[device manager] Add protobuf for cgroup state checkpointing.
Currently the device manager has no means of recovering its state
after an agent restarts. This patch aims to add a protobuf definition
to let the device manager have a checkpoint file that it can use to
recover each cgroup's device access state.
Review: https://reviews.apache.org/r/75141/
diff --git a/src/Makefile.am b/src/Makefile.am
index 5b91319..02b9115 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -427,7 +427,9 @@
slave/containerizer/mesos/isolators/volume/csi/state.pb.cc \
slave/containerizer/mesos/isolators/volume/csi/state.pb.h \
slave/volume_gid_manager/state.pb.cc \
- slave/volume_gid_manager/state.pb.h
+ slave/volume_gid_manager/state.pb.h \
+ slave/containerizer/device_manager/state.pb.cc \
+ slave/containerizer/device_manager/state.pb.h
CXX_PROTOS += \
resource_provider/storage/disk_profile.pb.cc \
@@ -1040,7 +1042,8 @@
slave/containerizer/mesos/isolators/docker/volume/state.proto \
slave/containerizer/mesos/isolators/network/cni/spec.proto \
slave/containerizer/mesos/isolators/volume/csi/state.proto \
- slave/volume_gid_manager/state.proto
+ slave/volume_gid_manager/state.proto \
+ slave/containerizer/device_manager/state.proto
# TODO(tillt): Remove authentication/cram_md5/* which will enable us to
# lose the immediate cyrus-sasl2 dependency.
@@ -1500,7 +1503,8 @@
slave/containerizer/mesos/isolators/cgroups2/controllers/devices.cpp \
slave/containerizer/mesos/isolators/cgroups2/controllers/devices.hpp \
slave/containerizer/device_manager/device_manager.cpp \
- slave/containerizer/device_manager/device_manager.hpp
+ slave/containerizer/device_manager/device_manager.hpp \
+ slave/containerizer/device_manager/state.hpp
if ENABLE_XFS_DISK_ISOLATOR
MESOS_LINUX_FILES += \
diff --git a/src/slave/containerizer/device_manager/state.hpp b/src/slave/containerizer/device_manager/state.hpp
new file mode 100644
index 0000000..5231281
--- /dev/null
+++ b/src/slave/containerizer/device_manager/state.hpp
@@ -0,0 +1,23 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __DEVICE_MANAGER_STATE_HPP__
+#define __DEVICE_MANAGER_STATE_HPP__
+
+// ONLY USEFUL AFTER RUNNING PROTOC.
+#include "slave/containerizer/device_manager/state.pb.h"
+
+#endif // __DEVICE_MANAGER_STATE_HPP__
\ No newline at end of file
diff --git a/src/slave/containerizer/device_manager/state.proto b/src/slave/containerizer/device_manager/state.proto
new file mode 100644
index 0000000..5b7ab36
--- /dev/null
+++ b/src/slave/containerizer/device_manager/state.proto
@@ -0,0 +1,28 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto2";
+
+package mesos.internal.slave;
+
+message CgroupDeviceAccessMessage {
+ repeated string allow_list = 1;
+ repeated string deny_list = 2;
+}
+
+message CgroupsDeviceAccess {
+ map<string, CgroupDeviceAccessMessage> device_access_per_cgroup = 1;
+}
\ No newline at end of file
