void launchTask(ExecutorDriver* driver, const TaskInfo& task) { CHECK_EQ(REGISTERED, state); if (launched) { TaskStatus status; status.mutable_task_id()->MergeFrom(task.task_id()); status.set_state(TASK_FAILED); status.set_message( "Attempted to run multiple tasks using a \"command\" executor"); driver->sendStatusUpdate(status); return; } // Capture the TaskID. taskId = task.task_id(); // Determine the command to launch the task. CommandInfo command; if (taskCommand.isSome()) { // Get CommandInfo from a JSON string. Try<JSON::Object> object = JSON::parse<JSON::Object>(taskCommand.get()); if (object.isError()) { cerr << "Failed to parse JSON: " << object.error() << endl; abort(); } Try<CommandInfo> parse = protobuf::parse<CommandInfo>(object.get()); if (parse.isError()) { cerr << "Failed to parse protobuf: " << parse.error() << endl; abort(); } command = parse.get(); } else if (task.has_command()) { command = task.command(); } else { CHECK_SOME(override) << "Expecting task '" << task.task_id() << "' to have a command!"; } if (override.isNone()) { // TODO(jieyu): For now, we just fail the executor if the task's // CommandInfo is not valid. The framework will receive // TASK_FAILED for the task, and will most likely find out the // cause with some debugging. This is a temporary solution. A more // correct solution is to perform this validation at master side. if (command.shell()) { CHECK(command.has_value()) << "Shell command of task '" << task.task_id() << "' is not specified!"; } else { CHECK(command.has_value()) << "Executable of task '" << task.task_id() << "' is not specified!"; } } cout << "Starting task " << task.task_id() << endl; // TODO(benh): Clean this up with the new 'Fork' abstraction. // Use pipes to determine which child has successfully changed // session. This is needed as the setsid call can fail from other // processes having the same group id. int pipes[2]; if (pipe(pipes) < 0) { perror("Failed to create a pipe"); abort(); } // Set the FD_CLOEXEC flags on these pipes. Try<Nothing> cloexec = os::cloexec(pipes[0]); if (cloexec.isError()) { cerr << "Failed to cloexec(pipe[0]): " << cloexec.error() << endl; abort(); } cloexec = os::cloexec(pipes[1]); if (cloexec.isError()) { cerr << "Failed to cloexec(pipe[1]): " << cloexec.error() << endl; abort(); } Option<string> rootfs; if (sandboxDirectory.isSome()) { // If 'sandbox_diretory' is specified, that means the user // task specifies a root filesystem, and that root filesystem has // already been prepared at COMMAND_EXECUTOR_ROOTFS_CONTAINER_PATH. // The command executor is responsible for mounting the sandbox // into the root filesystem, chrooting into it and changing the // user before exec-ing the user process. // // TODO(gilbert): Consider a better way to detect if a root // filesystem is specified for the command task. #ifdef __linux__ Result<string> user = os::user(); if (user.isError()) { cerr << "Failed to get current user: "******"Current username is not found" << endl; abort(); } else if (user.get() != "root") { cerr << "The command executor requires root with rootfs" << endl; abort(); } rootfs = path::join( os::getcwd(), COMMAND_EXECUTOR_ROOTFS_CONTAINER_PATH); string sandbox = path::join(rootfs.get(), sandboxDirectory.get()); if (!os::exists(sandbox)) { Try<Nothing> mkdir = os::mkdir(sandbox); if (mkdir.isError()) { cerr << "Failed to create sandbox mount point at '" << sandbox << "': " << mkdir.error() << endl; abort(); } } // Mount the sandbox into the container rootfs. // We need to perform a recursive mount because we want all the // volume mounts in the sandbox to be also mounted in the container // root filesystem. However, since the container root filesystem // is also mounted in the sandbox, after the recursive mount we // also need to unmount the root filesystem in the mounted sandbox. Try<Nothing> mount = fs::mount( os::getcwd(), sandbox, None(), MS_BIND | MS_REC, NULL); if (mount.isError()) { cerr << "Unable to mount the work directory into container " << "rootfs: " << mount.error() << endl;; abort(); } // Umount the root filesystem path in the mounted sandbox after // the recursive mount. Try<Nothing> unmountAll = fs::unmountAll(path::join( sandbox, COMMAND_EXECUTOR_ROOTFS_CONTAINER_PATH)); if (unmountAll.isError()) { cerr << "Unable to unmount rootfs under mounted sandbox: " << unmountAll.error() << endl; abort(); } #else cerr << "Not expecting root volume with non-linux platform." << endl; abort(); #endif // __linux__ } // Prepare the argv before fork as it's not async signal safe. char **argv = new char*[command.arguments().size() + 1]; for (int i = 0; i < command.arguments().size(); i++) { argv[i] = (char*) command.arguments(i).c_str(); } argv[command.arguments().size()] = NULL; // Prepare the command log message. string commandString; if (override.isSome()) { char** argv = override.get(); // argv is guaranteed to be NULL terminated and we rely on // that fact to print command to be executed. for (int i = 0; argv[i] != NULL; i++) { commandString += string(argv[i]) + " "; } } else if (command.shell()) {
