||||||
// NOTE: The supervisor childhook places perf in its own process group
|
|
||||||
// and will kill the perf process when the parent dies.
|
|
||||||
Try<Subprocess> _perf = subprocess(
|
|
||||||
- "perf",
|
|
||||||
+ "@perf@",
|
|
||||||
argv,
|
|
||||||
Subprocess::PIPE(),
|
|
||||||
Subprocess::PIPE(),
|
|
||||||
diff --git i/src/linux/systemd.cpp w/src/linux/systemd.cpp
|
|
||||||
index 6318f48..394d88d 100644
|
|
||||||
--- i/src/linux/systemd.cpp
|
|
||||||
+++ w/src/linux/systemd.cpp
|
|
||||||
@@ -196,13 +196,21 @@ bool exists()
|
|
||||||
// This is static as the init system should not change while we are running.
|
|
||||||
static const bool exists = []() -> bool {
|
|
||||||
// (1) Test whether `/sbin/init` links to systemd.
|
|
||||||
- const Result<string> realpath = os::realpath("/sbin/init");
|
|
||||||
- if (realpath.isError() || realpath.isNone()) {
|
|
||||||
- LOG(WARNING) << "Failed to test /sbin/init for systemd environment: "
|
|
||||||
- << (realpath.isError() ? realpath.error()
|
|
||||||
- : "does not exist");
|
|
||||||
-
|
|
||||||
- return false;
|
|
||||||
+ // cstrahan(nixos): first assume we're on NixOS, then try non-NixOS
|
|
||||||
+ Result<string> realpath = os::realpath("/run/current-system/systemd/lib/systemd/systemd");
|
|
||||||
+ Result<string> realpathNixOS = realpath;
|
|
||||||
+ if (realpathNixOS.isError() || realpathNixOS.isNone()) {
|
|
||||||
+ Result<string> realpathNonNixOS = realpath = os::realpath("/sbin/init");
|
|
||||||
+ if (realpathNonNixOS.isError() || realpathNonNixOS.isNone()) {
|
|
||||||
+ LOG(WARNING) << "Failed to test /run/current-system/systemd/lib/systemd/systemd for systemd environment: "
|
|
||||||
+ << (realpathNixOS.isError() ? realpathNixOS.error()
|
|
||||||
+ : "does not exist");
|
|
||||||
+ LOG(WARNING) << "Failed to test /sbin/init for systemd environment: "
|
|
||||||
+ << (realpathNonNixOS.isError() ? realpathNonNixOS.error()
|
|
||||||
+ : "does not exist");
|
|
||||||
+
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
|
|
||||||
CHECK_SOME(realpath);
|
|
||||||
@@ -278,6 +286,10 @@ Path hierarchy()
|
|
||||||
|
|
||||||
Try<Nothing> daemonReload()
|
|
||||||
{
|
|
||||||
+ // cstrahan(nixos): should we patch these `systemctl`s?
|
|
||||||
+ // probably don't want to hard-code a particular systemd store path here,
|
|
||||||
+ // but if we use /run/current-system/sw/bin/systemctl,
|
|
||||||
+ // we won't be able to support non-NixOS distros.
|
|
||||||
Try<string> daemonReload = os::shell("systemctl daemon-reload");
|
|
||||||
if (daemonReload.isError()) {
|
|
||||||
return Error("Failed to reload systemd daemon: " + daemonReload.error());
|
|
||||||
diff --git i/src/python/cli/src/mesos/cli.py w/src/python/cli/src/mesos/cli.py
|
|
||||||
index 4a9b558..c08a8b9 100644
|
|
||||||
--- i/src/python/cli/src/mesos/cli.py
|
|
||||||
+++ w/src/python/cli/src/mesos/cli.py
|
|
||||||
@@ -40,7 +40,7 @@ def resolve(master):
|
|
||||||
import subprocess
|
|
||||||
|
|
||||||
process = subprocess.Popen(
|
|
||||||
- ['mesos-resolve', master],
|
|
||||||
+ ['@mesos-resolve@', master],
|
|
||||||
stdin=None,
|
|
||||||
stdout=subprocess.PIPE,
|
|
||||||
stderr=subprocess.PIPE,
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp w/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
|
|
||||||
index 5b630c1..d63ad69 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
|
|
||||||
@@ -499,7 +499,7 @@ Future<Option<ContainerLaunchInfo>> DockerVolumeIsolatorProcess::_prepare(
|
|
||||||
// unsafe arbitrary commands).
|
|
||||||
CommandInfo* command = launchInfo.add_pre_exec_commands();
|
|
||||||
command->set_shell(false);
|
|
||||||
- command->set_value("mount");
|
|
||||||
+ command->set_value("@mount@");
|
|
||||||
command->add_arguments("mount");
|
|
||||||
command->add_arguments("-n");
|
|
||||||
command->add_arguments("--rbind");
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp w/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
|
|
||||||
index d7fe9a8..1361a4e 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
|
|
||||||
@@ -154,9 +154,9 @@ Try<Isolator*> LinuxFilesystemIsolatorProcess::create(const Flags& flags)
|
|
||||||
// here because 'create' will only be invoked during
|
|
||||||
// initialization.
