blob: 93c5279c63f8060f515f1fdd7f6900c081956ff5 [file] [log] [blame]
Release Notes - Mesos - Version 1.4.4 (WIP)
-------------------------------------------
* This is a bug fix release.
** Bug
* [MESOS-9507] - Agent could not recover due to empty docker volume checkpointed files.
* [MESOS-9695] - Remove the duplicate pid check in Docker containerizer
* [MESOS-10126] - Docker volume isolator needs to clean up the `info` struct regardless the result of unmount operation
** Improvement:
* [MESOS-9159] - Support Foreign URLs in docker registry puller.
* [MESOS-9675] - Docker Manifest V2 Schema2 Support.
Release Notes - Mesos - Version 1.4.3
-------------------------------------
* This is a bug fix release.
** Bug
* [MESOS-8128] - Make os::pipe file descriptors O_CLOEXEC.
* [MESOS-8568] - Command checks should always call `WAIT_NESTED_CONTAINER` before `REMOVE_NESTED_CONTAINER`
* [MESOS-8620] - Containers stuck in FETCHING possibly due to unresponsive server.
* [MESOS-8917] - Agent leaking file descriptors into forked processes.
* [MESOS-8921] - Autotools don't work with newer OpenJDK versions
* [MESOS-9144] - Master authentication handling leads to request amplification.
* [MESOS-9145] - Master has a fragile burned-in 5s authentication timeout.
* [MESOS-9146] - Agent has a fragile burn-in 5s authentication timeout.
* [MESOS-9147] - Agent and scheduler driver authentication retry backoff time could overflow.
* [MESOS-9151] - Container stuck at ISOLATING due to FD leak.
* [MESOS-9170] - Zookeeper doesn't compile with newer gcc due to format error.
* [MESOS-9196] - Removing rootfs mounts may fail with EBUSY.
* [MESOS-9221] - If some image layers are large, the image pulling may stuck due to the authorized token expired.
* [MESOS-9231] - `docker inspect` may return an unexpected result to Docker executor due to a race condition.
* [MESOS-9279] - Docker Containerizer 'usage' call might be expensive if mount table is big.
* [MESOS-9283] - Docker containerizer actor can get backlogged with large number of containers.
* [MESOS-9304] - Test `CGROUPS_ROOT_PidNamespaceForward` and `CGROUPS_ROOT_PidNamespaceBackward` fails on 1.4.x.
* [MESOS-9334] - Container stuck at ISOLATING state due to libevent poll never returns.
* [MESOS-9419] - Executor to framework message crashes master if framework has not re-registered.
* [MESOS-9480] - Master may skip processing authorization results for `LAUNCH_GROUP`.
* [MESOS-9492] - Persist CNI working directory across reboot.
* [MESOS-9501] - Mesos executor fails to terminate and gets stuck after agent host reboot.
* [MESOS-9502] - IOswitchboard cleanup could get stuck due to FD leak from a race.
* [MESOS-9518] - CNI_NETNS should not be set for orphan containers that do not have network namespace.
* [MESOS-9532] - ResourceOffersTest.ResourceOfferWithMultipleSlaves is flaky.
* [MESOS-9533] - CniIsolatorTest.ROOT_CleanupAfterReboot is flaky.
** Improvement:
* [MESOS-9510] - Disallowed nan, inf and so on in `Value::Scalar`.
* [MESOS-9516] - Extend `min_allocatable_resources` flag to cover non-scalar resources.
Release Notes - Mesos - Version 1.4.2
-------------------------------------
* This is a bug fix release.
** Bug
* [MESOS-4527] - Roles can exceed limit allocation via reservations.
* [MESOS-6616] - Error: dereferencing type-punned pointer will break strict-aliasing rules.
* [MESOS-7099] - Quota can be exceeded due to coarse-grained offer technique.
* [MESOS-7504] - Parent's mount namespace cannot be determined when launching a nested container.
* [MESOS-7975] - The command/default/docker executor can incorrectly send a TASK_FINISHED update even when the task is killed.
* [MESOS-8106] - Docker fetcher plugin unsupported scheme failure message is not accurate.
* [MESOS-8125] - Agent should properly handle recovering an executor when its pid is reused.
* [MESOS-8159] - ns::clone uses an async signal unsafe stack.
* [MESOS-8171] - Using a failoverTimeout of 0 with Mesos native scheduler client can result in infinite subscribe loop.
* [MESOS-8237] - Strip (Offer|Resource).allocation_info for non-MULTI_ROLE schedulers.
* [MESOS-8253] - Mesos CI docker rmi conflict.
* [MESOS-8293] - Reservation may not be allocated when the role has no quota.
* [MESOS-8297] - Built-in driver-based executors ignore kill task if the task has not been launched.
* [MESOS-8339] - Quota headroom may be insufficiently held when role has more reservation than quota.
* [MESOS-8352] - Resources may get over allocated to some roles while fail to meet the quota of other roles.
* [MESOS-8356] - Persistent volume ownership is set to root despite of sandbox owner (frameworkInfo.user) when docker executor is used.
* [MESOS-8411] - Killing a queued task can lead to the command executor never terminating.
* [MESOS-8418] - mesos-agent high cpu usage because of numerous /proc/mounts reads.
* [MESOS-8480] - Mesos returns high resource usage when killing a Docker task.
* [MESOS-8488] - Docker bug can cause unkillable tasks.
* [MESOS-8550] - Bug in `Master::detected()` leads to coredump in `MasterZooKeeperTest.MasterInfoAddress`.
* [MESOS-8552] - CGROUPS_ROOT_PidNamespaceForward and CGROUPS_ROOT_PidNamespaceBackward tests fail.
* [MESOS-8569] - Allow newline characters when decoding base64 strings in stout.
* [MESOS-8573] - Container stuck in PULLING when Docker daemon hangs
* [MESOS-8574] - Docker executor makes no progress when 'docker inspect' hangs.
* [MESOS-8575] - Improve discard handling for 'Docker::stop' and 'Docker::pull'.
* [MESOS-8576] - Improve discard handling of 'Docker::inspect()'.
* [MESOS-8604] - Quota headroom tracking may be incorrect in the presence of hierarchical reservation.
* [MESOS-8605] - Terminal task status update will not send if 'docker inspect' is hung.
* [MESOS-8626] - The 'allocatable' check in the allocator is problematic with multi-role frameworks.
* [MESOS-8651] - Potential memory leaks in the `volume/sandbox_path` isolator.
* [MESOS-8786] - CgroupIsolatorProcess accesses subsystem processes directly.
* [MESOS-8830] - Agent gc on old slave sandboxes could empty persistent volume data
* [MESOS-8871] - Agent may fail to recover if the agent dies before image store cache checkpointed.
* [MESOS-8876] - Normal exit of Docker container using rexray volume results in TASK_FAILED.
* [MESOS-8881] - Enable epoll backend in libevent integration.
* [MESOS-8885] - Disable libevent debug mode.
* [MESOS-8904] - Master crash when removing quota.
* [MESOS-8934] - Update python.m4 to support Python 3.
* [MESOS-8935] - Quota limit "chopping" can lead to cpu-only and memory-only offers.
* [MESOS-8936] - Implement a Random Sorter for offer allocations.
* [MESOS-8942] - Master streaming API does not send (health) check updates for tasks.
* [MESOS-8945] - Master check failure due to CHECK_SOME(providerId).
* [MESOS-8947] - Improve the container preparing logging in IOSwitchboard and volume/secret isolator.
* [MESOS-8952] - process::await/collect n^2 performance issue.
* [MESOS-8963] - Executor crash trying to print container ID.
* [MESOS-8980] - mesos-slave can deadlock with docker pull.
* [MESOS-8986] - `slave.available()` in the allocator is expensive and drags down allocation performance.
* [MESOS-8987] - Master asks agent to shutdown upon auth errors.
* [MESOS-9049] - Agent GC could unmount a dangling persistent volume multiple times.
* [MESOS-9088] - `createStrippedScalarQuantity()` should clear all metadata fields.
* [MESOS-9125] - Port mapper CNI plugin might fail with "Resource temporarily unavailable"
* [MESOS-9127] - Port mapper CNI plugin might deadlock iptables on the agent.
Release Notes - Mesos - Version 1.4.1
-------------------------------------
* This is a bug fix release.
** Bug
* [MESOS-7873] - Expose `ExecutorInfo.ContainerInfo.NetworkInfo` in Mesos `state` endpoint.
* [MESOS-7921] - ProcessManager::resume sometimes crashes accessing EventQueue.
* [MESOS-7964] - Heavy-duty GC makes the agent unresponsive.
* [MESOS-7968] - Handle `/proc/self/ns/pid_for_children` when parsing available namespace.
* [MESOS-7969] - Handle cgroups v2 hierarchy when parsing /proc/self/cgroups.
* [MESOS-7980] - Stout fails to compile with libc >= 2.26.
* [MESOS-8051] - Killing TASK_GROUP fail to kill some tasks.
* [MESOS-8080] - The default executor does not propagate missing task exit status correctly.
* [MESOS-8090] - Mesos 1.4.0 crashes with 1.3.x agent with oversubscription
* [MESOS-8135] - Masters can lose track of tasks' executor IDs.
* [MESOS-8169] - Incorrect master validation forces executor IDs to be globally unique.
Release Notes - Mesos - Version 1.4.0
-------------------------------------
This release contains the following new features:
* [MESOS-5116] - The `disk/xfs` isolator now supports the
`--enforce_container_disk_quota` flag to efficiently measure disk
usage without enforcing usage constraints.
* [MESOS-6223] - Agents are now allowed to recover the agent ID
after a host reboot. See docs/upgrades.md for details.
* [MESOS-6375] - **Experimental** Support for hierarchical resource
allocation roles. Hierarchical roles allows delegation of resource
allocation policies (i.e. fair sharing and quota) further down the
hierarchy. For example, the "engineering" organization gets a 75%
share of the resources, but it's up to the operators within the
"engineering" organization to figure out how to fairly share between
the "engineering/backend" team and the "engineering/frontend" team.
The same delegation applies for quota. NOTE: There are known issues
related to hierarchical roles (e.g. hierarchical quota allocation
is not implemented and quota will be over-allocated if used with
hierarchical roles, see: MESOS-7402) and thus it is not recommended
for production usage at this time.
* [MESOS-7418, MESOS-7088] - File-based secrets are now supported for Mesos
and Universal containerizer. Image-pull secrets are supported for Docker
registry credentials.
* [MESOS-7477] - Linux ambient capabilites are now supported, so
frameworks can run tasks that use ambient capabilites to grant
limited additional privileged to tasks.
* [MESOS-7476, MESOS-7671] - Support for frameworks and operators
specifying Linux bounding capabilities in order to limit the
maximum privileges that a task may acquire.
Deprecations/Removals:
* [MESOS-7671] - LinuxInfo.capabilities is deprecated in favor
of LinuxInfo.effective_capabilities.
* [MESOS-7477] - The agent `--allowed_capabilities` flag is
deprecated in favor of `--effective_capabilities`
Unresolved Critical Issues:
* [MESOS-7643] - The order of isolators provided in '--isolation' flag is not preserved and instead sorted alphabetically
* [MESOS-7402] - Quota is over-allocated when used with hierarchical roles.
Additional API Changes:
* [MESOS-7755] The interpretation of the optional resource argument
passed in `Allocator::updateSlave` was changed from the total
amount of oversubscribed resources on the agent to the new total
resources (both revocable and non-revocable) on the agent. Custom
allocator implementation should be changed to interpretation of the
passed value as a total before updating.
Feature Graduations:
* [MESOS-2533] - Support HTTP checks in Mesos.
* [MESOS-3567] - Support TCP checks in Mesos.
All Resolved Issues:
** Bug
* [MESOS-1987] - Add support for SemVer build and prerelease labels to stout.
* [MESOS-4210] - Investigate increasing protobuf protocol message size limit.
* [MESOS-4331] - git commit-msg hook completely breaks fixup commits.
* [MESOS-4467] - Implement `sleep` in Windows
* [MESOS-4983] - Segfault in ProcessTest.Spawn with GCC 6
* [MESOS-4992] - sandbox uri does not work outisde mesos http server
* [MESOS-5187] - The filesystem/linux isolator does not set the permissions of the host_path.
* [MESOS-5903] - `GTEST_IS_THREADSAFE` guards prevent many tests from being run on Windows.
* [MESOS-5937] - `flags::parse` assumes the filesystem is rooted at '/'
* [MESOS-5938] - `net::links` is not implemented on Windows.
* [MESOS-6115] - Source tree contains compiled protobuf source
* [MESOS-6539] - Compile warning in GMock: "binding dereferenced null pointer to reference"
* [MESOS-6743] - Docker executor hangs forever if `docker stop` fails.
* [MESOS-6814] - Make sure compilation configuration is propagated correctly to third party dependencies
* [MESOS-6817] - Audit the use of UNICODE-related code paths
* [MESOS-6916] - Improve health checks validation.
* [MESOS-6950] - Launching two tasks with the same Docker image simultaneously may cause a staging dir never cleaned up
* [MESOS-6961] - Executors don't use glog for logging.
* [MESOS-7017] - HTTP API responses can crash the master.
* [MESOS-7115] - Agent should prefer LOG(FATAL) over EXIT().
* [MESOS-7173] - CMake does not define `GIT_SHA` etc. in build.cpp
* [MESOS-7186] - Metrics about used/allocated shared resources are incorrect accounted.
* [MESOS-7193] - Use of `GTEST_IS_THREADSAFE` in asserts is problematic.
* [MESOS-7252] - Need to fix resource check in long-lived framework
* [MESOS-7268] - CNI isolator should mount network related /etc/* files in readonly mode
* [MESOS-7351] - CMake < 3.8.0 cannot find VS2017 tools
* [MESOS-7373] - Remove thread_local workaround on OSX
* [MESOS-7374] - Running DOCKER images in Mesos Container Runtime without `linux/filesystem` isolation enabled renders host unusable
* [MESOS-7378] - Build failure with glibc 2.12.
* [MESOS-7381] - Flaky tests in NestedMesosContainerizerTest
* [MESOS-7389] - Mesos 1.2.0 crashes with pre-1.0 Mesos agents.
* [MESOS-7403] - Resources::apply(const Offer::Operation&) should fail when a shared persistent volume can't be removed
* [MESOS-7441] - RegisterSlaveValidationTest.DropInvalidRegistration is flaky
* [MESOS-7457] - HierarchicalAllocatorTest.NestedRoleQuota is flaky
* [MESOS-7458] - webui display of framework resources is confusing
* [MESOS-7459] - Fix the duration.hpp warning
* [MESOS-7462] - Flaky test HierarchicalAllocatorTest.NestedRoleDRF
* [MESOS-7464] - Recent Docker versions cannot be parsed by stout.
* [MESOS-7468] - Could not copy the sandbox path on WebUI
* [MESOS-7471] - Provisioner recover should not always assume 'rootfses' dir exists.
* [MESOS-7476] - Restrict capabilities to only the bounding set.
* [MESOS-7484] - VersionTest.ParseInvalid aborts on Windows.
