Java Code Examples for org.apache.mesos.Protos#ContainerInfo
The following examples show how to use
org.apache.mesos.Protos#ContainerInfo .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: TLSEvaluationStageTest.java From dcos-commons with Apache License 2.0 | 6 votes |
|
@Test
public void testSuccessKeystore() throws Exception {
ArrayList<TransportEncryptionSpec> transportEncryptionSpecs = new ArrayList<>();
transportEncryptionSpecs.add(DefaultTransportEncryptionSpec.newBuilder()
.name("test-tls")
.type(TransportEncryptionSpec.Type.KEYSTORE)
.build());
Protos.Offer offer = OfferTestUtils.getOffer(ResourceTestUtils.getUnreservedCpus(2.0));
PodInfoBuilder podInfoBuilder = getPodInfoBuilderForTransportEncryption(transportEncryptionSpecs);
EvaluationOutcome outcome = tlsEvaluationStage.evaluate(
new MesosResourcePool(offer, Optional.of(Constants.ANY_ROLE)),
podInfoBuilder);
Assert.assertTrue(outcome.isPassing());
// Check that TLS update was invoked
verify(mockTLSArtifactsUpdater).update(ArgumentMatchers.any(), ArgumentMatchers.any(), ArgumentMatchers.eq("test-tls"));
Protos.ContainerInfo executorContainer =
podInfoBuilder.getTaskBuilder(TestConstants.TASK_NAME).getExecutor().getContainer();
Assert.assertEquals(0, executorContainer.getVolumesCount());
Protos.ContainerInfo taskContainer = podInfoBuilder.getTaskBuilder(TestConstants.TASK_NAME).getContainer();
assertKeystoreArtifacts(taskContainer, tlsArtifactPaths, "test-tls");
}
Example 2
| Source File: TLSEvaluationStageTest.java From dcos-commons with Apache License 2.0 | 6 votes |
|
@Test
public void testArtifactsExist() throws Exception {
ArrayList<TransportEncryptionSpec> transportEncryptionSpecs = new ArrayList<>();
transportEncryptionSpecs.add(DefaultTransportEncryptionSpec.newBuilder()
.name("test-tls")
.type(TransportEncryptionSpec.Type.TLS)
.build());
Protos.Offer offer = OfferTestUtils.getOffer(ResourceTestUtils.getUnreservedCpus(2.0));
PodInfoBuilder podInfoBuilder = getPodInfoBuilderForTransportEncryption(transportEncryptionSpecs);
EvaluationOutcome outcome = tlsEvaluationStage.evaluate(
new MesosResourcePool(offer, Optional.of(Constants.ANY_ROLE)),
podInfoBuilder);
Assert.assertTrue(outcome.isPassing());
// Check that TLS update was invoked
verify(mockTLSArtifactsUpdater).update(ArgumentMatchers.any(), ArgumentMatchers.any(), ArgumentMatchers.eq("test-tls"));
Protos.ContainerInfo executorContainer =
podInfoBuilder.getTaskBuilder(TestConstants.TASK_NAME).getExecutor().getContainer();
Assert.assertEquals(0, executorContainer.getVolumesCount());
Protos.ContainerInfo taskContainer = podInfoBuilder.getTaskBuilder(TestConstants.TASK_NAME).getContainer();
assertTLSArtifacts(taskContainer, tlsArtifactPaths, "test-tls");
}
Example 3
| Source File: TLSEvaluationStageTest.java From dcos-commons with Apache License 2.0 | 6 votes |
|
private static void assertTLSArtifacts(Protos.ContainerInfo container, TLSArtifactPaths secretPaths, String encryptionSpecName) {
Assert.assertEquals(
findSecretStorePath(container, TLSArtifact.CERTIFICATE.getMountPath(encryptionSpecName)).get(),
secretPaths.getSecretStorePath(TLSArtifact.CERTIFICATE, encryptionSpecName));
Assert.assertEquals(
findSecretStorePath(container, TLSArtifact.CA_CERTIFICATE.getMountPath(encryptionSpecName)).get(),
secretPaths.getSecretStorePath(TLSArtifact.CA_CERTIFICATE, encryptionSpecName));
Assert.assertEquals(
findSecretStorePath(container, TLSArtifact.PRIVATE_KEY.getMountPath(encryptionSpecName)).get(),