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --bind %s %s && "
|
|
||||||
- "mount --make-private %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --bind %s %s && "
|
|
||||||
+ "@mount@ --make-private %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
workDir->c_str(),
|
|
||||||
workDir->c_str(),
|
|
||||||
workDir->c_str(),
|
|
||||||
@@ -175,8 +175,8 @@ Try<Isolator*> LinuxFilesystemIsolatorProcess::create(const Flags& flags)
|
|
||||||
LOG(INFO) << "Making '" << workDir.get() << "' a shared mount";
|
|
||||||
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --make-private %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --make-private %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
workDir->c_str(),
|
|
||||||
workDir->c_str());
|
|
||||||
|
|
||||||
@@ -422,7 +422,7 @@ Try<vector<CommandInfo>> LinuxFilesystemIsolatorProcess::getPreExecCommands(
|
|
||||||
|
|
||||||
CommandInfo command;
|
|
||||||
command.set_shell(false);
|
|
||||||
- command.set_value("mount");
|
|
||||||
+ command.set_value("@mount@");
|
|
||||||
command.add_arguments("mount");
|
|
||||||
command.add_arguments("-n");
|
|
||||||
command.add_arguments("--rbind");
|
|
||||||
@@ -610,7 +610,7 @@ Try<vector<CommandInfo>> LinuxFilesystemIsolatorProcess::getPreExecCommands(
|
|
||||||
// TODO(jieyu): Consider the mode in the volume.
|
|
||||||
CommandInfo command;
|
|
||||||
command.set_shell(false);
|
|
||||||
- command.set_value("mount");
|
|
||||||
+ command.set_value("@mount@");
|
|
||||||
command.add_arguments("mount");
|
|
||||||
command.add_arguments("-n");
|
|
||||||
command.add_arguments("--rbind");
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp w/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp
|
|
||||||
index 927d95b..576dc63 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/filesystem/shared.cpp
|
|
||||||
@@ -208,7 +208,7 @@ Future<Option<ContainerLaunchInfo>> SharedFilesystemIsolatorProcess::prepare(
|
|
||||||
}
|
|
||||||
|
|
||||||
launchInfo.add_pre_exec_commands()->set_value(
|
|
||||||
- "mount -n --bind " + hostPath + " " + volume.container_path());
|
|
||||||
+ "@mount@ -n --bind " + hostPath + " " + volume.container_path());
|
|
||||||
}
|
|
||||||
|
|
||||||
return launchInfo;
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp w/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp
|
|
||||||
index 25636b5..33ec315 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/gpu/isolator.cpp
|
|
||||||
@@ -401,7 +401,7 @@ Future<Option<ContainerLaunchInfo>> NvidiaGpuIsolatorProcess::_prepare(
|
|
||||||
}
|
|
||||||
|
|
||||||
launchInfo.add_pre_exec_commands()->set_value(
|
|
||||||
- "mount --no-mtab --rbind --read-only " +
|
|
||||||
+ "@mount@ --no-mtab --rbind --read-only " +
|
|
||||||
volume.HOST_PATH() + " " + target);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/gpu/volume.cpp w/src/slave/containerizer/mesos/isolators/gpu/volume.cpp
|
|
||||||
index 536a3c7..e2819dd 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/gpu/volume.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/gpu/volume.cpp
|
|
||||||
@@ -274,7 +274,7 @@ Try<NvidiaVolume> NvidiaVolume::create()
|
|
||||||
string path = path::join(hostPath, "bin", binary);
|
|
||||||
|
|
||||||
if (!os::exists(path)) {
|
|
||||||
- string command = "which " + binary;
|
|
||||||
+ string command = "@which@ " + binary;
|
|
||||||
Try<string> which = os::shell(command);
|
|
||||||
|
|
||||||
if (which.isSome()) {
|
|
||||||
@@ -288,7 +288,7 @@ Try<NvidiaVolume> NvidiaVolume::create()
|
|
||||||
: "No such file or directory"));
|
|
||||||
}
|
|
||||||
|
|
||||||
- command = "cp " + realpath.get() + " " + path;
|
|
||||||
+ command = "@cp@ " + realpath.get() + " " + path;
|
|
||||||
Try<string> cp = os::shell(command);
|
|
||||||
if (cp.isError()) {
|
|
||||||
return Error("Failed to os::shell '" + command + "': " + cp.error());
|
|
||||||
@@ -360,7 +360,7 @@ Try<NvidiaVolume> NvidiaVolume::create()
|
|
||||||
Path(realpath.get()).basename());
|
|
||||||
|
|
||||||
if (!os::exists(libraryPath)) {
|
|
||||||
- string command = "cp " + realpath.get() + " " + libraryPath;
|
|
||||||
+ string command = "@cp@ " + realpath.get() + " " + libraryPath;
|
|
||||||
Try<string> cp = os::shell(command);
|
|
||||||
if (cp.isError()) {
|
|
||||||
return Error("Failed to os::shell '" + command + "':"
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp w/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp
|
|
||||||
index 42bc2e1..2f9066e 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/namespaces/pid.cpp
|
|
||||||
@@ -131,7 +131,7 @@ Future<Option<ContainerLaunchInfo>> NamespacesPidIsolatorProcess::prepare(
|
|
||||||
//
|
|
||||||
// TOOD(jieyu): Consider unmount the existing /proc.
|
|
||||||
launchInfo.add_pre_exec_commands()->set_value(
|
|
||||||
- "mount -n -t proc proc /proc -o nosuid,noexec,nodev");
|
|
||||||
+ "@mount@ -n -t proc proc /proc -o nosuid,noexec,nodev");
|
|
||||||
|
|
||||||
return launchInfo;
|
|
||||||
}
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp w/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
|
|
||||||
index fc68f04..267b040 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/network/cni/cni.cpp
|
|
||||||
@@ -205,9 +205,9 @@ Try<Isolator*> NetworkCniIsolatorProcess::create(const Flags& flags)
|
|
||||||
// here because 'create' will only be invoked during
|
|
||||||
// initialization.