* [MESOS-7496] - The /debug:fastlink linker option is not being respected
* [MESOS-7498] - Remove need to set environment variable `PreferredToolArchitecture`
* [MESOS-7502] - Build error on Windows when using "int" for a file descriptor
* [MESOS-7507] - Add a metric for the network size of replicas for the registry.
* [MESOS-7515] - MasterAllocatorTest/0.ResourcesUnused is flaky
* [MESOS-7524] - Basic fetcher success metrics
* [MESOS-7545] - Volume secret isolator breaks Windows build
* [MESOS-7552] - MasterAllocatorTest/0.FrameworkExited is flaky
* [MESOS-7569] - Allow "old" executors with half-open connections to be preserved during agent upgrade / restart.
* [MESOS-7581] - Specifying an unbundled dependency can cause build to pick up wrong Boost version
* [MESOS-7584] - ASF Jenkins build errors out on missing 'python-six' dependency
* [MESOS-7597] - libprocess build is broken
* [MESOS-7618] - CMake files incompatible with multi-configuration generators
* [MESOS-7627] - Mesos slave stucks
* [MESOS-7638] - The command `false` does not exist on Windows
* [MESOS-7640] - Docker containerizer fails to set sandbox logs ownership correctly.
* [MESOS-7652] - Docker image with universal containerizer does not work if WORKDIR is missing in the rootfs.
* [MESOS-7655] - Reservation Refinement: Update the resources logic.
* [MESOS-7662] - Documentation regarding TASK_LOST is misleading
* [MESOS-7666] - Update the agent to use the new resource format
* [MESOS-7667] - Update the master to use the new resource format.
* [MESOS-7669] - Update the test utilities to produce the resources in the new format
* [MESOS-7671] - Let frameworks specify the task bounding capabilities.
* [MESOS-7674] - Update the generic Protobuf to JSON facility to not output deprecated fields
* [MESOS-7679] - V1 Operator API update for reservation refinement.
* [MESOS-7689] - Libprocess can crash on malformed request paths for libprocess messages.
* [MESOS-7690] - The agent can crash when an unknown executor tries to register.
* [MESOS-7700] - Prevent reserve/create operations with refined reservations on non-capable agents.
* [MESOS-7703] - Mesos fails to exec a custom executor when no shell is used
* [MESOS-7711] - Master updates registry for reregistering agents even when they haven't been unreachable
* [MESOS-7714] - Fix agent downgrade for reservation refinement
* [MESOS-7716] - Mesos 1.2.0 agent crashes Mesos 1.4.0 master
* [MESOS-7725] - PersistentVolumeEndpointsTest.ReserveAndSlaveRemoval test is flaky
* [MESOS-7728] - Java HTTP adapter crashes JVM when leading master disconnects.
* [MESOS-7735] - The master crashes when state endpoint is hit during a task authorization.
* [MESOS-7744] - Mesos Agent Sends TASK_KILL status update to Master, and still launches task
* [MESOS-7751] - Mesos failed to build on Windows due to error C2039: 'parse': is not a member of 'mesos::internal::protobuf'
* [MESOS-7753] - `log.LearnedMessage` could be rejected due to being sent from '@0.0.0.0:0'
* [MESOS-7758] - Stout doesn't build standalone.
* [MESOS-7761] - Website ruby deps do not bundle on macOS
* [MESOS-7765] - MasterTest.KillUnknownTask is failling due to a bug in `net::IPv4::ANY()`
* [MESOS-7769] - libprocess initializes to bind to random port if --ip is not specified
* [MESOS-7770] - Persistent volume might not be mounted if there is a sandbox volume whose source is the same as the target of the persistent volume.
* [MESOS-7772] - Copy-n-paste error in slave/main.cpp
* [MESOS-7775] - Eliminate extra process abort in a subprocess watchdog
* [MESOS-7777] - Agent failed to recover due to mount namespace leakage in Docker 1.12/1.13
* [MESOS-7778] - Hide per-platform subprocess headers.
* [MESOS-7783] - Framework might not receive status update when a just launched task is killed immediately
* [MESOS-7794] - Mesos failed with error c2102 when build in conformance mode (/permissive-)
* [MESOS-7796] - LIBPROCESS_IP isn't passed on to the fetcher
* [MESOS-7797] - Hard-coded forward slash breaks windows docker container task in DC/OS
* [MESOS-7805] - mesos-execute has incorrect example TaskInfo in help string
* [MESOS-7817] - CreateProcess wrapper's error message is bad
* [MESOS-7821] - Resource refinement does downgrade task.executor.resources in LAUNCH_GROUP handler.
* [MESOS-7830] - Sandbox_path volume does not have ownership set correctly.
* [MESOS-7831] - Resource refinement is not applied to tasks in completed_frameworks.
* [MESOS-7849] - The rlimits and linux/capabilities isolators should support nested containers
* [MESOS-7858] - Launching a nested container with namespace/pid isolation, with glibc < 2.25, may deadlock the LinuxLauncher and MesosContainerizer
* [MESOS-7863] - Agent may drop pending kill task status updates.
* [MESOS-7865] - Agent may process a kill task and still launch the task.
* [MESOS-7869] - Build fails with `--disable-zlib` or `--with-zlib=DIR`
* [MESOS-7871] - Agent fails assertion during request to '/state'
* [MESOS-7872] - Scheduler hang when registration fails.
* [MESOS-7888] - Track fetcher task success and failures
* [MESOS-7909] - Ordering dependency between 'linux/capabilities' and 'docker/runtime' isolator.
* [MESOS-7912] - Master WebUI not working in Chrome.
* [MESOS-7921] - process::EventQueue sometimes crashes
* [MESOS-7922] - Fix communication between old masters and new agents.
* [MESOS-7926] - Abnormal termination of default executor can cause MesosContainerizer::destroy to fail.
* [MESOS-7934] - OOM due to LibeventSSLSocket send incorrectly returning 0 after shutdown.
** Documentation
* [MESOS-7246] - Add documentation for AGENT_ADDED/AGENT_REMOVED events.
* [MESOS-7349] - Document Mesos "check" feature.
* [MESOS-7501] - Change legacy --with-network-isolator to --with-port-mapping-isolator
** Epic
* [MESOS-6975] - Prevent pre-1.0 agents from registering with 1.3+ master.
* [MESOS-7088] - Support private registry credential per container.
* [MESOS-7623] - Automatically publish website through CI
** Improvement
* [MESOS-5116] - Investigate supporting accounting only mode in XFS isolator
* [MESOS-5417] - define WSTRINGIFY behaviour on Windows
* [MESOS-6053] - Combine test helpers into one single binary.
* [MESOS-6223] - Allow agents to re-register post a host reboot
* [MESOS-6535] - The default executor should support kill policies
* [MESOS-6549] - Asynchronous dir removal in agent GC
* [MESOS-6782] - Inherit Environment from parent container when launching DEBUG container.
* [MESOS-6905] - Task status updates caused by task health update do not set appropriate reason.
* [MESOS-6976] - Disallow (re-)registration attempts by old agents.
* [MESOS-6977] - Cleanup tech debt in master for old agents
* [MESOS-6978] - Update webui to remove orphan tasks
* [MESOS-7006] - Launch docker containers with --cpus instead of cpu-shares
* [MESOS-7015] - Frameworks should be able to (re)register in suppressed state
* [MESOS-7092] - Health checker duplicates a lot of checker's functionality.
* [MESOS-7228] - Upgrade Mesos to build with proto3.
* [MESOS-7327] - Add a test with multiple tasks and checks for the default executor.
* [MESOS-7343] - Add a ReviewBot for testing patches on Windows
* [MESOS-7355] - Set MESOS_SANDBOX in debug containers.
* [MESOS-7364] - Upgrade vendored GMock / GTest
* [MESOS-7401] - Optionally reject messages when UPIDs does not match IP.
* [MESOS-7418] - Add support for file-based secrets
* [MESOS-7429] - Allow isolators to inject task-specific environment variables.
* [MESOS-7451] - Expose MOUNT volumes of an agent in master's v0 HTTP API
* [MESOS-7477] - Support ambient capabilities.
* [MESOS-7540] - Add an agent flag for executor re-registration timeout.
* [MESOS-7542] - Add executor reconnection retry logic to the agent
* [MESOS-7572] - Attach latest symlink when executor is registered.
* [MESOS-7585] - Added 'mesos config show' command to the new Mesos CLI.
* [MESOS-7608] - Protobuf definitions for domains
* [MESOS-7609] - Protobuf definitions for region-aware framework capability
* [MESOS-7610] - Support domains in master and agent
* [MESOS-7611] - Prevent master from joining mixed-region cluster
* [MESOS-7612] - Prevent agent with misconfigured domain from registering
* [MESOS-7614] - Only offer resources on remote agents to region-aware frameworks
* [MESOS-7630] - Add simple filtering to unversioned operator API
* [MESOS-7644] - Add DomainInfo to offers
* [MESOS-7782] - Add fetcher cache size metrics.
* [MESOS-7792] - Add support for ECDH ciphers
* [MESOS-7808] - Bundling gRPC into 3rdparty
* [MESOS-7809] - Building gRPC with Autotools
* [MESOS-7810] - gRPC support in libprocess
* [MESOS-7814] - Improve the test frameworks.
* [MESOS-7862] - Get rid of timestamp and date in generated javadoc files
* [MESOS-7870] - Refactor libssl and libcrypto checks for building gRPC
* [MESOS-7881] - Building gRPC with CMake
** Task
* [MESOS-6101] - Add Framwork events to master's operator API
* [MESOS-6162] - Add support for cgroups blkio subsystem blkio statistics.
* [MESOS-6441] - Display reservations in the agent page in the webui.
* [MESOS-7149] - Support reservations for role subtrees
* [MESOS-7283] - Add ability to initialize a test cluster for Mesos CLI unit-test infrastructure
* [MESOS-7304] - Fetcher should not depend on SlaveID.
* [MESOS-7315] - Design doc for resource provider and storage integration.
* [MESOS-7414] - Enable authorization for master's logging API calls: GET_LOGGING_LEVEL and SET_LOGGING_LEVEL
* [MESOS-7415] - Add authorization to master's operator maintenance API in v0 and v1
* [MESOS-7416] - Filter results of `/master/slaves` and the v1 call GET_AGENTS
* [MESOS-7417] - Design doc for file-based secrets.
* [MESOS-7433] - Set working directory in DEBUG containers.
* [MESOS-7449] - Refactor containerizers to not depend on TaskInfo or ExecutorInfo
* [MESOS-7488] - Add `--ip6` and `--ip6_discovery_command` flag to Mesos agent
* [MESOS-7505] - Enable hierarchical roles
* [MESOS-7560] - Add 'type' and 'name' to ResourceProviderInfo.
* [MESOS-7571] - Add `--resource_provider_config_dir` flag to the agent.
* [MESOS-7576] - Add master flag `--filter-gpu-resources={true|false}`
* [MESOS-7582] - Add Config class to manage the Mesos CLI config file.
* [MESOS-7591] - Update master to use resource provider IDs instead of agent ID in allocator calls.
* [MESOS-7593] - Update offer handling in the master to consider local resource providers
* [MESOS-7624] - Move website from svn to git
* [MESOS-7625] - Create script to automate publishing website
* [MESOS-7626] - Create a CI job to publish the website
* [MESOS-7631] - DefautlExecutor needs to inform tasks about IP addresses
* [MESOS-7632] - Add `HIERARCHICAL_ROLE` agent capability
* [MESOS-7633] - Prevent hierarchical roles from being allocated resources from non-HIERARCHICAL_ROLE agents.
* [MESOS-7665] - V0 Operator API update for reservation refinement.
* [MESOS-7668] - Update authorization to handle reservation refinement.
* [MESOS-7696] - Update resource provider design in the master
* [MESOS-7709] - Add --default_container_dns flag to the agent.
* [MESOS-7713] - Optimize number of copies made in dispatch/defer mechanism
* [MESOS-7755] - Update allocator to support updating agent total resources
* [MESOS-7757] - Update master to handle updates to agent total resources
* [MESOS-7767] - Make `net::IP` fields protected to allow for inheritance
* [MESOS-7780] - Add `SUBSCRIBE` call handling to the resource provider manager
* [MESOS-7806] - Add copy assignment operator to `net::IP::Network`
* [MESOS-7853] - Support shared PID namespace.
* [MESOS-7879] - The kill nested container call should provide ability to specify a signal.
Release Notes - Mesos - Version 1.3.2 (WIP)
-------------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-6743] - Docker executor hangs forever if `docker stop` fails.
* [MESOS-6950] - Launching two tasks with the same Docker image simultaneously may cause a staging dir never cleaned up.
* [MESOS-7652] - Docker image with universal containerizer does not work if WORKDIR is missing in the rootfs.
Release Notes - Mesos - Version 1.3.1
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-5187] - The filesystem/linux isolator does not set the permissions of the host_path.
* [MESOS-7252] - Need to fix resource check in long-lived framework.
* [MESOS-7429] - Allow isolators to inject task-specific environment variables.
* [MESOS-7540] - Add an agent flag for executor re-registration timeout.
* [MESOS-7546] - WAIT_NESTED_CONTAINER sometimes returns 404.
* [MESOS-7569] - Allow "old" executors with half-open connections to be preserved during agent upgrade / restart.
* [MESOS-7581] - Fix interference of external Boost installations when using some unbundled dependencies.
* [MESOS-7689] - Libprocess can crash on malformed request paths for libprocess messages.
* [MESOS-7690] - The agent can crash when an unknown executor tries to register.
* [MESOS-7692] - Default environment variables defined in Docker image are not available in Mesos containerizer.
* [MESOS-7703] - Mesos fails to exec a custom executor when no shell is used.
* [MESOS-7728] - Java HTTP adapter crashes JVM when leading master disconnects.
* [MESOS-7770] - Persistent volume might not be mounted if there is a sandbox volume whose source is the same as the target of the persistent volume.
* [MESOS-7777] - Agent failed to recover due to mount namespace leakage in Docker 1.12/1.13.
* [MESOS-7796] - LIBPROCESS_IP isn't passed on to the fetcher.
* [MESOS-7830] - Sandbox_path volume does not have ownership set correctly.
Release Notes - Mesos - Version 1.3.0
-------------------------------------
This release contains the following new features:
* [MESOS-1763] - Support for frameworks to receive resources for multiple
roles. This allows "multi-user" frameworks to leverage the role-based
resource allocation in mesos. Prior to this support, one had to run
multiple instances of a single-user framework to achieve multi-user
resource allocation, or implement multi-user resource allocation in
the framework.
* [MESOS-6365] - Authentication and authorization support for HTTP executors.
A new `--authenticate_http_executors` agent flag enables required
authentication on the HTTP executor API. A new `--executor_secret_key` flag
sets a key file to be used when generating and authenticating default tokens
that are passed to HTTP executors. Note that enabling these flags after
upgrade is disruptive to HTTP executors that were launched before the
upgrade; see 'docs/authentication.md' for more information on these flags
and the recommended upgrade procedure. Implicit authorization rules have
been added which allow an authenticated executor to make executor API calls
as that executor and make operator API calls which affect that executor's
container. See 'docs/authorization.md' for more information on these
implicit authorization rules.