secretPaths.getSecretStorePath(TLSArtifact.PRIVATE_KEY, encryptionSpecName));
Assert.assertFalse(findSecretStorePath(container, TLSArtifact.KEYSTORE.getMountPath(encryptionSpecName)).isPresent());
Assert.assertFalse(findSecretStorePath(container, TLSArtifact.TRUSTSTORE.getMountPath(encryptionSpecName)).isPresent());
}
Example 4
| Source File: TaskInfoFactory.java From elasticsearch with Apache License 2.0 | 6 votes |
|
private Protos.TaskInfo buildDockerTask(Protos.Offer offer, Configuration configuration, Clock clock, Long elasticSearchNodeId) {
final List<Integer> ports = getPorts(offer, configuration);
final List<Protos.Resource> resources = getResources(configuration, ports);
final Protos.DiscoveryInfo discovery = getDiscovery(ports, configuration);
final Protos.Labels labels = getLabels(configuration);
final String hostAddress = resolveHostAddress(offer, ports);
LOGGER.info("Creating Elasticsearch task with resources: " + resources.toString());
final Protos.TaskID taskId = Protos.TaskID.newBuilder().setValue(taskId(offer, clock)).build();
final List<String> args = configuration.esArguments(clusterState, discovery, offer.getSlaveId());
final Protos.ContainerInfo containerInfo = getContainer(configuration, taskId, elasticSearchNodeId, offer.getSlaveId());
return Protos.TaskInfo.newBuilder()
.setName(configuration.getTaskName())
.setData(toData(offer.getHostname(), hostAddress, clock.nowUTC()))
.setTaskId(taskId)
.setSlaveId(offer.getSlaveId())
.addAllResources(resources)
.setDiscovery(discovery)
.setLabels(labels)
.setCommand(dockerCommand(configuration, args, elasticSearchNodeId))
.setContainer(containerInfo)
.build();
}
Example 5
| Source File: TLSEvaluationStageTest.java From dcos-commons with Apache License 2.0 | 5 votes |
|
@Test
public void testSuccessTLS() throws Exception {
ArrayList<TransportEncryptionSpec> transportEncryptionSpecs = new ArrayList<>();
transportEncryptionSpecs.add(DefaultTransportEncryptionSpec.newBuilder()
.name("test-tls")
.type(TransportEncryptionSpec.Type.TLS)
.build());
Protos.Offer offer = OfferTestUtils.getOffer(ResourceTestUtils.getUnreservedCpus(2.0));
PodInfoBuilder podInfoBuilder = getPodInfoBuilderForTransportEncryption(transportEncryptionSpecs);
EvaluationOutcome outcome = tlsEvaluationStage.evaluate(
new MesosResourcePool(offer, Optional.of(Constants.ANY_ROLE)),
podInfoBuilder);
Assert.assertTrue(outcome.isPassing());
// Check that TLS update was invoked
verify(mockTLSArtifactsUpdater).update(ArgumentMatchers.any(), ArgumentMatchers.any(), ArgumentMatchers.eq("test-tls"));
Protos.ContainerInfo executorContainer =
podInfoBuilder.getTaskBuilder(TestConstants.TASK_NAME).getExecutor().getContainer();
Assert.assertEquals(0, executorContainer.getVolumesCount());
Protos.ContainerInfo taskContainer =
podInfoBuilder.getTaskBuilder(TestConstants.TASK_NAME).getContainer();
assertTLSArtifacts(taskContainer, tlsArtifactPaths, "test-tls");
}
Example 6
| Source File: TLSEvaluationStageTest.java From dcos-commons with Apache License 2.0 | 5 votes |
|
private static void assertKeystoreArtifacts(Protos.ContainerInfo container, TLSArtifactPaths secretPaths, String encryptionSpecName) {
Assert.assertEquals(
findSecretStorePath(container, TLSArtifact.KEYSTORE.getMountPath(encryptionSpecName)).get(),
secretPaths.getSecretStorePath(TLSArtifact.KEYSTORE, encryptionSpecName));
Assert.assertEquals(