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --bind %s %s && "
|
|
||||||
- "mount --make-private %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --bind %s %s && "
|
|
||||||
+ "@mount@ --make-private %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
rootDir->c_str(),
|
|
||||||
rootDir->c_str(),
|
|
||||||
rootDir->c_str(),
|
|
||||||
@@ -227,8 +227,8 @@ Try<Isolator*> NetworkCniIsolatorProcess::create(const Flags& flags)
|
|
||||||
LOG(INFO) << "Making '" << rootDir.get() << "' a shared mount";
|
|
||||||
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --make-private %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --make-private %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
rootDir->c_str(),
|
|
||||||
rootDir->c_str());
|
|
||||||
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp w/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp
|
|
||||||
index 43cf3e4..94bad8b 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp
|
|
||||||
@@ -301,7 +301,7 @@ Try<Nothing> PortMapper::addPortMapping(
|
|
||||||
# Check if the `chain` exists in the iptable. If it does not
|
|
||||||
# exist go ahead and install the chain in the iptables NAT
|
|
||||||
# table.
|
|
||||||
- iptables -w -t nat --list %s
|
|
||||||
+ @iptables@ -w -t nat --list %s
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
# NOTE: When we create the chain, there is a possibility of a
|
|
||||||
# race due to which a container launch can fail. This can
|
|
||||||
@@ -315,25 +315,25 @@ Try<Nothing> PortMapper::addPortMapping(
|
|
||||||
# since it can happen only when the chain is created the first
|
|
||||||
# time and two commands for creation of the chain are executed
|
|
||||||
# simultaneously.
|
|
||||||
- (iptables -w -t nat -N %s || exit 1)
|
|
||||||
+ (@iptables@ -w -t nat -N %s || exit 1)
|
|
||||||
|
|
||||||
# Once the chain has been installed add a rule in the PREROUTING
|
|
||||||
# chain to jump to this chain for any packets that are
|
|
||||||
# destined to a local address.
|
|
||||||
- (iptables -w -t nat -A PREROUTING \
|
|
||||||
+ (@iptables@ -w -t nat -A PREROUTING \
|
|
||||||
-m addrtype --dst-type LOCAL -j %s || exit 1)
|
|
||||||
|
|
||||||
# For locally generated packets we need a rule in the OUTPUT
|
|
||||||
# chain as well, since locally generated packets directly hit
|
|
||||||
# the output CHAIN, bypassing PREROUTING.
|
|
||||||
- (iptables -w -t nat -A OUTPUT \
|
|
||||||
+ (@iptables@ -w -t nat -A OUTPUT \
|
|
||||||
! -d 127.0.0.0/8 -m addrtype \
|
|
||||||
--dst-type LOCAL -j %s || exit 1)
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Within the `chain` go ahead and install the DNAT rule, if it
|
|
||||||
# does not exist.
|
|
||||||
- (iptables -w -t nat -C %s || iptables -t nat -A %s))~",
|
|
||||||
+ (@iptables@ -w -t nat -C %s || @iptables@ -t nat -A %s))~",
|
|
||||||
chain,
|
|
||||||
chain,
|
|
||||||
chain,
|
|
||||||
@@ -360,7 +360,7 @@ Try<Nothing> PortMapper::delPortMapping()
|
|
||||||
# The iptables command searches for the DNAT rules with tag
|
|
||||||
# "container_id: <CNI_CONTAINERID>", and if it exists goes ahead
|
|
||||||
# and deletes it.
|
|
||||||
- iptables -w -t nat -S %s | sed "/%s/ s/-A/iptables -w -t nat -D/e")~",
|
|
||||||
+ @iptables@ -w -t nat -S %s | sed "/%s/ s/-A/@iptables@ -w -t nat -D/e")~",
|
|
||||||
chain,
|
|
||||||
getIptablesRuleTag()).get();
|
|
||||||
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp w/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp
|
|
||||||
index 57d4ccd..68c9577 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/network/port_mapping.cpp
|
|
||||||
@@ -1394,19 +1394,19 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags)
|
|
||||||
// Check the availability of a few Linux commands that we will use.
|
|
||||||
// We use the blocking os::shell here because 'create' will only be
|
|
||||||
// invoked during initialization.
|
|
||||||
- Try<string> checkCommandTc = os::shell("tc filter show");
|
|
||||||
+ Try<string> checkCommandTc = os::shell("@tc@ filter show");
|
|
||||||
if (checkCommandTc.isError()) {
|
|
||||||
return Error("Check command 'tc' failed: " + checkCommandTc.error());
|
|
||||||
}
|
|
||||||
|
|
||||||
// NOTE: loopback device always exists.
|
|
||||||
- Try<string> checkCommandEthtool = os::shell("ethtool -k lo");
|
|
||||||
+ Try<string> checkCommandEthtool = os::shell("@ethtool@ -k lo");
|
|
||||||
if (checkCommandEthtool.isError()) {
|
|
||||||
return Error("Check command 'ethtool' failed: "
|
|
||||||
+ checkCommandEthtool.error());
|
|
||||||
}
|
|
||||||
|
|
||||||
- Try<string> checkCommandIp = os::shell("ip link show");
|
|
||||||
+ Try<string> checkCommandIp = os::shell("@ip@ link show");
|
|
||||||
if (checkCommandIp.isError()) {
|
|
||||||
return Error("Check command 'ip' failed: " + checkCommandIp.error());
|
|
||||||
}
|
|
||||||
@@ -1940,9 +1940,9 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags)
|
|
||||||
// visible. It's OK to use the blocking os::shell here because
|
|
||||||
// 'create' will only be invoked during initialization.