* [MESOS-6627] - Support for frameworks to modify the role(s) they are
subscribed to. This is essential to supporting "multi-user" frameworks
(see MESOS-1763) in that roles are expected to come and go over time
(e.g. new employees join, new teams are formed, employees leave, teams
are disbanded, etc).
**NOTE**: In Mesos 1.3.0, the master will no longer allow 0.x agents to
register. Interoperability between 1.1+ masters and 0.x agents has never
been supported; however, it was not explicitly disallowed, either.
Starting with this release of Mesos, registration attempts by 0.x Mesos
agents will be ignored.
Deprecations/Removals:
* [MESOS-7259] - Remove deprecated ACLs `SetQuota` and `RemoveQuota`.
This change is only applicable to the local authorizer since internally
these acls were being translated to the `UPDATE_QUOTA` action.
* [MESOS-7320] - Remove deprecated ACL `ShutdownFramework`.
This change is only applicable to the local authorizer since internally
these acls were being translated to the `TEARDOWN_FRAMEWORK` action.
Unresolved Critical Issues:
* [MESOS-1625] - Extra trailing CRLF being sent after the HTTP body in libprocess.
* [MESOS-1718] - Command executor can overcommit the agent.
* [MESOS-2554] - Slave flaps when using --slave_subsystems that are not used for isolation.
* [MESOS-2774] - SIGSEGV received during process::MessageEncoder::encode().
* [MESOS-2842] - Update FrameworkInfo.principal on framework re-registration.
* [MESOS-3533] - Unable to find and run URIs files.
* [MESOS-3747] - HTTP Scheduler API no longer allows FrameworkInfo.user to be empty string.
* [MESOS-3794] - Master should not store arbitrarily sized data in ExecutorInfo.
* [MESOS-4259] - mesos HA can't delete the the redundant container on failure slave node.
* [MESOS-4297] - Executor does not shutdown when framework teardown.
* [MESOS-4642] - Mesos Agent Json API can dump binary data from log files out as invalid JSON.
* [MESOS-4996] - 'containerizer->update' will always fail after killing a docker container.
* [MESOS-5352] - Docker volume isolator cleanup can be blocked by first cleanup failure.
* [MESOS-5396] - After failover, master does not remove agents with same UPID.
* [MESOS-5849] - Agent sandboxes on Windows surpass the 260 character path length limit.
* [MESOS-5859] - Some tasks are always in staged state.
* [MESOS-5989] - Libevent SSL Socket downgrade code accesses uninitialized memory / assumes single peek is sufficient.
* [MESOS-5995] - Protobuf JSON deserialisation does not accept numbers formated as strings.
* [MESOS-6356] - ASF CI has interleaved logging.
* [MESOS-6615] - Running mesos-slave in the docker that leave many zombie process.
* [MESOS-6623] - Re-enable tests impacted by request streaming support.
* [MESOS-6632] - ContainerLogger might leak FD if container launch fails.
* [MESOS-6780] - ContentType/AgentAPIStreamingTest.AttachContainerInput test fails reliably.
* [MESOS-6784] - IOSwitchboardTest.KillSwitchboardContainerDestroyed is flaky.
* [MESOS-6804] - Running 'tty' inside a debug container that has a tty reports "Not a tty".
* [MESOS-6843] - Fetcher should not assume stdout/stderr in the sandbox.
* [MESOS-6913] - AgentAPIStreamingTest.AttachInputToNestedContainerSession fails on Mac OS.
* [MESOS-6974] - DefaultExecutorTest.CommitSuicideOnTaskFailure test is flaky.
* [MESOS-6986] - `abort` in `DRFSorter::add`.
* [MESOS-7017] - HTTP API responses can crash the master.
* [MESOS-7082] - ROOT_DOCKER_DockerAndMesosContainerizers/DefaultExecutorTest.KillTask/0 is flaky.
* [MESOS-7099] - Quota can be exceeded due to coarse-grained offer technique.
* [MESOS-7215] - Race condition on re-registration of non-partition-aware frameworks.
* [MESOS-7298] - Fetcher caches files with world-readable permissions.
* [MESOS-7362] - GPU support can't work when run spark.
* [MESOS-7374] - Running DOCKER images in Mesos Container Runtime without `linux/filesystem` isolation enabled renders host unusable.
* [MESOS-7381] - Flaky tests in NestedMesosContainerizerTest.
* [MESOS-7386] - Executor not cleaning up existing running docker containers if external logrotate/logger processes die/killed.
Feature Graduations:
* [MESOS-2449] - Support group of tasks (Pod) constructs and API in Mesos.
* [MESOS-4641] - Support Container Network Interface (CNI).
* [MESOS-6419] - Teardown unregistered frameworks.
All Experimental Features:
* [MESOS-2533] - Support HTTP checks in Mesos.
* [MESOS-3094] - Mesos on Windows.
* [MESOS-3421] - Support sharing of resources across task instances.
* [MESOS-3567] - Support TCP checks in Mesos.
* [MESOS-4312] - Porting Mesos on Power (ppc64le).
* [MESOS-4355] - Implement isolator for Docker volume.
* [MESOS-4791] - Operator API v1.
* [MESOS-4828] - XFS disk quota isolator.
* [MESOS-5275] - Add capabilities support for mesos containerizer.
* [MESOS-5344] - Partition-aware Mesos frameworks.
* [MESOS-5788] - Added JAVA API adapter for seamless transition to new scheduler API.
* [MESOS-5931] - Support auto backend in Mesos Containerizer.
* [MESOS-6014] - Added port mapping CNI plugin.
* [MESOS-6077] - Added a default (task group) executor.
* [MESOS-6402] - rlimit support for Mesos containerizer.
* [MESOS-6460] - Container Attach/Exec.
* [MESOS-6758] - Support docker registry that requires basic auth.
* [MESOS-6906] - Introduce a general non-interpreting task check.
All Resolved Issues:
** Bug
* [MESOS-1987] - Add support for SemVer build and prerelease labels to stout.
* [MESOS-4245] - Add `dist` target to CMake solution.
* [MESOS-4263] - Report volume usage through ResourceStatistics.
* [MESOS-5028] - Copy provisioner cannot replace directory with symlink.
* [MESOS-5172] - Registry puller cannot fetch blobs correctly from http Redirect 3xx urls.
* [MESOS-5288] - Update leveldb patch file to suport s390x.
* [MESOS-5880] - Semantics of `environment` differ across Windows and POSIX.
* [MESOS-6134] - Port CFS quota support to Docker Containerizer using command executor.
* [MESOS-6138] - Add 'syntax=proto2' to all .proto files in Mesos.
* [MESOS-6327] - Large docker images causes container launch failures: Too many levels of symbolic links.
* [MESOS-6560] - The default stout stringify always copies its argument.
* [MESOS-6606] - Reject optimized builds with libcxx before 3.9.
* [MESOS-6720] - Check that `PreferredToolArchitecture` is set to `x64` on Windows before building.
* [MESOS-6730] - Reserve operation should validate reserved resource role against resource allocationInfo role.
* [MESOS-6731] - Create a test filter for stout tests that use `symlink` on Windows, as they will fail if not run as admin.
* [MESOS-6732] - XFS disk isolator should check whether quotas are enabled.
* [MESOS-6742] - Adding support for s390x architecture.
* [MESOS-6815] - Enable glog stack traces when we call things like `ABORT` on Windows.
* [MESOS-6858] - network/cni isolator generates incomplete resolv.conf.
* [MESOS-6868] - Transition Windows away from `os::killtree`.
* [MESOS-6892] - Reconsider process creation primitives on Windows.
* [MESOS-6907] - FutureTest.After3 is flaky.
* [MESOS-6951] - Docker containerizer: mangled environment when env value contains LF byte.
* [MESOS-6953] - A compromised mesos-master node can execute code as root on agents.
* [MESOS-6976] - Disallow (re-)registration attempts by old agents.
* [MESOS-6982] - PerfTest.Version fails on recent Arch Linux.
* [MESOS-7022] - Update framework authorization to support multiple roles.
* [MESOS-7029] - FaultToleranceTest.FrameworkReregister is flaky.
* [MESOS-7035] - Add test for framework upgrading to MULTI_ROLE with tasks running.
* [MESOS-7049] - CgroupsAnyHierarchyWithPerfEventTest.ROOT_CGROUPS_PERF_PerfTest is broken on Fedora 25.
* [MESOS-7097] - Framework credentials can be used to register as an agent.
* [MESOS-7133] - mesos-fetcher fails with openssl-related output.
* [MESOS-7135] - Outstanding offers to a dropped framework role should be rescinded.
* [MESOS-7146] - OSX broken due to wrong configuration of LevelDB after update.
* [MESOS-7158] - Add `role` to task/executor to indicate allocation role of their resources.
* [MESOS-7165] - Agents should be able to upgrade to be MULTI_ROLE capable.
* [MESOS-7172] - CMake does not incrementally recompile.
* [MESOS-7182] - Couple of MULTI_ROLE related tests are flaky.
* [MESOS-7197] - Requesting tiny amount of CPU crashes master.
* [MESOS-7208] - Persistent volume ownership is set to root when task is running with non-root user.
* [MESOS-7210] - HTTP health check doesn't work when mesos runs with --docker_mesos_image.
* [MESOS-7225] - Tasks launched via the default executor cannot access disk resource volumes.
* [MESOS-7236] - Base64 encoding/decoding (via stout) behaves differently on Windows.
* [MESOS-7237] - Enabling cgroups_limit_swap can lead to "invalid argument" error.
* [MESOS-7248] - RemoveNestedContainer returns unsupported.
* [MESOS-7255] - New mesos-style.py linter behavior breaks commiting when virtualenv is not installed.
* [MESOS-7259] - Remove deprecated ACLs `SetQuota` and `RemoveQuota`.
* [MESOS-7261] - maintenance.html is missing during packaging.
* [MESOS-7263] - User supplied task environment variables cause warnings in sandbox stdout.
* [MESOS-7264] - Possibly duplicate environment variables should not leak values to the sandbox.
* [MESOS-7265] - Containerizer startup may cause sensitive data to leak into sandbox logs.
* [MESOS-7270] - Java V1 Framwork Test failed on macOS.
* [MESOS-7272] - Unified containerizer does not support docker registry version < 2.3.
* [MESOS-7280] - Unified containerizer provisions docker image error with COPY backend.
* [MESOS-7281] - Backwards incompatible UpdateFrameworkMessage handling.
* [MESOS-7287] - Fix post-reviews.py to find `rbt.cmd` on Windows.
* [MESOS-7300] - Mesos failed to build on Windows due to error C2440: 'return': cannot convert from 'Error' to 'bool'.
* [MESOS-7311] - CopyFetcherPluginTest.FetchExistingFile.
* [MESOS-7316] - Upgrading Mesos to 1.2.0 results in some information missing from the `/flags` endpoint.
* [MESOS-7323] - Framework role tracking in allocator results in framework treated as active incorrectly.
* [MESOS-7340] - Log HTTP accesses to the /files endpoint.
* [MESOS-7346] - Agent crashes if the task name is too long.
* [MESOS-7348] - Network isolator crashes agent on startup when network interface cannot be found.
* [MESOS-7350] - Failed to pull image from Nexus Registry due to signature missing.
* [MESOS-7363] - Improver master robustness against duplicate UPIDs.
* [MESOS-7365] - Compile error with recent glibc.
* [MESOS-7372] - Improve agent re-registration robustness.
* [MESOS-7378] - Build failure with glibc 2.12.
* [MESOS-7389] - Mesos 1.2.0 crashes with pre-1.0 Mesos agents.
* [MESOS-7400] - The mesos master crashes due to an incorrect invariant check in the decoder.
* [MESOS-7427] - Registry puller cannot fetch manifests from Amazon ECR: 405 Unsupported.
* [MESOS-7430] - Per-role Suppress call implementation is broken.
* [MESOS-7431] - Registry puller cannot fetch manifests from Google GCR: 403 Forbidden.
* [MESOS-7453] - glyphicons-halflings-regular.woff2 is missing in WebUI.
* [MESOS-7456] - Compilation error on recent glibc in cgroups device subsystem.
* [MESOS-7464] - Recent Docker versions cannot be parsed by stout.
* [MESOS-7471] - Provisioner recover should not always assume 'rootfses' dir exists.
* [MESOS-7478] - Pre-1.2.x master does not work with 1.2.x agent.
* [MESOS-7484] - VersionTest.ParseInvalid aborts on Windows.
* [MESOS-7521] - Major performance regression in DRF sorter.
* [MESOS-7538] - Don't validate re-registrations that are going to be dropped.
** Documentation
* [MESOS-7005] - Add executor authentication documentation.
* [MESOS-7324] - Update documentation to reflect the addition of multi-role framework support.
** Epic
* [MESOS-1763] - Add support for frameworks to receive resources for multiple roles.
* [MESOS-6365] - Executor authentication.
* [MESOS-6627] - Allow frameworks to modify the role(s) they are subscribed to.
** Improvement
* [MESOS-970] - Upgrade bundled leveldb to 1.19.
* [MESOS-5186] - mesos.interface: Allow using protobuf 3.x.
* [MESOS-5992] - Complete the list of API Calls on the Operator HTTP API Doc.
* [MESOS-6280] - Task group executor should support command health checks.
* [MESOS-6304] - Add authentication support to the default executor.
* [MESOS-6523] - Agent cgroup assignment should precede agent initialization.
* [MESOS-6906] - Introduce a general non-interpreting task check.
* [MESOS-7021] - Consistent symlink behavior for os::stat accessors.
* [MESOS-7074] - port_mapping isolator: do not depend on /sys/class/net/<ifname>/speed.
* [MESOS-7101] - ExamplesTest.PersistentVolumeFramework failed on ASF CI.
* [MESOS-7120] - Add an Agent API call to cleanup nested container artifacts.
* [MESOS-7226] - Introduce precompiled headers (on Windows).
* [MESOS-7249] - Default executor does not support general checks.
* [MESOS-7256] - Replace Boost Type Traits leftovers with STL.
* [MESOS-7274] - Health checker does not support pause / resume.
* [MESOS-7275] - General checker does not support TCP checks.
* [MESOS-7276] - General checker does not support pause / resume.
* [MESOS-7277] - General checker does not support command checks via agent.
* [MESOS-7376] - Reduce copying of the Registry to improve Registrar performance.
* [MESOS-7387] - ZK master contender and detector don't respect zk_session_timeout option.
** Task
* [MESOS-3139] - Incorporate CMake into standard documentation.
* [MESOS-5418] - Test case: Escape containerizer command line on Windows.
* [MESOS-6022] - unit-test for port-mapper CNI plugin.
* [MESOS-6032] - Add infrastructure for unit tests in the new python-based CLI.
* [MESOS-6123] - Implement GET_AGENT call in v1 agent API.
* [MESOS-6447] - Display role weight / role quota information in the webui.