findSecretStorePath(container, TLSArtifact.TRUSTSTORE.getMountPath(encryptionSpecName)).get(),
secretPaths.getSecretStorePath(TLSArtifact.TRUSTSTORE, encryptionSpecName));
Assert.assertFalse(findSecretStorePath(container, TLSArtifact.CERTIFICATE.getMountPath(encryptionSpecName)).isPresent());
Assert.assertFalse(findSecretStorePath(container, TLSArtifact.CA_CERTIFICATE.getMountPath(encryptionSpecName)).isPresent());
Assert.assertFalse(findSecretStorePath(container, TLSArtifact.PRIVATE_KEY.getMountPath(encryptionSpecName)).isPresent());
}
Example 7
| Source File: TLSEvaluationStageTest.java From dcos-commons with Apache License 2.0 | 5 votes |
|
private static Optional<String> findSecretStorePath(Protos.ContainerInfo container, String path) {
Optional<Protos.Volume> volume = container.getVolumesList().stream()
.filter(v -> v.getContainerPath().equals(path))
.findAny();
return volume.isPresent()
? Optional.ofNullable(volume.get().getSource().getSecret().getReference().getName())
: Optional.empty();
}
Example 8
| Source File: TaskFactory.java From incubator-myriad with Apache License 2.0 | 5 votes |
|
/**
* Builds a ContainerInfo Object
*
* @return ContainerInfo
*/
protected Protos.ContainerInfo getContainerInfo() {
Preconditions.checkArgument(cfg.getContainerInfo().isPresent(), "ContainerConfiguration doesn't exist!");
MyriadContainerConfiguration containerConfiguration = cfg.getContainerInfo().get();
Protos.ContainerInfo.Builder containerBuilder = Protos.ContainerInfo.newBuilder()
.setType(Protos.ContainerInfo.Type.valueOf(containerConfiguration.getType()))
.addAllVolumes(getVolumes(containerConfiguration.getVolumes()));
if (containerConfiguration.getDockerInfo().isPresent()) {
MyriadDockerConfiguration dockerConfiguration = containerConfiguration.getDockerInfo().get();
containerBuilder.setDocker(getDockerInfo(dockerConfiguration));
}
return containerBuilder.build();
}
Example 9
| Source File: TestServiceTaskFactory.java From incubator-myriad with Apache License 2.0 | 5 votes |
|
@Test
public void testServiceTaskFactory() {
ServiceCommandLineGenerator clGenerator = new ServiceCommandLineGenerator(cfgWithDocker);
TaskUtils taskUtils = new TaskUtils(cfgWithDocker);
Protos.Offer offer = new OfferBuilder("test.com")
.addScalarResource("cpus", 10.0)
.addScalarResource("mem", 16000)
.addRangeResource("ports", 3400, 3410)
.build();
Map<String, ServiceConfiguration> stringServiceConfigurationMap = cfgWithDocker.getServiceConfigurations();
System.out.print(stringServiceConfigurationMap);
ServiceConfiguration serviceConfiguration = cfgWithDocker.getServiceConfigurations().get("jobhistory");
ServiceResourceProfile profile = new ServiceResourceProfile("jobhistory", serviceConfiguration.getCpus(),
serviceConfiguration.getJvmMaxMemoryMB(), serviceConfiguration.getPorts());
NodeTask nodeTask = new NodeTask(profile, null);
nodeTask.setTaskPrefix("jobhistory");
ResourceOfferContainer roc = new ResourceOfferContainer(offer, profile, null);
System.out.print(roc.getPorts());
ServiceTaskFactory taskFactory = new ServiceTaskFactory(cfgWithDocker, taskUtils, clGenerator);
Protos.TaskInfo taskInfo = taskFactory.createTask(roc, frameworkId, makeTaskId("jobhistory"), nodeTask);
assertTrue("taskInfo should have a container", taskInfo.hasContainer());
assertFalse("The container should not have an executor", taskInfo.hasExecutor());
Protos.ContainerInfo containerInfo = taskInfo.getContainer();
assertTrue("There should be two volumes", containerInfo.getVolumesCount() == 2);