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --bind %s %s && "
|
|
||||||
- "mount --make-slave %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --bind %s %s && "
|
|
||||||
+ "@mount@ --make-slave %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
bindMountRoot->c_str(),
|
|
||||||
bindMountRoot->c_str(),
|
|
||||||
bindMountRoot->c_str(),
|
|
||||||
@@ -1959,8 +1959,8 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags)
|
|
||||||
// shared mount yet (possibly due to slave crash while preparing
|
|
||||||
// the work directory mount). It's safe to re-do the following.
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --make-slave %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --make-slave %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
bindMountRoot->c_str(),
|
|
||||||
bindMountRoot->c_str());
|
|
||||||
|
|
||||||
@@ -1979,8 +1979,8 @@ Try<Isolator*> PortMappingIsolatorProcess::create(const Flags& flags)
|
|
||||||
// so that they are in different peer groups.
|
|
||||||
if (entry.shared() == bindMountEntry->shared()) {
|
|
||||||
Try<string> mount = os::shell(
|
|
||||||
- "mount --make-slave %s && "
|
|
||||||
- "mount --make-shared %s",
|
|
||||||
+ "@mount@ --make-slave %s && "
|
|
||||||
+ "@mount@ --make-shared %s",
|
|
||||||
bindMountRoot->c_str(),
|
|
||||||
bindMountRoot->c_str());
|
|
||||||
|
|
||||||
@@ -3927,6 +3927,8 @@ Try<Nothing> PortMappingIsolatorProcess::removeHostIPFilters(
|
|
||||||
// TODO(jieyu): Use the Subcommand abstraction to remove most of the
|
|
||||||
// logic here. Completely remove this function once we can assume a
|
|
||||||
// newer kernel where 'setns' works for mount namespaces.
|
|
||||||
+// cstrahan(nixos): this is executed in the container,
|
|
||||||
+// so we don't want to substitute paths here.
|
|
||||||
string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
{
|
|
||||||
ostringstream script;
|
|
||||||
@@ -3937,7 +3939,7 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
// Mark the mount point PORT_MAPPING_BIND_MOUNT_ROOT() as slave
|
|
||||||
// mount so that changes in the container will not be propagated to
|
|
||||||
// the host.
|
|
||||||
- script << "mount --make-rslave " << bindMountRoot << "\n";
|
|
||||||
+ script << "@mount@ --make-rslave " << bindMountRoot << "\n";
|
|
||||||
|
|
||||||
// Disable IPv6 when IPv6 module is loaded as IPv6 packets won't be
|
|
||||||
// forwarded anyway.
|
|
||||||
@@ -3945,7 +3947,7 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
<< " echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6\n";
|
|
||||||
|
|
||||||
// Configure lo and eth0.
|
|
||||||
- script << "ip link set " << lo << " address " << hostMAC
|
|
||||||
+ script << "@ip@ link set " << lo << " address " << hostMAC
|
|
||||||
<< " mtu " << hostEth0MTU << " up\n";
|
|
||||||
|
|
||||||
// NOTE: This is mostly a kernel issue: in veth_xmit() the kernel
|
|
||||||
@@ -3954,12 +3956,12 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
// when we receive a packet with a bad checksum. Disabling rx
|
|
||||||
// checksum offloading ensures the TCP layer will checksum and drop
|
|
||||||
// it.
|
|
||||||
- script << "ethtool -K " << eth0 << " rx off\n";
|
|
||||||
- script << "ip link set " << eth0 << " address " << hostMAC << " up\n";
|
|
||||||
- script << "ip addr add " << hostIPNetwork << " dev " << eth0 << "\n";
|
|
||||||
+ script << "@ethtool@ -K " << eth0 << " rx off\n";
|
|
||||||
+ script << "@ip@ link set " << eth0 << " address " << hostMAC << " up\n";
|
|
||||||
+ script << "@ip@ addr add " << hostIPNetwork << " dev " << eth0 << "\n";
|
|
||||||
|
|
||||||
// Set up the default gateway to match that of eth0.
|
|
||||||
- script << "ip route add default via " << hostDefaultGateway << "\n";
|
|
||||||
+ script << "@ip@ route add default via " << hostDefaultGateway << "\n";
|
|
||||||
|
|
||||||
// Restrict the ephemeral ports that can be used by the container.
|
|
||||||
script << "echo " << info->ephemeralPorts.lower() << " "
|
|
||||||
@@ -3988,19 +3990,19 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Set up filters on lo and eth0.