* [MESOS-6636] - Validate that tasks / executors / reservations / volumes do not mix Resource.allocation_info.roles.
* [MESOS-6637] - Validate that schedulers cannot perform operations on offers with different allocation roles.
* [MESOS-6657] - Update the webui to reflect that frameworks have multiple roles.
* [MESOS-6691] - Enable SSL in Mesos builds.
* [MESOS-6762] - Update release notes for multi-role changes.
* [MESOS-6791] - Allow to specific the device whitelist entries in cgroup devices subsystem.
* [MESOS-6808] - Refactor Docker::run to only take docker cli parameters.
* [MESOS-6855] - Add `role` section to response of /state endpoint.
* [MESOS-6886] - Add authorization tests for debug API handlers.
* [MESOS-6940] - Do not send offers to MULTI_ROLE schedulers if agent does not have MULTI_ROLE capability.
* [MESOS-6967] - Ensure offer operations can be applied for MULTI_ROLE and non-MULTI_ROLE frameworks.
* [MESOS-6992] - Remove validation against "/" characters in roles to support hierarchical roles.
* [MESOS-6995] - Update the webui to reflect hierarchical roles.
* [MESOS-6996] - Add a 'Secret' protobuf message.
* [MESOS-6997] - Add the SecretGenerator module interface.
* [MESOS-6998] - Add authentication support to agent's '/v1/executor' endpoint.
* [MESOS-6999] - Add agent support for generating and passing executor secrets.
* [MESOS-7000] - Implement a JWT SecretGenerator.
* [MESOS-7001] - Implement a JWT authenticator.
* [MESOS-7003] - Introduce a 'Principal' type.
* [MESOS-7004] - Enable multiple HTTP authenticator modules.
* [MESOS-7009] - Add a 'secret' field to the 'Environment' message.
* [MESOS-7011] - Add an '--executor_secret_key' flag to the agent.
* [MESOS-7013] - Update the authorizer interface for executor authentication.
* [MESOS-7014] - Add implicit executor authorization to local authorizer.
* [MESOS-7024] - Update the allocator to handle hierarchical roles.
* [MESOS-7026] - Update authorization / authorization-filtering to handle hierarchical roles.
* [MESOS-7037] - Prevent setting quota on nested roles not contained by parent role quota.
* [MESOS-7038] - Update quota cluster capacity heuristic for hierarchical roles.
* [MESOS-7039] - Prevent quota removal that violates parent role-child role quota containment.
* [MESOS-7047] - Update agent for hierarchical roles.
* [MESOS-7048] - Remove adjustment code within Resources::apply.
* [MESOS-7061] - Re-persist tasks/executors with allocation info during agent recovery.
* [MESOS-7063] - Add a test for a MULTI_ROLE master re-registering an old agent.
* [MESOS-7269] - Migrate setting in config.py to a TOML file.
* [MESOS-7282] - Create a table abstraction for the Mesos CLI.
* [MESOS-7320] - Remove deprecated ACL `ShutdownFramework`.
* [MESOS-7336] - Add resource provider API protobuf.
* [MESOS-7339] - Add authorization to agent executor API.
* [MESOS-7377] - Add authentication to the checker and health checker libraries.
* [MESOS-7391] - Add deprecation warning for Visual Studio 14 2015.
* [MESOS-7395] - Benchmark performance of hierarchical roles.
* [MESOS-7439] - Bump the default timeout value for docker volume driver unmount operation.
Release Notes - Mesos - Version 1.2.3 (WIP)
-------------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-6743] - Docker executor hangs forever if `docker stop` fails.
* [MESOS-6950] - Launching two tasks with the same Docker image simultaneously may cause a staging dir never cleaned up.
* [MESOS-7652] - Docker image with universal containerizer does not work if WORKDIR is missing in the rootfs.
Release Notes - Mesos - Version 1.2.2
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-5187] - The filesystem/linux isolator does not set the permissions of the host_path.
* [MESOS-7252] - Need to fix resource check in long-lived framework.
* [MESOS-7546] - WAIT_NESTED_CONTAINER sometimes returns 404.
* [MESOS-7569] - Allow "old" executors with half-open connections to be preserved during agent upgrade / restart.
* [MESOS-7581] - Fix interference of external Boost installations when using some unbundled dependencies.
* [MESOS-7689] - Libprocess can crash on malformed request paths for libprocess messages.
* [MESOS-7690] - The agent can crash when an unknown executor tries to register.
* [MESOS-7703] - Mesos fails to exec a custom executor when no shell is used.
* [MESOS-7728] - Java HTTP adapter crashes JVM when leading master disconnects.
* [MESOS-7770] - Persistent volume might not be mounted if there is a sandbox volume whose source is the same as the target of the persistent volume.
* [MESOS-7777] - Agent failed to recover due to mount namespace leakage in Docker 1.12/1.13.
* [MESOS-7796] - LIBPROCESS_IP isn't passed on to the fetcher.
* [MESOS-7830] - Sandbox_path volume does not have ownership set correctly.
** Improvement
* [MESOS-7540] - Add an agent flag for executor re-registration timeout.
Release Notes - Mesos - Version 1.2.1
-------------------------------------
* This is a bug fix release.
**NOTE**: In Mesos 1.2.1, the master will no longer allow 0.x agents to
register. Interoperability between 1.1+ masters and 0.x agents has never
been supported; however, it was not explicitly disallowed, either.
Starting with this release of Mesos, registration attempts by 0.x Mesos
agents will be ignored.
All Issues:
** Bug
* [MESOS-1987] - Add support for SemVer build and prerelease labels to stout.
* [MESOS-5028] - Copy provisioner cannot replace directory with symlink.
* [MESOS-5172] - Registry puller cannot fetch blobs correctly from http Redirect 3xx urls.
* [MESOS-6327] - Large docker images causes container launch failures: Too many levels of symbolic links.
* [MESOS-6951] - Docker containerizer: mangled environment when env value contains LF byte.
* [MESOS-6976] - Disallow (re-)registration attempts by old agents.
* [MESOS-7133] - mesos-fetcher fails with openssl-related output.
* [MESOS-7197] - Requesting tiny amount of CPU crashes master.
* [MESOS-7208] - Persistent volume ownership is set to root when task is running with non-root user.
* [MESOS-7210] - HTTP health check doesn't work when mesos runs with --docker_mesos_image.
* [MESOS-7232] - Add support to auto-load /dev/nvidia-uvm in the GPU isolator.
* [MESOS-7237] - Enabling cgroups_limit_swap can lead to "invalid argument" error.
* [MESOS-7261] - maintenance.html is missing during packaging.
* [MESOS-7263] - User supplied task environment variables cause warnings in sandbox stdout.
* [MESOS-7264] - Possibly duplicate environment variables should not leak values to the sandbox.
* [MESOS-7265] - Containerizer startup may cause sensitive data to leak into sandbox logs.
* [MESOS-7272] - Unified containerizer does not support docker registry version < 2.3.
* [MESOS-7280] - Unified containerizer provisions docker image error with COPY backend.
* [MESOS-7316] - Upgrading Mesos to 1.2.0 results in some information missing from the `/flags` endpoint.
* [MESOS-7346] - Agent crashes if the task name is too long.
* [MESOS-7350] - Failed to pull image from Nexus Registry due to signature missing.
* [MESOS-7366] - Agent sandbox gc could accidentally delete the entire persistent volume content.
* [MESOS-7368] - Documentation of framework role(s) in proto definition is confusing.
* [MESOS-7383] - Docker executor logs possibly sensitive parameters.
* [MESOS-7389] - Mesos 1.2.0 crashes with pre-1.0 Mesos agents.
* [MESOS-7400] - The mesos master crashes due to an incorrect invariant check in the decoder.
* [MESOS-7427] - Registry puller cannot fetch manifests from Amazon ECR: 405 Unsupported.
* [MESOS-7429] - Allow isolators to inject task-specific environment variables.
* [MESOS-7453] - glyphicons-halflings-regular.woff2 is missing in WebUI.
* [MESOS-7464] - Recent Docker versions cannot be parsed by stout.
* [MESOS-7471] - Provisioner recover should not always assume 'rootfses' dir exists.
* [MESOS-7478] - Pre-1.2.x master does not work with 1.2.x agent.
* [MESOS-7484] - VersionTest.ParseInvalid aborts on Windows.
Release Notes - Mesos - Version 1.2.0
-------------------------------------------
This release contains the following new features:
* [MESOS-5931] - **Experimental** Support auto backend in Mesos Containerizer,
prefering overlayfs then aufs. Please note that the bind backend needs to be
specified explicitly through the agent flag '--image_provisioner_backend'
since it requires the sandbox already existed.
* [MESOS-6402] - **Experimental** Add rlimit support to Mesos containerizer.
The isolator adds support for setting POSIX resource limits (rlimits) for
containers launched using the Mesos containerizer. POSIX rlimits can be used
to control the resources a process can consume. See `docs/posix_rlimits.md`
for details.
* [MESOS-6419] - **Experimental** Teardown unregistered frameworks. The master
now treats recovered frameworks very similarly to frameworks that are registered
but currently disconnected. For example, recovered frameworks will be reported
via the normal "frameworks" key when querying HTTP endpoints. This means there
is no longer a concept of "orphan tasks": if the master knows about a task, the
task will be running under a framework. Similarly, "teardown" operations on
recovered frameworks will now work correctly.
* [MESOS-6460] - **Experimental** Container Attach and Exec. This feature adds
new Agent APIs for attaching a remote client to the stdin, stdout, and stderr
of a running Mesos task, as well as an API for launching new processes inside
the same container as a running Mesos task and attaching to its stdin, stdout,
and stderr. At a high level, these APIs mimic functionality similar to docker
attach and docker exec. The primary motivation for such functionality is to
enable users to debug their running Mesos tasks.
* [MESOS-6758] - **Experimental** Support 'Basic' auth docker private registry
on Mesos Containerizer. Until now, the mesos containerizer always assumed
Bearer auth, but we now also support basic auth for private registries. Please
note that the AWS ECS uses Basic authorization but it does not work yet due to
the redirect issue MESOS-5172.
Deprecations:
* [MESOS-6650] - Remove slavePreLaunchDockerEnvironmentDecorator and slavePreLaunchDockerHook.
Additional API Changes:
* [MESOS-3601] - Formalize all headers and metadata for HTTP API Event Stream
* [MESOS-6286] - If an agent restarts but fails to complete recovery
within `agent_reregister_timeout`, the master will now mark the
agent as unreachable. This mainly changes behavior in two
situations: (a) the master will now be more robust if agent recovery
hangs indefinitely (e.g., due to a container being in a bad state),
and (b) if agent recovery takes a very long time (e.g., because the
agent's work directory contains a large number of completed tasks),
the master might now mark an agent unreachable that would previously
have been able to eventually recover successfully.
* [MESOS-6419] - When a framework re-registers after master failover,
it is only allowed to change certain fields in its FrameworkInfo.
For example, changing "failover_timeout" is allowed, but changing
"role" is not. In previous Mesos releases, the same restrictions on
changes to FrameworkInfo were only enforced after framework
failover, not master failover.
* [MESOS-6670] - Authz for Agent v1 operator API
* [MESOS-6675] - Changed the allocator API to support adding inactive
frameworks. Custom allocator implementations will need to be updated.
* [MESOS-6865] - Remove the constraint of being only able to launch
2-level nested containers on Agent API.
Unresolved Critical Issues:
* [MESOS-1625] - Extra trailing CRLF being sent after the HTTP body in libprocess
* [MESOS-1718] - Command executor can overcommit the agent.
* [MESOS-2554] - Slave flaps when using --slave_subsystems that are not used for isolation.
* [MESOS-2774] - SIGSEGV received during process::MessageEncoder::encode()
* [MESOS-2842] - Update FrameworkInfo.principal on framework re-registration
* [MESOS-3533] - Unable to find and run URIs files
* [MESOS-3747] - HTTP Scheduler API no longer allows FrameworkInfo.user to be empty string
* [MESOS-3794] - Master should not store arbitrarily sized data in ExecutorInfo.
* [MESOS-4259] - mesos HA can't delete the the redundant container on failure slave node.
* [MESOS-4297] - Executor does not shutdown when framework teardown.
* [MESOS-4642] - Mesos Agent Json API can dump binary data from log files out as invalid JSON.
* [MESOS-4996] - 'containerizer->update' will always fail after killing a docker container.
* [MESOS-5352] - Docker volume isolator cleanup can be blocked by first cleanup failure.
* [MESOS-5396] - After failover, master does not remove agents with same UPID.
* [MESOS-5849] - Agent sandboxes on Windows surpass the 260 character path length limit
* [MESOS-5859] - Some tasks are always in staged state.
* [MESOS-5989] - Libevent SSL Socket downgrade code accesses uninitialized memory / assumes single peek is sufficient.
* [MESOS-6327] - Large docker images causes container launch failures: Too many levels of symbolic links.
* [MESOS-6356] - ASF CI has interleaved logging.
* [MESOS-6615] - Running mesos-slave in the docker that leave many zombie process
* [MESOS-6623] - Re-enable tests impacted by request streaming support
* [MESOS-6632] - ContainerLogger might leak FD if container launch fails.
* [MESOS-6780] - ContentType/AgentAPIStreamingTest.AttachContainerInput test fails reliably
* [MESOS-6784] - IOSwitchboardTest.KillSwitchboardContainerDestroyed is flaky
* [MESOS-6804] - Running 'tty' inside a debug container that has a tty reports "Not a tty"
* [MESOS-6815] - Enable glog stack traces when we call things like `ABORT` on Windows
* [MESOS-6843] - Fetcher should not assume stdout/stderr in the sandbox.
* [MESOS-6913] - AgentAPIStreamingTest.AttachInputToNestedContainerSession fails on Mac OS.
* [MESOS-6974] - DefaultExecutorTest.CommitSuicideOnTaskFailure test is flaky.
* [MESOS-6986] - abort in DRFSorter::add
* [MESOS-7017] - HTTP API responses can crash the master.
* [MESOS-7050] - IOSwitchboard FDs leaked when containerizer launch fails -- leads to deadlock
* [MESOS-7099] - Quota can be exceeded due to coarse-grained offer technique.
Feature Graduations:
* None
All Experimental Features:
* [MESOS-2449] - Support group of tasks (Pod) constructs and API in Mesos.
* [MESOS-2533] - Support HTTP checks in Mesos.
* [MESOS-3094] - Mesos on Windows.
* [MESOS-3421] - Support sharing of resources across task instances.
* [MESOS-3567] - Support TCP checks in Mesos.
* [MESOS-4312] - Porting Mesos on Power (ppc64le).
* [MESOS-4355] - Implement isolator for Docker volume.
* [MESOS-4641] - Support Container Network Interface (CNI).
* [MESOS-4791] - Operator API v1.
* [MESOS-4828] - XFS disk quota isolator.
* [MESOS-5275] - Add capabilities support for mesos containerizer.
* [MESOS-5344] - Partition-aware Mesos frameworks.
* [MESOS-5788] - Added JAVA API adapter for seamless transition to new scheduler API.