void launch(const TaskInfo& _task) { CHECK_EQ(SUBSCRIBED, state); if (launched) { update( _task.task_id(), TASK_FAILED, None(), "Attempted to run multiple tasks using a \"command\" executor"); return; } // Capture the task. task = _task; // Capture the TaskID. taskId = task->task_id(); // Capture the kill policy. if (task->has_kill_policy()) { killPolicy = task->kill_policy(); } // Determine the command to launch the task. CommandInfo command; if (taskCommand.isSome()) { // Get CommandInfo from a JSON string. Try<JSON::Object> object = JSON::parse<JSON::Object>(taskCommand.get()); if (object.isError()) { ABORT("Failed to parse JSON: " + object.error()); } Try<CommandInfo> parse = protobuf::parse<CommandInfo>(object.get()); if (parse.isError()) { ABORT("Failed to parse protobuf: " + parse.error()); } command = parse.get(); } else if (task->has_command()) { command = task->command(); } else { LOG(FATAL) << "Expecting task '" << task->task_id() << "' " << "to have a command"; } // TODO(jieyu): For now, we just fail the executor if the task's // CommandInfo is not valid. The framework will receive // TASK_FAILED for the task, and will most likely find out the // cause with some debugging. This is a temporary solution. A more // correct solution is to perform this validation at master side. if (command.shell()) { CHECK(command.has_value()) << "Shell command of task '" << task->task_id() << "' is not specified!"; } else { CHECK(command.has_value()) << "Executable of task '" << task->task_id() << "' is not specified!"; } cout << "Starting task " << task->task_id() << endl; // Prepare the argv before fork as it's not async signal safe. char **argv = new char*[command.arguments().size() + 1]; for (int i = 0; i < command.arguments().size(); i++) { argv[i] = (char*) command.arguments(i).c_str(); } argv[command.arguments().size()] = nullptr; #ifndef __WINDOWS__ pid = launchTaskPosix( task.get(), command, user, argv, rootfs, sandboxDirectory, workingDirectory); #else // A Windows process is started using the `CREATE_SUSPENDED` flag // and is part of a job object. While the process handle is kept // open the reap function will work. PROCESS_INFORMATION processInformation = launchTaskWindows( task.get(), command, argv, rootfs); pid = processInformation.dwProcessId; ::ResumeThread(processInformation.hThread); CloseHandle(processInformation.hThread); processHandle = processInformation.hProcess; #endif delete[] argv; cout << "Forked command at " << pid << endl; if (task->has_health_check()) { launchHealthCheck(task.get()); } // Monitor this process. process::reap(pid) .onAny(defer(self(), &Self::reaped, pid, lambda::_1)); update(task->task_id(), TASK_RUNNING); launched = true; }
void launch(const TaskInfo& _task) { CHECK_EQ(SUBSCRIBED, state); if (launched) { update( _task.task_id(), TASK_FAILED, None(), "Attempted to run multiple tasks using a \"command\" executor"); return; } // Capture the task. task = _task; // Capture the TaskID. taskId = task->task_id(); // Capture the kill policy. if (task->has_kill_policy()) { killPolicy = task->kill_policy(); } // Determine the command to launch the task. CommandInfo command; if (taskCommand.isSome()) { // Get CommandInfo from a JSON string. Try<JSON::Object> object = JSON::parse<JSON::Object>(taskCommand.get()); if (object.isError()) { cerr << "Failed to parse JSON: " << object.error() << endl; abort(); } Try<CommandInfo> parse = protobuf::parse<CommandInfo>(object.get()); if (parse.isError()) { cerr << "Failed to parse protobuf: " << parse.error() << endl; abort(); } command = parse.get(); } else if (task->has_command()) { command = task->command(); } else { CHECK_SOME(override) << "Expecting task '" << task->task_id() << "' to have a command!"; } if (override.isNone()) { // TODO(jieyu): For now, we just fail the executor if the task's // CommandInfo is not valid. The framework will receive // TASK_FAILED for the task, and will most likely find out the // cause with some debugging. This is a temporary solution. A more // correct solution is to perform this validation at master side. if (command.shell()) { CHECK(command.has_value()) << "Shell command of task '" << task->task_id() << "' is not specified!"; } else { CHECK(command.has_value()) << "Executable of task '" << task->task_id() << "' is not specified!"; } } cout << "Starting task " << task->task_id() << endl; // TODO(benh): Clean this up with the new 'Fork' abstraction. // Use pipes to determine which child has successfully changed // session. This is needed as the setsid call can fail from other // processes having the same group id. int pipes[2]; if (pipe(pipes) < 0) { perror("Failed to create a pipe"); abort(); } // Set the FD_CLOEXEC flags on these pipes. Try<Nothing> cloexec = os::cloexec(pipes[0]); if (cloexec.isError()) { cerr << "Failed to cloexec(pipe[0]): " << cloexec.error() << endl; abort(); } cloexec = os::cloexec(pipes[1]); if (cloexec.isError()) { cerr << "Failed to cloexec(pipe[1]): " << cloexec.error() << endl; abort(); } if (rootfs.isSome()) { // The command executor is responsible for chrooting into the // root filesystem and changing the user before exec-ing the // user process. #ifdef __linux__ Result<string> user = os::user(); if (user.isError()) { cerr << "Failed to get current user: "******"Current username is not found" << endl; abort(); } else if (user.get() != "root") { cerr << "The command executor requires root with rootfs" << endl; abort(); } #else cerr << "Not expecting root volume with non-linux platform." << endl; abort(); #endif // __linux__ } // Prepare the argv before fork as it's not async signal safe. char **argv = new char*[command.arguments().size() + 1]; for (int i = 0; i < command.arguments().size(); i++) { argv[i] = (char*) command.arguments(i).c_str(); } argv[command.arguments().size()] = NULL; // Prepare the command log message. string commandString; if (override.isSome()) { char** argv = override.get(); // argv is guaranteed to be NULL terminated and we rely on // that fact to print command to be executed. for (int i = 0; argv[i] != NULL; i++) { commandString += string(argv[i]) + " "; } } else if (command.shell()) {