|
|
||||||
- script << "tc qdisc add dev " << lo << " ingress\n";
|
|
||||||
- script << "tc qdisc add dev " << eth0 << " ingress\n";
|
|
||||||
+ script << "@tc@ qdisc add dev " << lo << " ingress\n";
|
|
||||||
+ script << "@tc@ qdisc add dev " << eth0 << " ingress\n";
|
|
||||||
|
|
||||||
// Allow talking between containers and from container to host.
|
|
||||||
// TODO(chzhcn): Consider merging the following two filters.
|
|
||||||
- script << "tc filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
+ script << "@tc@ filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
<< " protocol ip"
|
|
||||||
<< " prio " << Priority(IP_FILTER_PRIORITY, NORMAL).get() << " u32"
|
|
||||||
<< " flowid ffff:0"
|
|
||||||
<< " match ip dst " << hostIPNetwork.address()
|
|
||||||
<< " action mirred egress redirect dev " << eth0 << "\n";
|
|
||||||
|
|
||||||
- script << "tc filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
+ script << "@tc@ filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
<< " protocol ip"
|
|
||||||
<< " prio " << Priority(IP_FILTER_PRIORITY, NORMAL).get() << " u32"
|
|
||||||
<< " flowid ffff:0"
|
|
||||||
@@ -4011,7 +4013,7 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
foreach (const PortRange& range,
|
|
||||||
getPortRanges(info->nonEphemeralPorts + info->ephemeralPorts)) {
|
|
||||||
// Local traffic inside a container will not be redirected to eth0.
|
|
||||||
- script << "tc filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
+ script << "@tc@ filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
<< " protocol ip"
|
|
||||||
<< " prio " << Priority(IP_FILTER_PRIORITY, HIGH).get() << " u32"
|
|
||||||
<< " flowid ffff:0"
|
|
||||||
@@ -4020,7 +4022,7 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
|
|
||||||
// Traffic going to host loopback IP and ports assigned to this
|
|
||||||
// container will be redirected to lo.
|
|
||||||
- script << "tc filter add dev " << eth0 << " parent " << ingress::HANDLE
|
|
||||||
+ script << "@tc@ filter add dev " << eth0 << " parent " << ingress::HANDLE
|
|
||||||
<< " protocol ip"
|
|
||||||
<< " prio " << Priority(IP_FILTER_PRIORITY, NORMAL).get() << " u32"
|
|
||||||
<< " flowid ffff:0"
|
|
||||||
@@ -4032,14 +4034,14 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Do not forward the ICMP packet if the destination IP is self.
|
|
||||||
- script << "tc filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
+ script << "@tc@ filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
<< " protocol ip"
|
|
||||||
<< " prio " << Priority(ICMP_FILTER_PRIORITY, NORMAL).get() << " u32"
|
|
||||||
<< " flowid ffff:0"
|
|
||||||
<< " match ip protocol 1 0xff"
|
|
||||||
<< " match ip dst " << hostIPNetwork.address() << "\n";
|
|
||||||
|
|
||||||
- script << "tc filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
+ script << "@tc@ filter add dev " << lo << " parent " << ingress::HANDLE
|
|
||||||
<< " protocol ip"
|
|
||||||
<< " prio " << Priority(ICMP_FILTER_PRIORITY, NORMAL).get() << " u32"
|
|
||||||
<< " flowid ffff:0"
|
|
||||||
@@ -4048,9 +4050,9 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
<< net::IP::Network::LOOPBACK_V4().address() << "\n";
|
|
||||||
|
|
||||||
// Display the filters created on eth0 and lo.
|
|
||||||
- script << "tc filter show dev " << eth0
|
|
||||||
+ script << "@tc@ filter show dev " << eth0
|
|
||||||
<< " parent " << ingress::HANDLE << "\n";
|
|
||||||
- script << "tc filter show dev " << lo
|
|
||||||
+ script << "@tc@ filter show dev " << lo
|
|
||||||
<< " parent " << ingress::HANDLE << "\n";
|
|
||||||
|
|
||||||
// If throughput limit for container egress traffic exists, use HTB
|
|
||||||
@@ -4062,9 +4064,9 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
// throughput. TBF requires other parameters such as 'burst' that
|
|
||||||
// HTB already has default values for.
|
|
||||||
if (egressRateLimitPerContainer.isSome()) {
|
|
||||||
- script << "tc qdisc add dev " << eth0 << " root handle "
|
|
||||||
+ script << "@tc@ qdisc add dev " << eth0 << " root handle "
|
|
||||||
<< CONTAINER_TX_HTB_HANDLE << " htb default 1\n";
|
|
||||||
- script << "tc class add dev " << eth0 << " parent "
|
|
||||||
+ script << "@tc@ class add dev " << eth0 << " parent "
|
|
||||||
<< CONTAINER_TX_HTB_HANDLE << " classid "
|
|
||||||
<< CONTAINER_TX_HTB_CLASS_ID << " htb rate "
|
|
||||||
<< egressRateLimitPerContainer.get().bytes() * 8 << "bit\n";
|
|
||||||
@@ -4075,12 +4077,12 @@ string PortMappingIsolatorProcess::scripts(Info* info)
|
|
||||||
// fq_codel, which has a larger buffer and better control on
|
|
||||||
// buffer bloat.
|
|
||||||
// TODO(cwang): Verity that fq_codel qdisc is available.