* [MESOS-5931] - **NEW** Support auto backend in Mesos Containerizer.
* [MESOS-6014] - Added port mapping CNI plugin.
* [MESOS-6077] - Added a default (task group) executor.
* [MESOS-6402] - **NEW** rlimit support for Mesos containerizer
* [MESOS-6419] - **NEW** Teardown unregistered frameworks
* [MESOS-6460] - **NEW** Container Attach/Exec
* [MESOS-6758] - **NEW** Support docker registry that requires basic auth.
All Issues:
** Bug
* [MESOS-1802] - HealthCheckTest.HealthStatusChange is flaky on jenkins.
* [MESOS-2537] - AC_ARG_ENABLED checks are broken
* [MESOS-2723] - The mesos-execute tool does not support zk:// master URLs
* [MESOS-3335] - FlagsBase copy-ctor leads to dangling pointer.
* [MESOS-3932] - Silence Boost compiler warnings with CMake
* [MESOS-4601] - Don't dump stack trace on failure to bind()
* [MESOS-4695] - SlaveTest.StateEndpoint is flaky
* [MESOS-4973] - Duplicates in 'unregistered_frameworks' in /state
* [MESOS-4975] - mesos::internal::master::Slave::tasks can grow unboundedly
* [MESOS-5218] - Fetcher should not chown the entire sandbox.
* [MESOS-5303] - Add capabilities support for mesos execute cli.
* [MESOS-5662] - Call parent class `SetUpTestCase` function in our test fixtures.
* [MESOS-5821] - Clean up the thousands of compiler warnings on MSVC
* [MESOS-5835] - Audit `PATCH_CMD`; make sure all patches are being applied on Windows.
* [MESOS-5856] - Logrotate ContainerLogger module does not rotate logs when run as root with `--switch_user`.
* [MESOS-5879] - cgroups/net_cls isolator causing agent recovery issues
* [MESOS-5963] - HealthChecker should not decide when to kill tasks and when to stop performing health checks.
* [MESOS-6001] - Aufs backend cannot support the image with numerous layers.
* [MESOS-6002] - The whiteout file cannot be removed correctly using aufs backend.
* [MESOS-6010] - Docker registry puller shows decode error "No response decoded".
* [MESOS-6119] - TCP health checks are not portable.
* [MESOS-6142] - Frameworks may RESERVE for an arbitrary role.
* [MESOS-6206] - Change reconciliation to return results for in-progress removals and reregistrations
* [MESOS-6286] - Master does not remove an agent if it is responsive but not registered
* [MESOS-6288] - The default executor should maintain launcher_dir.
* [MESOS-6293] - HealthCheckTest.HealthyTaskViaHTTPWithoutType fails on some distros.
* [MESOS-6316] - CREATE of shared volumes should not be allowed by frameworks not opted in to the capability.
* [MESOS-6320] - Implement clang-tidy check to catch incorrect flags hierarchies
* [MESOS-6349] - JSON Generation breaks if other locale than C is used.
* [MESOS-6360] - The handling of whiteout files in provisioner is not correct.
* [MESOS-6380] - mesos-local failed to start without sudo
* [MESOS-6388] - Report new PARTITION_AWARE task statuses in HTTP endpoints
* [MESOS-6389] - Update webui for PARTITION_AWARE changes
* [MESOS-6409] - mesos-ps - Invalid header value
* [MESOS-6414] - cgroups isolator cleanup failed when the hierarchy is cleanup by docker daemon
* [MESOS-6419] - The 'master/teardown' endpoint should support tearing down 'unregistered_frameworks'.
* [MESOS-6420] - Mesos Agent leaking sockets when port mapping network isolator is ON
* [MESOS-6432] - Roles with quota assigned can "game" the system to receive excessive resources.
* [MESOS-6444] - Ensure single copy of shared count of total resources in role sorter.
* [MESOS-6446] - WebUI redirect doesn't work with stats from /metric/snapshot
* [MESOS-6448] - Show the leading master hostname in the webUI.
* [MESOS-6452] - Compile error in strerror.h on OSX
* [MESOS-6455] - DefaultExecutorTests fail when running on hosts without docker.
* [MESOS-6459] - PosixRLimitsIsolatorTest.TaskExceedingLimit fails on OS X
* [MESOS-6461] - Duplicate framework ids in /master/frameworks endpoint 'unregistered_frameworks'.
* [MESOS-6478] - "filesystem/linux" isolator leaks (phantom) mounts in `mount` output
* [MESOS-6483] - Check failure when a 1.1 master marking a 0.28 agent as unreachable
* [MESOS-6484] - Memory leak in `Future<T>::after()`
* [MESOS-6501] - Add a test for duplicate framework ids in "unregistered_frameworks"
* [MESOS-6504] - Use 'geteuid()' for the root privileges check.
* [MESOS-6508] - monitor/statistics error in webui when launch mesos via mesos-local
* [MESOS-6516] - Parallel test running does not respect GTEST_FILTER
* [MESOS-6519] - MasterTest.OrphanTasksMultipleAgents
* [MESOS-6520] - Make errno an explicit argument for ErrnoError.
* [MESOS-6526] - `mesos-containerizer launch --environment` exposes executor env vars in `ps`.
* [MESOS-6527] - Memory leak in the libprocess request decoder.
* [MESOS-6544] - MasterMaintenanceTest.InverseOffersFilters is flaky.
* [MESOS-6545] - TestContainerizer is not thread-safe.
* [MESOS-6566] - The Docker executor should not leak task env variables in the Docker command cmd line.
* [MESOS-6569] - MesosContainerizer/DefaultExecutorTest.KillTask/0 failing on ASF CI
* [MESOS-6576] - DefaultExecutorTest.KillTaskGroupOnTaskFailure sometimes fails in CI
* [MESOS-6588] - LinuxRootfs misses required files
* [MESOS-6597] - Include v1 Operator API protos in generated JAR and python packages.
* [MESOS-6598] - Broken Link Framework Development Page
* [MESOS-6602] - Shutdown completed frameworks when unreachable agent re-registers
* [MESOS-6604] - Uninitialized member ObjectApprover::weight_info.
* [MESOS-6606] - Reject optimized builds with libcxx before 3.9
* [MESOS-6618] - Some tests use hardcoded port numbers.
* [MESOS-6619] - Improve task management for unreachable tasks
* [MESOS-6621] - SSL downgrade path will CHECK-fail when using both temporary and persistent sockets
* [MESOS-6624] - Master WebUI does not work on Firefox 45
* [MESOS-6625] - Expose container id in ContainerStatus in DockerContainerizer.
* [MESOS-6640] - mesos-local doesn't hande --work_dir correctly.
* [MESOS-6646] - StreamingRequestDecoder incompletely initializes its http_parser_settings
* [MESOS-6647] - Cyclic header dependency between libprocess' defer.hpp and executor.hpp
* [MESOS-6652] - Perf version not correctly parsed on Fedora 24 (and probably others)
* [MESOS-6653] - Overlayfs backend may fail to mount the rootfs if both container image and image volume are specified.
* [MESOS-6654] - Duplicate image layer ids may make the backend failed to mount rootfs.
* [MESOS-6658] - Mesos tests generated with cmake build fail to unload libraries properly
* [MESOS-6665] - io::redirect might cause stack overflow.
* [MESOS-6666] - HttpServeTest.Discard failed on OSX sierra
* [MESOS-6672] - Class DynamicLibrary's default copy constructor can lead to inconsistent state
* [MESOS-6676] - Always re-link with scheduler during re-registration.
* [MESOS-6677] - Error in Windows agent's Flags::runtime_dir CLI
* [MESOS-6684] - Update addFramework/removeFramework to handle multi-role frameworks
* [MESOS-6685] - Update Role::Resources to correctly account for multi-role frameworks
* [MESOS-6688] - IOSwitchboard should recover spawned server pid on agent restarts
* [MESOS-6689] - Remove of unix domain socket path in IOSwitchboard::cleanup
* [MESOS-6700] - Port `http_tests.cpp`
* [MESOS-6701] - Port `recordio_tests.cpp`
* [MESOS-6704] - Port `executor_http_api_tests.cpp`
* [MESOS-6707] - Port `gc_tests.cpp`
* [MESOS-6710] - Port `http_authentication_tests.cpp`
* [MESOS-6711] - Port `values_tests.cpp`
* [MESOS-6716] - Port `uri_tests.cpp`
* [MESOS-6717] - Add Windows support to agent test harness
* [MESOS-6718] - Should destroy DEBUG containers on agent recovery.
* [MESOS-6722] - Agent tries to use POSIX paths for the variable data runtime directory.
* [MESOS-6725] - The style of `.navbar-text` is inconsistent with the style of texts on the left side
* [MESOS-6726] - IOSwitchboardServerFlags adds flags for non-optional fields w/o providing a default value
* [MESOS-6736] - CMake's `CURRENT_CMAKE_BUILD_DIR` does not escape '\'
* [MESOS-6737] - The agent should synchronize with the IOSwitchboard to determine when it is ready to accept incoming connections.
* [MESOS-6739] - Authorize v1 GET_CONTAINERS call
* [MESOS-6740] - Authorize v1 GET_FLAGS call
* [MESOS-6741] - Authorize v1 SET_LOGGING_LEVEL call
* [MESOS-6744] - DefaultExecutorTest.KillTaskGroupOnTaskFailure is flaky
* [MESOS-6745] - MesosContainerizer/DefaultExecutorTest.KillTask/0 is flaky
* [MESOS-6746] - IOSwitchboard doesn't properly flush data on ATTACH_CONTAINER_OUTPUT
* [MESOS-6747] - ContainerLogger runnable must not inherit the slave environment.
* [MESOS-6748] - I/O switchboard should inherit agent environment variables.
* [MESOS-6750] - Metrics on the Agent view of the Mesos web UI flickers between empty and non-empty states
* [MESOS-6756] - I/O switchboard should deal with the case when reaping of the server failed.
* [MESOS-6757] - Consider using CMake to configure test scripts in the `bin/` diretory
* [MESOS-6761] - Implement `os::user` on Windows
* [MESOS-6767] - Reached unreachable statement at <path>/mesos/src/slave/containerizer/mesos/launch.cpp:766
* [MESOS-6772] - Stop building `mesos-agent` twice.
* [MESOS-6775] - The 'http::connect(address)' always uses the DEFAULT_KIND() of socket even if SSL is undesired.
* [MESOS-6781] - Mesos containerizer overrides environment variables passed to the executor incorrectly.
* [MESOS-6788] - Avoid stack overflow when handling streaming responses in API handlers
* [MESOS-6789] - SSL socket's 'shutdown()' method is broken
* [MESOS-6793] - CniIsolatorTest.ROOT_EnvironmentLibprocessIP fails on systems using dash as sh
* [MESOS-6795] - Listening socket might get closed while the accept is still in flight.
* [MESOS-6802] - SSL socket can lose bytes in the case of EOF
* [MESOS-6803] - Agent authentication does not have an initial `delay`
* [MESOS-6805] - Check unreachable task cache for task ID collisions on launch
* [MESOS-6811] - IOSwitchboardServerTest.SendHeartbeat and IOSwitchboardServerTest.ReceiveHeartbeat broken on OS X
* [MESOS-6813] - IOSwitchboardServerTest.AttachOutput has stack overflow issue.
* [MESOS-6820] - FaultToleranceTest.FrameworkReregister is flaky.
* [MESOS-6824] - mesos-this-capture clang-tidy check has false positives
* [MESOS-6826] - OsTest.User fails on recent Arch Linux.
* [MESOS-6829] - Mesos fails to compile when using FORTIFY_SOURCE without optimizations
* [MESOS-6830] - Mesos fails to link with gold when providing -pie without -fPIC
* [MESOS-6837] - FaultToleranceTest.FrameworkReregister is flaky
* [MESOS-6839] - It is currently impossible to kill a task in the Windows executor
* [MESOS-6848] - The default executor does not exit if a single task pod fails.
* [MESOS-6852] - Nested container's launch command is not set correctly in docker/runtime isolator.
* [MESOS-6860] - Some tests use CHECK instead of ASSERT
* [MESOS-6862] - Replace os::system usages to reduce the risk of command injection.
* [MESOS-6864] - Container Exec should be possible with tasks belonging to a task group
* [MESOS-6866] - Mesos agent not checking IDs before using them as part of the paths
* [MESOS-6870] - Port `default_executor_tests.cpp`
* [MESOS-6871] - Scheme parsing is incorrect in libprocess URL::parse().
* [MESOS-6895] - Loop uses dependent nested names for friend declaration which isn't supported by recent clang
* [MESOS-6900] - Add test for framework upgrading to multi-role capability.
* [MESOS-6904] - Perform batching of allocations to reduce allocator queue backlogging.
* [MESOS-6908] - Zero health check timeout is interpreted literally.
* [MESOS-6911] - SlaveRecoveryTest/0.RegisterDisconnectedSlave test is flaky
* [MESOS-6912] - IOSwitchboardServerTest.AttachInput fails consistently on Mac OS.
* [MESOS-6917] - Segfault when the executor sets an invalid UUID when sending a status update.
* [MESOS-6920] - Validate the UUID in Master::statusUpdate.
* [MESOS-6922] - SlaveRecoveryTest/0.RecoverTerminatedExecutor is flaky
* [MESOS-6937] - ContentType/MasterAPITest.ReserveResources/1 fails during Writer close
* [MESOS-6946] - Make wait status checks consistent.
* [MESOS-6948] - AgentAPITest.LaunchNestedContainerSession is flaky
* [MESOS-6954] - Running LAUNCH_NESTED_CONTAINER with a docker container id as parent crashes the agent
* [MESOS-6962] - Navbar overlays breadcrumbs in WebUI on narrow screens
* [MESOS-6963] - The logo doesn't fit in mobile WebUI
* [MESOS-6966] - master/tasks_unreachable metric never decremented
* [MESOS-6969] - Use clipboard.js for copy/paste webui functionality
* [MESOS-6983] - TaskValidationTest.TaskReusesUnreachableTaskID is flaky
* [MESOS-6989] - Docker executor segfaults in ~MesosExecutorDriver()
* [MESOS-6991] - Change `Environment.Variable.Value` from required to optional
* [MESOS-7008] - Quota not recovered from registry in empty cluster.
* [MESOS-7020] - cgroups::internal::write can incorrectly report success
* [MESOS-7027] - CommandExecutor ENV overwritten by Docker Image ENV in Unified Containerizer
* [MESOS-7036] - Rate limiter deadlocks during IO Switchboard-related tests
* [MESOS-7057] - Consider using the relink functionality of libprocess in the executor driver.
* [MESOS-7059] - Unnecessary mkdirs in ProvisionerDockerLocalStoreTest.*
* [MESOS-7060] - Tests depends on DockerArchive and LinuxRootfs failed.
* [MESOS-7075] - mesos-execute rejects all offers
* [MESOS-7077] - Check failed: resource.has_allocation_info().
* [MESOS-7102] - Crash when sending a SIGUSR1 signal to the agent.
* [MESOS-7119] - Mesos master crash while accepting inverse offer.