assertTrue("The first volume should be read only", containerInfo.getVolumes(0).getMode().equals(Protos.Volume.Mode.RO));
assertTrue("The first volume should be read write", containerInfo.getVolumes(1).getMode().equals(Protos.Volume.Mode.RW));
assertTrue("There should be a docker image", containerInfo.getDocker().hasImage());
assertTrue("The docker image should be mesos/myraid", containerInfo.getDocker().getImage().equals("mesos/myriad"));
assertTrue("Should be using host networking", containerInfo.getDocker().getNetwork().equals(Protos.ContainerInfo.DockerInfo.Network.HOST));
assertTrue("There should be two parameters", containerInfo.getDocker().getParametersList().size() == 2);
assertTrue("Privledged mode should be false", containerInfo.getDocker().getPrivileged() == false);
}
Example 10
| Source File: TestNMTaskFactory.java From incubator-myriad with Apache License 2.0 | 5 votes |
|
@Test
public void testNMTaskFactory() {
NMExecutorCommandLineGenerator clGenerator = new NMExecutorCommandLineGenerator(cfgWithDocker);
TaskUtils taskUtils = new TaskUtils(cfgWithDocker);
Protos.Offer offer = new OfferBuilder("test.com")
.addScalarResource("cpus", 10.0)
.addScalarResource("mem", 16000)
.addRangeResource("ports", 3500, 3505)
.build();
ServiceResourceProfile profile = new ExtendedResourceProfile(new NMProfile("tooMuchCpu", 7L, 8000L), taskUtils.getNodeManagerCpus(),
taskUtils.getNodeManagerMemory(), taskUtils.getNodeManagerPorts());
NodeTask nodeTask = new NodeTask(profile, null);
ResourceOfferContainer roc = new ResourceOfferContainer(offer, profile, null);
NMTaskFactory taskFactory = new NMTaskFactory(cfgWithDocker, taskUtils, clGenerator);
Protos.TaskInfo taskInfo = taskFactory.createTask(roc, frameworkId, makeTaskId("nm.zero"), nodeTask);
assertFalse("taskInfo should not have a container", taskInfo.hasContainer());
assertTrue("The container should have an executor", taskInfo.hasExecutor());
Protos.ExecutorInfo executorInfo = taskInfo.getExecutor();
assertTrue("executorInfo should have container", executorInfo.hasContainer());
Protos.ContainerInfo containerInfo = executorInfo.getContainer();
assertTrue("There should be two volumes", containerInfo.getVolumesCount() == 2);
assertTrue("The first volume should be read only", containerInfo.getVolumes(0).getMode().equals(Protos.Volume.Mode.RO));
assertTrue("The first volume should be read write", containerInfo.getVolumes(1).getMode().equals(Protos.Volume.Mode.RW));
assertTrue("There should be a docker image", containerInfo.getDocker().hasImage());
assertTrue("The docker image should be mesos/myraid", containerInfo.getDocker().getImage().equals("mesos/myriad"));
assertTrue("Should be using host networking", containerInfo.getDocker().getNetwork().equals(Protos.ContainerInfo.DockerInfo.Network.HOST));
assertTrue("There should be two parameters", containerInfo.getDocker().getParametersList().size() == 2);
assertTrue("Privledged mode should be false", !containerInfo.getDocker().getPrivileged());
}
Example 11
| Source File: PodInfoBuilder.java From dcos-commons with Apache License 2.0 | 4 votes |
|
/**
* Get the ContainerInfo for either an Executor or a Task. Since we support both default and custom executors at
* the moment, there is some conditional logic in here -- with the default executor, things like rlimits and images
* must be specified at the task level only, while secrets volumes must be specified at the executor level.