|
|
||||||
- script << "tc qdisc add dev " << eth0
|
|
||||||
+ script << "@tc@ qdisc add dev " << eth0
|
|
||||||
<< " parent " << CONTAINER_TX_HTB_CLASS_ID << " fq_codel\n";
|
|
||||||
|
|
||||||
// Display the htb qdisc and class created on eth0.
|
|
||||||
- script << "tc qdisc show dev " << eth0 << "\n";
|
|
||||||
- script << "tc class show dev " << eth0 << "\n";
|
|
||||||
+ script << "@tc@ qdisc show dev " << eth0 << "\n";
|
|
||||||
+ script << "@tc@ class show dev " << eth0 << "\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
return script.str();
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/posix/disk.cpp w/src/slave/containerizer/mesos/isolators/posix/disk.cpp
|
|
||||||
index eb23025..db268ea 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/posix/disk.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/posix/disk.cpp
|
|
||||||
@@ -572,7 +572,7 @@ private:
|
|
||||||
// NOTE: The supervisor childhook will watch the parent process and kill
|
|
||||||
// the 'du' process in case that the parent die.
|
|
||||||
Try<Subprocess> s = subprocess(
|
|
||||||
- "du",
|
|
||||||
+ "@du@",
|
|
||||||
command,
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
Subprocess::PIPE(),
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/volume/image.cpp w/src/slave/containerizer/mesos/isolators/volume/image.cpp
|
|
||||||
index 35966aa..b62fc86 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/volume/image.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/volume/image.cpp
|
|
||||||
@@ -231,7 +231,7 @@ Future<Option<ContainerLaunchInfo>> VolumeImageIsolatorProcess::_prepare(
|
|
||||||
|
|
||||||
CommandInfo* command = launchInfo.add_pre_exec_commands();
|
|
||||||
command->set_shell(false);
|
|
||||||
- command->set_value("mount");
|
|
||||||
+ command->set_value("@mount@");
|
|
||||||
command->add_arguments("mount");
|
|
||||||
command->add_arguments("-n");
|
|
||||||
command->add_arguments("--rbind");
|
|
||||||
diff --git i/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp w/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp
|
|
||||||
index b321b86..8ed3e78 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp
|
|
||||||
@@ -265,7 +265,7 @@ Future<Option<ContainerLaunchInfo>> VolumeSandboxPathIsolatorProcess::prepare(
|
|
||||||
|
|
||||||
CommandInfo* command = launchInfo.add_pre_exec_commands();
|
|
||||||
command->set_shell(false);
|
|
||||||
- command->set_value("mount");
|
|
||||||
+ command->set_value("@mount@");
|
|
||||||
command->add_arguments("mount");
|
|
||||||
command->add_arguments("-n");
|
|
||||||
command->add_arguments("--rbind");
|
|
||||||
diff --git i/src/slave/containerizer/mesos/provisioner/backends/copy.cpp w/src/slave/containerizer/mesos/provisioner/backends/copy.cpp
|
|
||||||
index 69faa03..01a3ed6 100644
|
|
||||||
--- i/src/slave/containerizer/mesos/provisioner/backends/copy.cpp
|
|
||||||
+++ w/src/slave/containerizer/mesos/provisioner/backends/copy.cpp
|
|
||||||
@@ -266,7 +266,7 @@ Future<Nothing> CopyBackendProcess::_provision(
|
|
||||||
#endif // __APPLE__ || __FreeBSD__
|
|
||||||
|
|
||||||
Try<Subprocess> s = subprocess(
|
|
||||||
- "cp",
|
|
||||||
+ "@cp@",
|
|
||||||
args,
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
@@ -313,7 +313,7 @@ Future<bool> CopyBackendProcess::destroy(const string& rootfs)
|
|
||||||
vector<string> argv{"rm", "-rf", rootfs};
|
|
||||||
|
|
||||||
Try<Subprocess> s = subprocess(
|
|
||||||
- "rm",
|
|
||||||
+ "@rm@",
|
|
||||||
argv,
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
Subprocess::FD(STDOUT_FILENO),
|
|
||||||
diff --git i/src/uri/fetchers/copy.cpp w/src/uri/fetchers/copy.cpp
|
|
||||||
index 17f69be..831b08a 100644
|
|
||||||
--- i/src/uri/fetchers/copy.cpp
|
|
||||||
+++ w/src/uri/fetchers/copy.cpp
|
|
||||||
@@ -97,8 +97,8 @@ Future<Nothing> CopyFetcherPlugin::fetch(
|
|
||||||
VLOG(1) << "Copying '" << uri.path() << "' to '" << directory << "'";
|
|
||||||
|
|
||||||
#ifndef __WINDOWS__
|
|
||||||
- const char* copyCommand = "cp";
|
|
||||||
- const vector<string> argv = {"cp", "-a", uri.path(), directory};
|
|
||||||
+ const char* copyCommand = "@cp@";
|
|
||||||
+ const vector<string> argv = {"@cp@", "-a", uri.path(), directory};
|
|
||||||
#else // __WINDOWS__
|
|
||||||
const char* copyCommand = os::Shell::name;
|
|
||||||
const vector<string> argv =
|
|
||||||
diff --git i/src/uri/fetchers/curl.cpp w/src/uri/fetchers/curl.cpp
|
|
||||||
index f34daf2..6a50341 100644
|
|
||||||
--- i/src/uri/fetchers/curl.cpp
|
|
||||||
+++ w/src/uri/fetchers/curl.cpp
|
|
||||||
@@ -109,7 +109,7 @@ Future<Nothing> CurlFetcherPlugin::fetch(
|
|
||||||
};
|
|
||||||
|
|
||||||
Try<Subprocess> s = subprocess(
|
|
||||||
- "curl",
|
|
||||||
+ "@curl@",
|
|
||||||
argv,
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
Subprocess::PIPE(),
|
|
||||||
diff --git i/src/uri/fetchers/docker.cpp w/src/uri/fetchers/docker.cpp
|
|
||||||
index 91db13b..82a7fc4 100644
|
|
||||||
--- i/src/uri/fetchers/docker.cpp
|
|
||||||
+++ w/src/uri/fetchers/docker.cpp
|
|
||||||
@@ -114,7 +114,7 @@ static Future<http::Response> curl(
|
|
||||||
|
|
||||||
// TODO(jieyu): Kill the process if discard is called.