* [MESOS-7129] - Default executor exits with a stack trace in a few scenarios.
* [MESOS-7133] - mesos-fetcher fails with openssl-related output.
* [MESOS-7137] - Custom executors cannot use any reserved resources.
* [MESOS-7144] - Wrap IOSwitchboard.connect() in a dispatch
* [MESOS-7152] - The agent may be flapping after the machine reboots due to provisioner recover.
* [MESOS-7153] - The new http::Headers abstraction may break some modules.
** Documentation
* [MESOS-5597] - Document Mesos "health check" feature.
* [MESOS-6335] - Add user doc for task group tasks
* [MESOS-6411] - Add documentation for CNI port-mapper plugin.
* [MESOS-6806] - Update the addition, deletion and modification logic of CNI configuration files.
* [MESOS-7154] - Document provisioner auto backend support.
** Epic
* [MESOS-3820] - Test-only libprocess reinitialization
* [MESOS-4641] - Support Container Network Interface (CNI).
* [MESOS-4766] - Improve allocator performance.
* [MESOS-6402] - Add rlimit support to Mesos containerizer
* [MESOS-6460] - Mesos Support for Container Attach and Container Exec
* [MESOS-6670] - Authz for Agent v1 operator API
** Improvement
* [MESOS-3601] - Formalize all headers and metadata for HTTP API Event Stream
* [MESOS-5792] - Add mesos tests to CMake (make check)
* [MESOS-5900] - Support Unix domain socket connections in libprocess
* [MESOS-5931] - Support auto backend in Unified Containerizer.
* [MESOS-5992] - Complete the list of API Calls on the Operator HTTP API Doc
* [MESOS-6177] - Return unregistered agents recovered from registrar in `GetAgents` and/or `/state.json`
* [MESOS-6229] - Default to using hardened compilation flags
* [MESOS-6296] - Default executor should be able to launch multiple task groups
* [MESOS-6305] - Add authorization support for nested container calls
* [MESOS-6309] - Mesos-specific targets appear in libprocess' cmake config.
* [MESOS-6329] - Send TASK_DROPPED for task launch errors
* [MESOS-6330] - Send TASK_UNKNOWN during explicit reconciliation
* [MESOS-6331] - Don't send TASK_LOST when accepting offers in a disconnected scheduler
* [MESOS-6332] - Don't send TASK_LOST in the agent
* [MESOS-6339] - Support docker registry that requires basic auth.
* [MESOS-6361] - Enable partition-awareness in mesos-execute
* [MESOS-6369] - Add a column for FrameworkID when displaying tasks in the WebUI
* [MESOS-6395] - HealthChecker sends updates to executor via libprocess messaging.
* [MESOS-6396] - Hooks should allow sandbox dependent environment variables.
* [MESOS-6397] - Simplify the comparison logic for `ExecutorInfo`.
* [MESOS-6399] - Allowed to pass extra envs when launch development scripts.
* [MESOS-6401] - Authorizer interface should behave more uniform
* [MESOS-6407] - Move DEFAULT_v1_xxx macros to the v1 namespace.
* [MESOS-6426] - Add rlimit support to Mesos containerizer
* [MESOS-6427] - Add documentation for rlimit support of Mesos containerizer
* [MESOS-6443] - Display maintenance information in the webui.
* [MESOS-6530] - Add support for incremental gzip decompression.
* [MESOS-6556] - Hostname support for the network/cni isolator.
* [MESOS-6557] - IPC namespace isolator
* [MESOS-6562] - Use JSON content type in mesos-execute.
* [MESOS-6567] - Actively Scan for CNI Configurations
* [MESOS-6571] - Add "--task" flag to mesos-execute
* [MESOS-6626] - Support `foreachpair` for LinkedHashMap
* [MESOS-6639] - Update 'io::redirect()' to take an optional vector of callback hooks.
* [MESOS-6648] - MesosContainerizer launch helper should take ContainerLaunchInfo.
* [MESOS-6650] - Remove slavePreLaunchDockerEnvironmentDecorator and slavePreLaunchDockerHook.
* [MESOS-6675] - Change allocator API to support adding inactive frameworks
* [MESOS-6719] - Unify "active" and "state"/"connected" fields in Master::Framework
* [MESOS-6758] - Support 'Basic' auth docker private registry on Unified Containerizer.
* [MESOS-6763] - Add heartbeats to both input/output connections in IOSwitchboard
* [MESOS-6821] - Override of automatic resources should be by exact match not substring
* [MESOS-6865] - Remove the constraint of being only able to launch 2 level nested containers on Agent API
* [MESOS-6936] - Add support for media types needed for streaming request/responses.
* [MESOS-6947] - Fix pailer XSS vulnerability
* [MESOS-7045] - Skip already stored layers in local Docker puller
* [MESOS-7051] - Introduce a new http::Headers abstraction.
* [MESOS-7071] - Agent State Lacks Framework Principal
** Story
* [MESOS-3505] - Support specifying Docker image by Image ID.
* [MESOS-3753] - Test the HTTP Scheduler library with SSL enabled
** Task
* [MESOS-3398] - Revisit MAXHOSTNAMELEN implementation in Windows
* [MESOS-3697] - Add `make tests` target to CMake build system.
* [MESOS-3843] - Audit `src/CMakelists.txt` to make sure we're compiling everything we need to build the agent binary.
* [MESOS-3910] - Libprocess: Implement cleanup of the SocketManager in process::finalize
* [MESOS-3934] - Libprocess: Unify the initialization of the MetricsProcess and ReaperProcess
* [MESOS-4119] - Add support for enabling --3way to apply-reviews.py.
* [MESOS-5826] - Streamline building of example frameworks
* [MESOS-5966] - Add libprocess HTTP tests with SSL support
* [MESOS-6040] - Add a CMake build for `mesos-port-mapper`
* [MESOS-6185] - Improve test coverage for shared persistent volumes.
* [MESOS-6214] - Containerizers assume caller will call 'destroy' if 'launch' fails.
* [MESOS-6278] - Add test cases for the HTTP health checks.
* [MESOS-6279] - Add test cases for the TCP health check.
* [MESOS-6366] - Design doc for executor authentication
* [MESOS-6376] - Add documentation for capabilities support of the mesos containerizer
* [MESOS-6403] - Draft design doc for rlimit support for Mesos containerizer
* [MESOS-6431] - Add support for port-mapping in `mesos-execute`
* [MESOS-6462] - Design Doc: Mesos Support for Container Attach and Container Exec
* [MESOS-6463] - Build a prototype for remote pty support
* [MESOS-6464] - Add fine grained control of which namespaces a nested container should inherit (or not).
* [MESOS-6465] - Add a task_id -> container_id mapping in state.json
* [MESOS-6466] - Add support for streaming HTTP requests in Mesos
* [MESOS-6467] - Build a Container I/O Switchboard
* [MESOS-6470] - Support TTY in IOSwitchboard.
* [MESOS-6471] - Build support for LAUNCH_NESTED_CONTAINER_SESSION call into the Agent API in Mesos
* [MESOS-6472] - Build support for ATTACH_CONTAINER_INPUT into the Agent API in Mesos
* [MESOS-6473] - Build support for ATTACH_CONTAINER_OUTPUT into the Agent API in Mesos
* [MESOS-6474] - Add fine-grained ACLs for authorization with the new debugging APIs
* [MESOS-6475] - Mesos Container Attach/Exec Unit Tests
* [MESOS-6476] - Build a Mock HTTP Server that implements the new Debugging API calls
* [MESOS-6477] - Build a standalone python client for connecting to our Mock HTTP Server that implements the new Debug APIs
* [MESOS-6493] - Add test cases for the HTTPS health checks.
* [MESOS-6525] - Add API protos for managing debug containers
* [MESOS-6528] - Container status of a task in a pod is not correct.
* [MESOS-6543] - Add special case for entering the "mount" namespace of a parent container
* [MESOS-6546] - Update the Containerizer to handle attachInput and attachOutput calls.
* [MESOS-6547] - Update the mesos containerizer to launch per-container I/O switchboards
* [MESOS-6553] - Update `MesosContainerizerProcess::_launch()` to pass `ContainerLaunchInfo` to launcher->fork()`
* [MESOS-6594] - Add `Containerizer::attach()` API call
* [MESOS-6628] - Add a FrameworkInfo.roles field along with a MULTI_ROLE capability.
* [MESOS-6629] - Add master validation of FrameworkInfo.roles.
* [MESOS-6631] - Disallow frameworks from modifying FrameworkInfo.roles.
* [MESOS-6633] - Introduce Resource.AllocationInfo.
* [MESOS-6634] - Add Resource.AllocationInfo in Offer to indicate a single role per offer.
* [MESOS-6638] - Update Suppress and Revive to be per-role.
* [MESOS-6651] - Make IOSwitchboard an isolator.
* [MESOS-6663] - Container should be destroyed if IOSwitchboard server terminates unexpectedly.
* [MESOS-6664] - Force cleanup of IOSwitchboard server if it does not terminate after the container terminates.
* [MESOS-6749] - Update master and agent endpoints to expose FrameworkInfo.roles.
* [MESOS-6764] - Add a grace period for terminating the I/O switchboard server.
* [MESOS-6958] - Support linux filesystem type detection.
* [MESOS-6970] - Display allocation info when printing Resources.
* [MESOS-7062] - Add a test for a MULTI_ROLE framework receiving offers for each of its roles.
Release Notes - Mesos - Version 1.1.3 (WIP)
-------------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-5187] - The filesystem/linux isolator does not set the permissions of the host_path.
* [MESOS-6743] - Docker executor hangs forever if `docker stop` fails.
* [MESOS-6950] - Launching two tasks with the same Docker image simultaneously may cause a staging dir never cleaned up.
* [MESOS-7540] - Add an agent flag for executor re-registration timeout.
* [MESOS-7569] - Allow "old" executors with half-open connections to be preserved during agent upgrade / restart.
* [MESOS-7652] - Docker image with universal containerizer does not work if WORKDIR is missing in the rootfs.
* [MESOS-7689] - Libprocess can crash on malformed request paths for libprocess messages.
* [MESOS-7690] - The agent can crash when an unknown executor tries to register.
* [MESOS-7581] - Fix interference of external Boost installations when using some unbundled dependencies.
* [MESOS-7703] - Mesos fails to exec a custom executor when no shell is used.
* [MESOS-7728] - Java HTTP adapter crashes JVM when leading master disconnects.
* [MESOS-7770] - Persistent volume might not be mounted if there is a sandbox volume whose source is the same as the target of the persistent volume.
* [MESOS-7777] - Agent failed to recover due to mount namespace leakage in Docker 1.12/1.13.
* [MESOS-7796] - LIBPROCESS_IP isn't passed on to the fetcher.
* [MESOS-7830] - Sandbox_path volume does not have ownership set correctly.
Release Notes - Mesos - Version 1.1.2
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-2537] - AC_ARG_ENABLED checks are broken.
* [MESOS-5028] - Copy provisioner cannot replace directory with symlink.
* [MESOS-5172] - Registry puller cannot fetch blobs correctly from http Redirect 3xx urls.
* [MESOS-6327] - Large docker images causes container launch failures: Too many levels of symbolic links.
* [MESOS-7057] - Consider using the relink functionality of libprocess in the executor driver.
* [MESOS-7119] - Mesos master crash while accepting inverse offer.
* [MESOS-7152] - The agent may be flapping after the machine reboots due to provisioner recover.
* [MESOS-7197] - Requesting tiny amount of CPU crashes master.
* [MESOS-7210] - HTTP health check doesn't work when mesos runs with --docker_mesos_image.
* [MESOS-7237] - Enabling cgroups_limit_swap can lead to "invalid argument" error.
* [MESOS-7265] - Containerizer startup may cause sensitive data to leak into sandbox logs.
* [MESOS-7350] - Failed to pull image from Nexus Registry due to signature missing.
* [MESOS-7366] - Agent sandbox gc could accidentally delete the entire persistent volume content.
* [MESOS-7383] - Docker executor logs possibly sensitive parameters.
* [MESOS-7422] - Docker containerizer should not leak possibly sensitive data to agent log.
* [MESOS-7471] - Provisioner recover should not always assume 'rootfses' dir exists.
* [MESOS-7482] - #elif does not match #ifdef when checking the platform.
Release Notes - Mesos - Version 1.1.1
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-6002] - The whiteout file cannot be removed correctly using aufs backend.
* [MESOS-6010] - Docker registry puller shows decode error "No response decoded".
* [MESOS-6142] - Frameworks may RESERVE for an arbitrary role.
* [MESOS-6360] - The handling of whiteout files in provisioner is not correct.
* [MESOS-6411] - Add documentation for CNI port-mapper plugin.
* [MESOS-6526] - `mesos-containerizer launch --environment` exposes executor env vars in `ps`.
* [MESOS-6571] - Add "--task" flag to mesos-execute.
* [MESOS-6597] - Include v1 Operator API protos in generated JAR and python packages.
* [MESOS-6606] - Reject optimized builds with libcxx before 3.9.
* [MESOS-6621] - SSL downgrade path will CHECK-fail when using both temporary and persistent sockets.
* [MESOS-6624] - Master WebUI does not work on Firefox 45.
* [MESOS-6676] - Always re-link with scheduler during re-registration.
* [MESOS-6848] - The default executor does not exit if a single task pod fails.
* [MESOS-6852] - Nested container's launch command is not set correctly in docker/runtime isolator.
* [MESOS-6917] - Segfault when the executor sets an invalid UUID when sending a status update.
* [MESOS-7008] - Quota not recovered from registry in empty cluster.
* [MESOS-7133] - mesos-fetcher fails with openssl-related output.
Release Notes - Mesos - Version 1.1.0
-------------------------------------
This release contains the following new features:
* [MESOS-2449] - **Experimental** support for launching a group of tasks
via a new `LAUNCH_GROUP` Offer operation. Mesos will guarantee that either
all tasks or none of the tasks in the group are delivered to the executor.
Executors receive the task group via a new `LAUNCH_GROUP` event.
* [MESOS-2533] - **Experimental** support for HTTP and HTTPS health checks.
Executors may now use the updated `HealthCheck` protobuf to implement
HTTP(S) health checks. Both default executors (command and docker) leverage
`curl` binary for sending HTTP(S) requests and connect to `127.0.0.1`,
hence a task must listen on all interfaces. On Linux, for BRIDGE and USER
modes, docker executor enters the task's network namespace.
* [MESOS-3421] - **Experimental** Support sharing of resources across
containers. Currently persistent volumes are the only resources allowed to
be shared.
* [MESOS-3567] - **Experimental** support for TCP health checks. Executors
may now use the updated `HealthCheck` protobuf to implement TCP health
checks. Both default executors (command and docker) connect to `127.0.0.1`,
hence a task must listen on all interfaces. On Linux, for BRIDGE and USER
modes, docker executor enters the task's network namespace.
* [MESOS-4324] - Allow tasks to access persistent volumes in either a
read-only or read-write manner. Using a volume in read-only mode can
simplify sharing that volume between multiple tasks on the same agent.