*
* @param podSpec The Spec for the task or executor that this container is being attached to
* @param addExtraParameters Add rlimits and docker image (if task), or secrets volumes if executor
* @param isTaskContainer Whether this container is being attached to a TaskInfo rather than ExecutorInfo
* @return the ContainerInfo to be attached
*/
private Protos.ContainerInfo getContainerInfo(
PodSpec podSpec, boolean addExtraParameters, boolean isTaskContainer)
{
Collection<Protos.Volume> secretVolumes = getExecutorInfoSecretVolumes(podSpec.getSecrets());
Collection<Protos.Volume> hostVolumes = getExecutorInfoHostVolumes(podSpec.getHostVolumes());
Protos.ContainerInfo.Builder containerInfo = Protos.ContainerInfo.newBuilder()
.setType(Protos.ContainerInfo.Type.MESOS);
if (isTaskContainer) {
containerInfo.getLinuxInfoBuilder().setSharePidNamespace(podSpec.getSharePidNamespace());
// Isolate the tmp directory of tasks
// switch to SANDBOX SELF after dc/os 1.13
containerInfo.addVolumes(Protos.Volume.newBuilder()
.setContainerPath("/tmp")
.setHostPath("tmp")
.setMode(Protos.Volume.Mode.RW));
LOGGER.info("Setting seccomp info unconfined: {} profile: {}",
podSpec.getSeccompUnconfined(),
podSpec.getSeccompProfileName());
if (podSpec.getSeccompUnconfined() != null && podSpec.getSeccompUnconfined()) {
containerInfo.getLinuxInfoBuilder().setSeccomp(Protos.SeccompInfo.newBuilder()
.setUnconfined(podSpec.getSeccompUnconfined())
.build());
}
if (podSpec.getSeccompProfileName().isPresent()) {
containerInfo.getLinuxInfoBuilder().setSeccomp(Protos.SeccompInfo.newBuilder()
.setProfileName(podSpec.getSeccompProfileName().get())
.build());
}
} else {
if (podSpec.getSharedMemory().isPresent()) {
containerInfo.getLinuxInfoBuilder().setIpcMode(podSpec.getSharedMemory().get());
}
if (podSpec.getSharedMemorySize().isPresent()) {
containerInfo.getLinuxInfoBuilder().setShmSize(podSpec.getSharedMemorySize().get());
}
}
for (Protos.Volume hostVolume : hostVolumes) {
containerInfo.addVolumes(hostVolume);
}
if (!podSpec.getImage().isPresent()
&& podSpec.getNetworks().isEmpty()
&& podSpec.getRLimits().isEmpty()
&& secretVolumes.isEmpty())
{
// Nothing left to do.
return containerInfo.build();
}
boolean shouldAddImage =
podSpec.getImage().isPresent() &&
addExtraParameters &&
isTaskContainer;
if (shouldAddImage) {
containerInfo.getMesosBuilder().getImageBuilder()
.setType(Protos.Image.Type.DOCKER)
.getDockerBuilder().setName(podSpec.getImage().get());
}
// With the default executor, all NetworkInfos must be defined on the executor itself rather than individual
// tasks. This check can be made much less ugly once the custom executor no longer need be supported.