|
|
||||||
Try<Subprocess> s = subprocess(
|
|
||||||
- "curl",
|
|
||||||
+ "@curl@",
|
|
||||||
argv,
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
Subprocess::PIPE(),
|
|
||||||
@@ -229,7 +229,7 @@ static Future<int> download(
|
|
||||||
|
|
||||||
// TODO(jieyu): Kill the process if discard is called.
|
|
||||||
Try<Subprocess> s = subprocess(
|
|
||||||
- "curl",
|
|
||||||
+ "@curl@",
|
|
||||||
argv,
|
|
||||||
Subprocess::PATH(os::DEV_NULL),
|
|
||||||
Subprocess::PIPE(),
|
|
@ -1,12 +0,0 @@
|
|||||||
diff --git a/src/linux/fs.cpp b/src/linux/fs.cpp
|
|
||||||
index 913e233..c2917a6 100644
|
|
||||||
--- a/src/linux/fs.cpp
|
|
||||||
+++ b/src/linux/fs.cpp
|
|
||||||
@@ -17,6 +17,7 @@
|
|
||||||
#include <errno.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <string.h>
|
|
||||||
+#include <syscall.h>
|
|
||||||
|
|
||||||
#include <linux/limits.h>
|
|
||||||
#include <linux/unistd.h>
|
|
@ -1,6 +1,5 @@
|
|||||||
{ stdenv, fetchzip, makeWrapper, jre, pythonPackages, coreutils, hadoop
|
{ stdenv, fetchzip, makeWrapper, jre, pythonPackages, coreutils, hadoop
|
||||||
, RSupport? true, R
|
, RSupport? true, R
|
||||||
, mesosSupport ? true, mesos
|
|
||||||
}:
|
}:
|
||||||
|
|
||||||
with stdenv.lib;
|
with stdenv.lib;
|
||||||
@ -12,12 +11,11 @@ stdenv.mkDerivation rec {
|
|||||||
|
|
||||||
src = fetchzip {
|
src = fetchzip {
|
||||||
url = "mirror://apache/spark/${pname}-${version}/${pname}-${version}-bin-without-hadoop.tgz";
|
url = "mirror://apache/spark/${pname}-${version}/${pname}-${version}-bin-without-hadoop.tgz";
|
||||||
sha256 = "1a9w5k0207fysgpxx6db3a00fs5hdc2ncx99x4ccy2s0v5ndc66g";
|
sha256 = "1a9w5k0207fysgpxx6db3a00fs5hdc2ncx99x4ccy2s0v5ndc66g";
|
||||||
};
|
};
|
||||||
|
|
||||||
buildInputs = [ makeWrapper jre pythonPackages.python pythonPackages.numpy ]
|
buildInputs = [ makeWrapper jre pythonPackages.python pythonPackages.numpy ]
|
||||||
++ optional RSupport R
|
++ optional RSupport R;
|
||||||
++ optional mesosSupport mesos;
|
|
||||||
|
|
||||||
untarDir = "${pname}-${version}-bin-without-hadoop";
|
untarDir = "${pname}-${version}-bin-without-hadoop";
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
@ -37,8 +35,6 @@ stdenv.mkDerivation rec {
|
|||||||
${optionalString RSupport
|
${optionalString RSupport
|
||||||
''export SPARKR_R_SHELL="${R}/bin/R"
|
''export SPARKR_R_SHELL="${R}/bin/R"
|
||||||
export PATH=$PATH:"${R}/bin/R"''}
|
export PATH=$PATH:"${R}/bin/R"''}
|
||||||
${optionalString mesosSupport
|
|
||||||
''export MESOS_NATIVE_LIBRARY="$MESOS_NATIVE_LIBRARY"''}
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
for n in $(find $out/lib/${untarDir}/bin -type f ! -name "*.*"); do
|
for n in $(find $out/lib/${untarDir}/bin -type f ! -name "*.*"); do
|
||||||
|
@ -71,6 +71,7 @@ mapAliases ({
|
|||||||
catfish = xfce.catfish; # added 2019-12-22
|
catfish = xfce.catfish; # added 2019-12-22
|
||||||
cgmanager = throw "cgmanager was deprecated by lxc and therefore removed from nixpkgs."; # added 2020-06-05
|
cgmanager = throw "cgmanager was deprecated by lxc and therefore removed from nixpkgs."; # added 2020-06-05
|
||||||
checkbashism = checkbashisms; # added 2016-08-16
|
checkbashism = checkbashisms; # added 2016-08-16
|
||||||
|
chronos = throw "chronos has been removed from nixpkgs, as it was unmaintained"; # added 2020-08-15
|
||||||
cide = throw "deprecated in 2019-09-11: abandoned by upstream";
|
cide = throw "deprecated in 2019-09-11: abandoned by upstream";
|
||||||
cinepaint = throw "cinepaint has been removed from nixpkgs, as it was unmaintained"; # added 2019-12-10
|
cinepaint = throw "cinepaint has been removed from nixpkgs, as it was unmaintained"; # added 2019-12-10
|
||||||
cifs_utils = cifs-utils; # added 2016-08
|
cifs_utils = cifs-utils; # added 2016-08