* [MESOS-5275] - **Experimental** support for linux capabilities. Frameworks
or operators now have fine-grained control over the capabilities that a
container may have. This allows a container to run as root, but not have all
the privileges associated with the root user (e.g., CAP_SYS_ADMIN).
* [MESOS-5344] - **Experimental** support for partition-aware Mesos
frameworks. In previous Mesos releases, when an agent is partitioned from
the master and then reregisters with the cluster, all tasks running on the
agent are terminated and the agent is shutdown. In Mesos 1.1, partitioned
agents will no longer be shutdown when they reregister with the master. By
default, tasks running on such agents will still be killed (for backward
compatibility); however, frameworks can opt-in to the new PARTITION_AWARE
capability. If they do this, their tasks will not be killed when a partition
is healed. This allows frameworks to define their own policies for how to
handle partitioned tasks. Enabling the PARTITION_AWARE capability also
introduces a new set of task states: TASK_UNREACHABLE, TASK_DROPPED,
TASK_GONE, TASK_GONE_BY_OPERATOR, and TASK_UNKNOWN. These new states are
intended to eventually replace the TASK_LOST state.
* [MESOS-5788] - **Experimental** support for Java scheduler adapter. This
adapter allows framework developers to toggle between the old/new API
(driver/scheduler library) implementations, thereby allowing them to easily
transition their frameworks to the new v1 Scheduler API.
* [MESOS-6014] - **Experimental** A new port-mapper CNI plugin, the
`mesos-cni-port-mapper` has been introduced. For Mesos containers, with the
CNI port-mapper plugin, users can now expose container ports through host
ports using DNAT. This is especially useful when Mesos containers are
attached to isolated CNI networks such as private bridge networks, and the
services running in the container needs to be exposed outside these
isolated networks.
* [MESOS-6077] - **Experimental** A new default executor is introduced which
frameworks can use to launch task groups as nested containers. All the
nested containers share resources likes cpu, memory, network and volumes.
Deprecations:
* The following metrics are deprecated and will be removed in Mesos 1.4:
master/slave_shutdowns_scheduled,
master/slave_shutdowns_canceled,
slave_shutdowns_completed.
As of Mesos 1.1.0, these metrics will always be zero. The following new
metrics have been introduced as replacements:
master/slave_unreachable_scheduled,
master/slave_unreachable_canceled,
master/slave_unreachable_completed.
* [MESOS-5955] - Health check binary "mesos-health-check" is removed.
* [MESOS-6371] - Remove the 'recover()' interface in 'ContainerLogger'.
Additional API Changes:
* [MESOS-6204] - A new agent flag called `--runtime_dir`. Unlike
`--work_dir` which persists data across reboots, `--runtime_dir` is designed
to checkpoint state that should persist across agent restarts, but not
across reboots. By default this flag is set to `/var/run/mesos` when run as
root and `os::temp/mesos/runtime/` when run as non-root.
* [MESOS-6220] - HTTP handler failures should result in 500 rather than
503 responses. This means that when using the master or agent endpoints,
failures will now result in a `500 Internal Server Error` rather than a
`503 Service Unavailable`.
* [MESOS-6241] - New API calls (LAUNCH_NESTED_CONTAINER,
KILL_NESTED_CONTAINER and WAIT_NESTED_CONTAINER) have been added to the
v1 Agent API to manage nested containers within an executor container.
Unresolved Critical Issues:
* [MESOS-3794] - Master should not store arbitrarily sized data in ExecutorInfo.
* [MESOS-4642] - Mesos Agent Json API can dump binary data from log files out as invalid JSON.
* [MESOS-5396] - After failover, master does not remove agents with same UPID.
* [MESOS-5856] - Logrotate ContainerLogger module does not rotate logs when run as root with `--switch_user`.
* [MESOS-6142] - Frameworks may RESERVE for an arbitrary role.
* [MESOS-6327] - Large docker images causes container launch failures: Too many levels of symbolic links.
* [MESOS-6360] - The handling of whiteout files in provisioner is not correct.
* [MESOS-6419] - The 'master/teardown' endpoint should support tearing down 'unregistered_frameworks'.
* [MESOS-6432] - Roles with quota assigned can "game" the system to receive excessive resources.
All Experimental Features:
* [MESOS-2449] - Support group of tasks (Pod) constructs and API in Mesos.
* [MESOS-2533] - Support HTTP checks in Mesos.
* [MESOS-3094] - Mesos on Windows.
* [MESOS-3421] - Support sharing of resources across task instances.
* [MESOS-3567] - Support TCP checks in Mesos.
* [MESOS-4312] - Porting Mesos on Power (ppc64le).
* [MESOS-4355] - Implement isolator for Docker volume.
* [MESOS-4641] - Support Container Network Interface (CNI).
* [MESOS-4791] - Operator API v1.
* [MESOS-4828] - XFS disk quota isolator.
* [MESOS-5275] - Add capabilities support for unified containerizer.
* [MESOS-5344] - Partition-aware Mesos frameworks.
* [MESOS-5788] - Added JAVA API adapter for seamless transition to new scheduler API.
* [MESOS-6014] - Added port mapping CNI plugin.
* [MESOS-6077] - Added a default (task group) executor.
All Issues:
** Bug
* [MESOS-1653] - HealthCheckTest.GracePeriod is flaky.
* [MESOS-2346] - Docker tasks exiting normally, but returning TASK_FAILED.
* [MESOS-3471] - Disable perf test when perf version is not support.
* [MESOS-3760] - Remove fragile sleep() from ProcessManager::settle().
* [MESOS-3959] - Executor page of mesos ui does not show slave hostname.
* [MESOS-4070] - numify() handles negative numbers inconsistently.
* [MESOS-4638] - versioning preprocessor macros.
* [MESOS-4668] - Agent's /state endpoint does not include full reservation information.
* [MESOS-4948] - Move maintenance tests to use the new scheduler library interface.
* [MESOS-4973] - Duplicates in 'unregistered_frameworks' in /state
* [MESOS-4975] - mesos::internal::master::Slave::tasks can grow unboundedly.
* [MESOS-5276] - HTTPCommandExecutor should terminate after it receives an ACK from the agent.
* [MESOS-5290] - WebUI shows the active task is launched 46 years ago.
* [MESOS-5320] - SSL related error messages can be misguiding or incomplete.
* [MESOS-5448] - Persistent volume deletion on the agent should survive slave restart.
* [MESOS-5481] - PerfFilter disable Registrar_BENCHMARK test cases incorrectly.
* [MESOS-5613] - mesos-local fails to start if MESOS_WORK_DIR isn't set.
* [MESOS-5701] - Add benchmark for sorter performance.
* [MESOS-5752] - ROOT_GarbageCollectorUndeletableFilesTest.BusyMountPoint is flaky.
* [MESOS-5759] - ProcessRemoteLinkTest.RemoteUseStaleLink and RemoteStaleLinkRelink are flaky.
* [MESOS-5812] - MasterAPITest.Subscribe is flaky.
* [MESOS-5846] - AgentAPITest.GetState is flaky.
* [MESOS-5852] - CMake build needs to generate protobufs before building libmesos.
* [MESOS-5860] - MasterAPITest.GetTasks is flaky.
* [MESOS-5864] - Document MESOS_SANDBOX executor env variable.
* [MESOS-5867] - Operator ReadFile API read file bugs.
* [MESOS-5869] - Disable resources validation for `+=` and `-=`.
* [MESOS-5875] - Scalar resource output operator doesn't print full significant digits.
* [MESOS-5878] - Strict/RegistrarTest.UpdateQuota/0 is flaky.
* [MESOS-5888] - SlaveAuthorizerTest/ViewFlags is flaky.
* [MESOS-5891] - /help endpoint does not set Content-Type to HTML.
* [MESOS-5907] - ExamplesTest.DiskFullFramework fails on Arch.
* [MESOS-5909] - Stout "OsTest.User" test can fail on some systems.
* [MESOS-5917] - All actors should have a distinguishable ID.
* [MESOS-5919] - Improve performance for `Resources.contains` and `Resources.filter`.
* [MESOS-5921] - `validate` is a bit heavy to check negative scalar resource.
* [MESOS-5922] - mesos-agent --help exit status is 1.
* [MESOS-5928] - Agent's '--version' flag doesn't work.
* [MESOS-5930] - Orphan tasks can show up as running after they have finished.
* [MESOS-5942] - Windows implementation of `os::rmdir` is not compliant with POSIX version.
* [MESOS-5958] - Reviewbot failing due to python files not being cleaned up after distclean.
* [MESOS-5972] - SharedResourcesTest failing.
* [MESOS-5979] - elfio-3.1.patch is actually not applied.
* [MESOS-5981] - task failed in windows Server 2012 client, test-framwork example.
* [MESOS-5985] - Fix broken link in `networking.md`.
* [MESOS-5996] - Windows mesos-containerizer crashes.
* [MESOS-6000] - Overlayfs backend cannot support the image with numerous layers.
* [MESOS-6005] - Support docker registry running non-https on localhost:<non-80-port>.
* [MESOS-6013] - Use readdir instead of readdir_r.
* [MESOS-6026] - Tasks mistakenly marked as FAILED due to race b/w sendExecutorTerminatedStatusUpdate() and _statusUpdate().
* [MESOS-6031] - Collect throttle related metrics for DockerContainerizer.
* [MESOS-6041] - Stream ID mismatch should print out expected and received stream ID.
* [MESOS-6049] - XFS disk isolator doesn't handle old containers correctly.
* [MESOS-6052] - Unable to launch containers on CNI networks on CoreOS.
* [MESOS-6057] - docker isolator does not overwrite Dockerfile ENV.
* [MESOS-6059] - Allow clean up unknown container during the clean up phase of the container.
* [MESOS-6069] - Misspelled TASK_KILLED in mesos slave.
* [MESOS-6074] - Master check failure if the metrics endpoint is polled soon after it starts.
* [MESOS-6085] - Agent's /state endpoint does not include total resources.
* [MESOS-6087] - Add master tests for TaskGroup.
* [MESOS-6100] - Make fails compiling 1.0.1.
* [MESOS-6104] - Potential FD double close in libevent's implementation of `sendfile`.
* [MESOS-6110] - Deprecate using health checks without setting the type.
* [MESOS-6118] - Agent would crash with docker container tasks due to host mount table read.
* [MESOS-6122] - Mesos slave throws systemd errors even when passed a flag to disable systemd.
* [MESOS-6131] - Improved performance for resource flatten.
* [MESOS-6141] - Some tests do not properly set 'flags.launcher' with the correct value.
* [MESOS-6144] - Validate that TaskGroup executor and tasks do not use DOCKER ContainerInfo.
* [MESOS-6145] - Isolator namespaces/pid is leaking mounts.
* [MESOS-6152] - Resource leak in libevent_ssl_socket.cpp.
* [MESOS-6153] - Resource leak in slave.cpp.
* [MESOS-6154] - Clean up queued tasks if a task group is killed before launch.
* [MESOS-6157] - ContainerInfo is not validated.
* [MESOS-6159] - Remove stout's Set type.
* [MESOS-6167] - CgroupsIsolatorTest.ROOT_CGROUPS_RevocableCpu is flaky.
* [MESOS-6170] - Health check grace period covers failures happening after first success.
* [MESOS-6173] - Authentication in v2 protobuf should not be `required`.
* [MESOS-6176] - CpuIsolatorTest.ROOT_SystemCpuUsage is flaky.
* [MESOS-6181] - The logic for BadACLNoPrincipal and BadACLDropCreateAndDestroy is not correct.
* [MESOS-6207] - Python bindings fail to build with custom SVN installation path.
* [MESOS-6208] - Containers that use the Mesos containerizer but don't want to provision a container image fail to validate.
* [MESOS-6210] - Master redirect with suffix gets in redirect loop.
* [MESOS-6216] - LibeventSSLSocketImpl::create is not safe to call concurrently with os::getenv.
* [MESOS-6217] - PAGE_SIZE was not declared in PPC64LE.
* [MESOS-6226] - Master crashes while transitioning tasks to 'TASK_UNREACHABLE'.
* [MESOS-6233] - Master CHECK fails during recovery while relinking to other masters.
* [MESOS-6234] - Potential socket leak during Zookeeper network changes.
* [MESOS-6245] - Driver based schedulers performing explicit acknowledgements cannot acknowledge updates from HTTP based executors.
* [MESOS-6246] - Libprocess links will not generate an ExitedEvent if the socket creation fails.
* [MESOS-6248] - mesos-slave cannot start , Assertion `isError()' failed.
* [MESOS-6257] - Resources not recovered after rescinding an offer on DESTROY on shared volumes.
* [MESOS-6259] - CNI isolator should not `CHECK` for `resolv.conf` under `rootContainerDir`.
* [MESOS-6260] - Composing containerizer needs to properly handle nested container launch.
* [MESOS-6262] - Default executor should kill all other tasks in a task group if any task exits with a non-zero exit status.
* [MESOS-6263] - Mesos containerizer should figure out the correct sandbox directory for nested launch.
* [MESOS-6269] - CNI isolator doesn't activate loopback interface.
* [MESOS-6270] - Agent crashes when trying to recover pods.
* [MESOS-6274] - Agent should not allow HTTP executors to re-subscribe before containerizer recovery is done.
* [MESOS-6283] - Fix the Web UI allowing access to the task sandbox for nested containers.
* [MESOS-6289] - Pass the 'user' into nested container launch.
* [MESOS-6290] - Support nested containers for logger in Mesos Containerizer.
* [MESOS-6295] - Excessive logging on agent when oversubscription modules are attached.
* [MESOS-6300] - A destroyed nested container is not reflected in the parent container's children map.
* [MESOS-6301] - Recursive destroy in MesosContainerizer is problematic.
* [MESOS-6302] - Agent recovery can fail after nested containers are launched.
* [MESOS-6308] - CHECK failure in DRF sorter.
* [MESOS-6317] - Race in master/allocator when updating oversubscribed resources of an agent.
* [MESOS-6319] - ContentType/AgentAPITest.NestedContainerLaunch/1 is flaky.
* [MESOS-6321] - CHECK failure in HierarchicalAllocatorTest.NoDoubleAccounting.
* [MESOS-6322] - Agent fails to kill empty parent container.
* [MESOS-6323] - 'mesos-containerizer launch' should inherit agent environment variables.
* [MESOS-6324] - CNI should not use `ifconfig` in executors `pre_exec_command`.
* [MESOS-6363] - Default executor should not crash with a failed assertion if it notices a disconnection from the agent for non checkpointed frameworks.
* [MESOS-6370] - The executor library does not invoke the shutdown callback upon recovery timeout.
* [MESOS-6386] - "Reached unreachable statement" in LinuxCapabilitiesIsolatorTest.
* [MESOS-6391] - Command task's sandbox should not be owned by root if it uses container image.
* [MESOS-6393] - Deprecated SSL_ environment variables are non functional already.
* [MESOS-6420] - Mesos Agent leaking sockets when port mapping network isolator is ON.
* [MESOS-6445] - Reconciliation for unreachable agent after master failover is incorrect.