if (!podSpec.getNetworks().isEmpty() && !isTaskContainer) {
LOGGER.info("Adding NetworkInfos for networks: {}",
podSpec.getNetworks().stream().map(n -> n.getName()).collect(Collectors.toList()));
containerInfo.addAllNetworkInfos(
podSpec.getNetworks().stream().map(PodInfoBuilder::getNetworkInfo).collect(Collectors.toList()));
}
if (!podSpec.getRLimits().isEmpty() && addExtraParameters) {
containerInfo.setRlimitInfo(getRLimitInfo(podSpec.getRLimits()));
}
if (addExtraParameters) {
for (Protos.Volume secretVolume : secretVolumes) {
containerInfo.addVolumes(secretVolume);
}
}
return containerInfo.build();
}
Example 12
| Source File: TaskInfoFactory.java From elasticsearch with Apache License 2.0 | 4 votes |
|
private Protos.ContainerInfo getContainer(Configuration configuration, Protos.TaskID taskID, Long elasticSearchNodeId, Protos.SlaveID slaveID) {
final Protos.Environment environment = Protos.Environment.newBuilder().addAllVariables(new ExecutorEnvironmentalVariables(configuration, elasticSearchNodeId).getList()).build();
final Protos.ContainerInfo.DockerInfo.Builder dockerInfo = Protos.ContainerInfo.DockerInfo.newBuilder()
.addParameters(Protos.Parameter.newBuilder().setKey("env").setValue("MESOS_TASK_ID=" + taskID.getValue()))
.setImage(configuration.getExecutorImage())
.setForcePullImage(configuration.getExecutorForcePullImage())
.setNetwork(Protos.ContainerInfo.DockerInfo.Network.HOST);
// Add all env vars to container
for (Protos.Environment.Variable variable : environment.getVariablesList()) {
dockerInfo.addParameters(Protos.Parameter.newBuilder().setKey("env").setValue(variable.getName() + "=" + variable.getValue()));
}
final Protos.ContainerInfo.Builder builder = Protos.ContainerInfo.newBuilder()
.setType(Protos.ContainerInfo.Type.DOCKER);
if (configuration.getExternalVolumeDriver() != null && configuration.getExternalVolumeDriver().length() > 0) {
LOGGER.debug("Is Docker Container and External Driver enabled");
//docker external volume driver
LOGGER.debug("Docker Driver: " + configuration.getExternalVolumeDriver());
//note: this makes a unique data volume name per elastic search node
StringBuffer sbData = new StringBuffer(configuration.getFrameworkName());
sbData.append(Long.toString(elasticSearchNodeId));
sbData.append("data:");
sbData.append(Configuration.CONTAINER_PATH_DATA);
String sHostPathOrExternalVolumeForData = sbData.toString();
LOGGER.debug("Data Volume Name: " + sHostPathOrExternalVolumeForData);
dockerInfo.addParameters(Protos.Parameter.newBuilder()
.setKey("volume-driver")
.setValue(configuration.getExternalVolumeDriver()));
dockerInfo.addParameters(Protos.Parameter.newBuilder()
.setKey("volume")
.setValue(sHostPathOrExternalVolumeForData));
} else {
if (!configuration.getDataDir().isEmpty()) {
builder.addVolumes(Protos.Volume.newBuilder()
.setHostPath(configuration.taskSpecificHostDir(slaveID))
.setContainerPath(Configuration.CONTAINER_PATH_DATA)
.setMode(Protos.Volume.Mode.RW)
.build());
}
}
builder.setDocker(dockerInfo);
if (!configuration.getElasticsearchSettingsLocation().isEmpty()) {
final Path path = Paths.get(configuration.getElasticsearchSettingsLocation());
final Path fileName = path.getFileName();
if (fileName == null) {
throw new IllegalArgumentException("Cannot parse filename from settings location. Please include the /elasticsearch.yml in the settings location.");
}
final String settingsFilename = fileName.toString();
// Mount the custom yml file over the top of the standard elasticsearch.yml file.
builder.addVolumes(Protos.Volume.newBuilder()
.setHostPath("./" + settingsFilename) // Because the file has been uploaded by the uris.
.setContainerPath(Configuration.CONTAINER_PATH_CONF_YML)
.setMode(Protos.Volume.Mode.RO)
.build());
}
return builder
.build();
}