|
||||||
@ -281,6 +282,7 @@ mapAliases ({
|
|||||||
m3d-linux = m33-linux; # added 2016-08-13
|
m3d-linux = m33-linux; # added 2016-08-13
|
||||||
man_db = man-db; # added 2016-05
|
man_db = man-db; # added 2016-05
|
||||||
manpages = man-pages; # added 2015-12-06
|
manpages = man-pages; # added 2015-12-06
|
||||||
|
marathon = throw "marathon has been removed from nixpkgs, as it's unmaintained"; # added 2020-08-15
|
||||||
mariadb-client = hiPrio mariadb.client; #added 2019.07.28
|
mariadb-client = hiPrio mariadb.client; #added 2019.07.28
|
||||||
matcha = throw "matcha was renamed to matcha-gtk-theme"; # added 2020-05-09
|
matcha = throw "matcha was renamed to matcha-gtk-theme"; # added 2020-05-09
|
||||||
matrique = spectral; # added 2020-01-27
|
matrique = spectral; # added 2020-01-27
|
||||||
@ -297,6 +299,7 @@ mapAliases ({
|
|||||||
# floating point textures patents are expired,
|
# floating point textures patents are expired,
|
||||||
# so package reduced to alias
|
# so package reduced to alias
|
||||||
mesa_drivers = mesa.drivers;
|
mesa_drivers = mesa.drivers;
|
||||||
|
mesos = throw "mesos has been removed from nixpkgs, as it's unmaintained"; # added 2020-08-15
|
||||||
midoriWrapper = midori; # added 2015-01
|
midoriWrapper = midori; # added 2015-01
|
||||||
mist = throw "mist has been removed as the upstream project has been abandoned, see https://github.com/ethereum/mist#mist-browser-deprecated"; # added 2020-08-15
|
mist = throw "mist has been removed as the upstream project has been abandoned, see https://github.com/ethereum/mist#mist-browser-deprecated"; # added 2020-08-15
|
||||||
mlt-qt5 = libsForQt5.mlt; # added 2015-12-19
|
mlt-qt5 = libsForQt5.mlt; # added 2015-12-19
|
||||||
|
@ -9832,13 +9832,6 @@ in
|
|||||||
|
|
||||||
me_cleaner = pythonPackages.callPackage ../tools/misc/me_cleaner { };
|
me_cleaner = pythonPackages.callPackage ../tools/misc/me_cleaner { };
|
||||||
|
|
||||||
mesos = callPackage ../applications/networking/cluster/mesos {
|
|
||||||
sasl = cyrus_sasl;
|
|
||||||
inherit (pythonPackages) python boto setuptools wrapPython;
|
|
||||||
pythonProtobuf = pythonPackages.protobuf.override { protobuf = protobuf3_6; };
|
|
||||||
perf = linuxPackages.perf;
|
|
||||||
};
|
|
||||||
|
|
||||||
mesos-dns = callPackage ../servers/mesos-dns { };
|
mesos-dns = callPackage ../servers/mesos-dns { };
|
||||||
|
|
||||||
metamath = callPackage ../development/interpreters/metamath { };
|
metamath = callPackage ../development/interpreters/metamath { };
|
||||||
@ -19506,8 +19499,6 @@ in
|
|||||||
|
|
||||||
chromium = callPackage ../applications/networking/browsers/chromium (config.chromium or {});
|
chromium = callPackage ../applications/networking/browsers/chromium (config.chromium or {});
|
||||||
|
|
||||||
chronos = callPackage ../applications/networking/cluster/chronos { };
|
|
||||||
|
|
||||||
chromiumBeta = lowPrio (chromium.override { channel = "beta"; });
|
chromiumBeta = lowPrio (chromium.override { channel = "beta"; });
|
||||||
|
|
||||||
chromiumDev = lowPrio (chromium.override { channel = "dev"; });
|
chromiumDev = lowPrio (chromium.override { channel = "dev"; });
|
||||||
@ -21353,7 +21344,6 @@ in
|
|||||||
|
|
||||||
mapmap = libsForQt5.callPackage ../applications/video/mapmap { };
|
mapmap = libsForQt5.callPackage ../applications/video/mapmap { };
|
||||||
|
|
||||||
marathon = callPackage ../applications/networking/cluster/marathon { };
|
|
||||||
marathonctl = callPackage ../tools/virtualization/marathonctl { } ;
|
marathonctl = callPackage ../tools/virtualization/marathonctl { } ;
|
||||||
|
|
||||||
markdown-pp = callPackage ../tools/text/markdown-pp { };
|
markdown-pp = callPackage ../tools/text/markdown-pp { };
|
||||||
|
Loading…
Reference in New Issue
Block a user