* [MESOS-6446] - WebUI redirect doesn't work with stats from /metric/snapshot.
* [MESOS-6457] - Tasks shouldn't transition from TASK_KILLING to TASK_RUNNING.
* [MESOS-6461] - Duplicate framework ids in /master/frameworks endpoint 'unregistered_frameworks'.
* [MESOS-6482] - Master check failure when marking an agent unreachable.
* [MESOS-6483] - Check failure when a 1.1 master marking a 0.28 agent as unreachable.
* [MESOS-6497] - Java Scheduler Adapter does not surface MasterInfo.
* [MESOS-6502] - _version uses incorrect MESOS_{MAJOR,MINOR,PATCH}_VERSION in libmesos java binding.
* [MESOS-6527] - Memory leak in the libprocess request decoder.
** Documentation
* [MESOS-5221] - Add Documentation for Nvidia GPU support.
* [MESOS-5808] - Elasticsearch misspelled on homepage.
* [MESOS-6028] - mesos-execute has a typo in volume help.
* [MESOS-6103] - Mesos version is not uptodate in getting-started page.
* [MESOS-6343] - Documentation Error: Default Executor does not implicitly construct resources.
** Epic
* [MESOS-2449] - Support group of tasks (Pod) constructs and API in Mesos.
* [MESOS-3421] - Support sharing of resources across task instances.
* [MESOS-4312] - Porting Mesos on Power (ppc64le).
* [MESOS-4791] - Operator API v1.
* [MESOS-5344] - Partition-aware Mesos frameworks.
* [MESOS-6014] - Added port mapping CNI plugin.
** Improvement
* [MESOS-2533] - Support HTTP checks in Mesos.
* [MESOS-3567] - Support TCP checks in Mesos.
* [MESOS-4049] - Allow user to control behavior of partitioned agents/tasks.
* [MESOS-4155] - Speed up ExamplesTest.*.
* [MESOS-4172] - GarbageCollectorIntegrationTest.Restart is slow.
* [MESOS-4324] - Allow access to shared persistent volumes as read only or read write by tasks.
* [MESOS-4325] - Offer shareable resources to frameworks only if it is opted in.
* [MESOS-4431] - Support sharing of persistent volumes via shared resources.
* [MESOS-4663] - Speed up ExamplesTest.PersistentVolumeFramework.
* [MESOS-4694] - DRFAllocator takes very long to allocate resources with a large number of frameworks.
* [MESOS-4892] - Support arithmetic operations for shared resources with consumer counts.
* [MESOS-5038] - Added a any mechanism for futures.
* [MESOS-5070] - Introduce more flexible subprocess interface for child options.
* [MESOS-5425] - Consider using IntervalSet for Port range resource math.
* [MESOS-5464] - The max number of completed executors for a mesos slave should be configurable.
* [MESOS-5565] - Add logging when Offer::Operation::Launch message has no tasks.
* [MESOS-5716] - Document docker private registry with authentication support in Unified Containerizer.
* [MESOS-5732] - MasterAPITest.UnreserveResources is slow.
* [MESOS-5756] - Cmake build system needs to regenerate protobufs when they are updated.
* [MESOS-5790] - Ensure all examples in Scheduler HTTP API docs are valid JSON.
* [MESOS-5822] - Add a build script for the Windows CI.
* [MESOS-5870] - Fix the large preview logo in Slack.
* [MESOS-5901] - Make the command executor unversioned.
* [MESOS-5936] - Operator SUBSCRIBE api should provdide more task metadata than just state changes.
* [MESOS-5944] - Remove `O_SYNC` from StatusUpdateManager logs.
* [MESOS-5949] - Allow frameworks to learn the time when an agent became unreachable.
* [MESOS-5951] - Remove "strict registry" code.
* [MESOS-5954] - Docker executor does not use HealthChecker library.
* [MESOS-5955] - The "mesos-health-check" binary is not used anymore.
* [MESOS-5961] - HTTP and TCP health checks should support docker executor and bridged mode.
* [MESOS-5965] - Implement garbage collection for unreachable agent lists in registry.
* [MESOS-5978] - Improve run time for arithmetic operators for Resources.
* [MESOS-5983] - Number of libprocess worker threads is not configurable for log-rotation module.
* [MESOS-6006] - Abstract mesos-style.py to allow future linters to be added more easily.
* [MESOS-6008] - Add the infrastructure for a new python-based CLI.
* [MESOS-6025] - Validate health check protobuf in the master.
* [MESOS-6037] - Offer::Operation.type should be optional.
* [MESOS-6039] - Update elfio to version 3.2.
* [MESOS-6050] - Add an agent flag for 'runtime_dir'.
* [MESOS-6051] - Add functions to the 'Launcher' abstraction to aid in checkpointing the exit status of containers.
* [MESOS-6060] - Add MOUNT or PATH disk type in logging resources.
* [MESOS-6063] - Track recovered and prepared subsystems for a container.
* [MESOS-6065] - Support provisioning image volumes in an isolator.
* [MESOS-6075] - Avoid libprocess functions in `mesos-containerizer launch`.
* [MESOS-6080] - Expose metrics in scheduler library.
* [MESOS-6088] - Update launch helper to checkpoint exit status of launched process.
* [MESOS-6090] - Change master to always update registry before in-memory state.
* [MESOS-6096] - Update mesos-execute to support launching task groups.
* [MESOS-6098] - Frameworks UI shows metrics for used resources plus offers.
* [MESOS-6140] - Add a parallel test runner.
* [MESOS-6218] - Avoided to concat cgroup internally in subsystems.
* [MESOS-6220] - HTTP handler failures should result in 500 response rather than 503 response.
* [MESOS-6242] - Expose unknown container case on Containerizer::wait.
* [MESOS-6243] - Expose failures and unknown container cases from Containerizer::destroy.
* [MESOS-6282] - CNI isolator should print plugin's stderr.
* [MESOS-6299] - Master doesn't remove task from pending when it is invalid.
* [MESOS-6310] - Remove or define non-POSIX function.
* [MESOS-6371] - Remove the 'recover()' interface in 'ContainerLogger'.
** Task
* [MESOS-3370] - Deprecate the external containerizer.
* [MESOS-4390] - Shared Volumes Design Doc.
* [MESOS-5039] - Add Subsystem abstraction for cgroups unified isolator.
* [MESOS-5040] - Add cgroups_subsystems flag for cgroups unified isolator.
* [MESOS-5041] - Add cgroups unified isolator.
* [MESOS-5042] - Add cpu subsystem support in cgroups unified isolator.
* [MESOS-5043] - Add cpuacct subsystem support in cgroups unified isolator.
* [MESOS-5045] - Add memory subsystem support in cgroups unified isolator.
* [MESOS-5046] - Add net_cls subsystem support in cgroups unified isolator.
* [MESOS-5047] - Add perf_event subsystem support in cgroups unified isolator.
* [MESOS-5051] - Create helpers for manipulating Linux capabilities.
* [MESOS-5144] - Cleanup memory leaks in libprocess finalize().
* [MESOS-5228] - Add tests for Capability API.
* [MESOS-5232] - Add capability information to ContainerInfo protobuf message.
* [MESOS-5275] - Add capabilities support for unified containerizer.
* [MESOS-5488] - Implement READ_FILE Call in v1 master API.
* [MESOS-5515] - Implement READ_FILE Call in v1 agent API.
* [MESOS-5516] - Implement GET_STATE Call in v1 agent API.
* [MESOS-5651] - Add devices subsystem support in cgroups unified isolator.
* [MESOS-5652] - Enable cgroups unified isolator.
* [MESOS-5788] - Added JAVA API adapter for seamless transition to new scheduler API.
* [MESOS-5809] - Implement GET_FRAMEWORKS Call in v1 agent API.
* [MESOS-5810] - Implement GET_EXECUTORS Call in v1 agent API.
* [MESOS-5811] - Implement GET_TASKS Call in v1 agent API.
* [MESOS-5855] - Create a 'Disk (not) full' example framework.
* [MESOS-5970] - Remove HTTP_PARSER_VERSION_MAJOR < 2 code in decoder.
* [MESOS-5973] - Remove CgroupsCpushareIsolator.
* [MESOS-5974] - Remove CgroupsMemIsolator.
* [MESOS-5975] - Remove CgroupsPerfEventIsolator.
* [MESOS-5976] - Remove CgroupsNetClsIsolator.
* [MESOS-5977] - Remove CgroupsDevicesIsolator.
* [MESOS-5987] - Update health check protobuf for HTTP and TCP health check.
* [MESOS-6017] - Introduce `PortMapping` protobuf.
* [MESOS-6020] - Remove `slavePid` from the Containerizer::launch API.
* [MESOS-6021] - Consolidate two `Containerizer::launch` methods into one.
* [MESOS-6023] - Create a binary for the port-mapper plugin.
* [MESOS-6036] - Define the Framework API protobufs required for TaskGroups.
* [MESOS-6042] - Validate TaskGroup launch in the master.
* [MESOS-6043] - Add interface for launching nested containers in Containerizer.
* [MESOS-6045] - Implement LAUNCH_GROUP operation in master.
* [MESOS-6067] - Support provisioner to be nested aware for Mesos Pods.
* [MESOS-6068] - Refactor MesosContainerizer::launch to prepare for nesting support.
* [MESOS-6070] - Renamed containerizer::Termination to ContainerTermination.
* [MESOS-6071] - Validate that an explicitly specified DEFAULT executor has disk resources.
* [MESOS-6073] - Update the streaming function for ContainerID to be nesting aware.
* [MESOS-6076] - Implement RunTaskGroup handler on the agent.
* [MESOS-6077] - Added a default (task group) executor.
* [MESOS-6102] - Add event for agent added in master operator API.
* [MESOS-6130] - Make the disk usage isolator nesting-aware.
* [MESOS-6150] - Introduce the new isolator recover interface for nested container support.
* [MESOS-6151] - Populate `CommandInfo` correctly for default executors.
* [MESOS-6156] - Make the `network/cni` isolator nesting aware.
* [MESOS-6160] - Add protobuf definition for a Volume::Source that specifies a path from parent contianer's sandbox.
* [MESOS-6186] - Make the generic `cgroups` isolator nesting aware.
* [MESOS-6188] - Make the `gpu/nvidia` isolator nesting aware.
* [MESOS-6189] - Add a virtual method to Isolator to indicate if it supports nesting.
* [MESOS-6190] - Make the docker/runtime isolator nesting aware.
* [MESOS-6191] - Make the filesystem/linux isolator nesting aware.
* [MESOS-6192] - Make the appc/runtime isolator nesting aware.
* [MESOS-6194] - Make the disk/du isolator nesting aware.
* [MESOS-6199] - Make the volume/image isolator nesting aware.
* [MESOS-6204] - Introduce a "runtime" directory owned by the containerizer for checkpointing container information.
* [MESOS-6227] - Update the default executor to launch/wait/destroy child containers.
* [MESOS-6230] - Add support for health checks to the default executor.
* [MESOS-6235] - Add 'argv' variant of 'os::system'.
* [MESOS-6241] - Add agent::Call / agent::Response API for managing nested containers.
* [MESOS-6258] - Add `volume/sandbox_path` isolator to support Volume::Source::SANDBOX_PATH.
* [MESOS-6265] - Adjust cgroups layout for nested containers.
* [MESOS-6272] - Allow WebUI/other tools to access the task sandbox for a nested container.
* [MESOS-6284] - MesosContainerizer should skip non-nesting aware isolators for nested container.
* [MESOS-6287] - MesosContainer should allow 'wait' on terminated nested container.
* [MESOS-6312] - Update CHANGELOG to mention addition of agent '--runtime_dir' flag.
* [MESOS-6344] - Allow `network/cni` isolator to take a search path for CNI plugins instead of single directory.
* [MESOS-6408] - Changelog for `mesos-cni-port-mapper` to 1.1.0.
** Wish
* [MESOS-5929] - Total cluster resources on master Mesos UI should have better spacing.
Release Notes - Mesos - Version 1.0.4
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-2537] - AC_ARG_ENABLED checks are broken
* [MESOS-6606] - Reject optimized builds with libcxx before 3.9
* [MESOS-7008] - Quota not recovered from registry in empty cluster.
* [MESOS-7265] - Containerizer startup may cause sensitive data to leak into sandbox logs.
* [MESOS-7366] - Agent sandbox gc could accidentally delete the entire persistent volume content.
* [MESOS-7383] - Docker executor logs possibly sensitive parameters.
* [MESOS-7422] - Docker containerizer should not leak possibly sensitive data to agent log.
Release Notes - Mesos - Version 1.0.3
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-6052] - Unable to launch containers on CNI networks on CoreOS
* [MESOS-6142] - Frameworks may RESERVE for an arbitrary role.
* [MESOS-6621] - SSL downgrade path will CHECK-fail when using both temporary and persistent sockets
* [MESOS-6676] - Always re-link with scheduler during re-registration.
* [MESOS-6917] - Segfault when the executor sets an invalid UUID when sending a status update.
Release Notes - Mesos - Version 1.0.2
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4638] - Versioning preprocessor macros.
* [MESOS-4973] - Duplicates in 'unregistered_frameworks' in /state
* [MESOS-4975] - mesos::internal::master::Slave::tasks can grow unboundedly.
* [MESOS-5613] - mesos-local fails to start if MESOS_WORK_DIR isn't set.
* [MESOS-6013] - Use readdir instead of readdir_r.
* [MESOS-6026] - Tasks mistakenly marked as FAILED due to race b/w sendExecutorTerminatedStatusUpdate() and _statusUpdate().
* [MESOS-6074] - Master check failure if the metrics endpoint is polled soon after it starts.
* [MESOS-6100] - Make fails compiling 1.0.1.
* [MESOS-6104] - Potential FD double close in libevent's implementation of `sendfile`.
* [MESOS-6118] - Agent would crash with docker container tasks due to host mount table read.
* [MESOS-6122] - Mesos slave throws systemd errors even when passed a flag to disable systemd.
* [MESOS-6152] - Resource leak in libevent_ssl_socket.cpp.
* [MESOS-6212] - Validate the name format of mesos managed docker containers.
* [MESOS-6216] - LibeventSSLSocketImpl::create is not safe to call concurrently with os::getenv.
* [MESOS-6233] - Master CHECK fails during recovery while relinking to other masters.
* [MESOS-6234] - Potential socket leak during Zookeeper network changes.
* [MESOS-6245] - Driver based schedulers performing explicit acknowledgements cannot acknowledge updates from HTTP based executors.
* [MESOS-6246] - Libprocess links will not generate an ExitedEvent if the socket creation fails.
* [MESOS-6269] - CNI isolator doesn't activate loopback interface.
* [MESOS-6274] - Agent should not allow HTTP executors to re-subscribe before containerizer recovery is done.
* [MESOS-6324] - CNI should not use `ifconfig` in executors `pre_exec_command`.
* [MESOS-6391] - Command task's sandbox should not be owned by root if it uses container image.
* [MESOS-6393] - Deprecated SSL_ environment variables are non functional already.
* [MESOS-6420] - Mesos Agent leaking sockets when port mapping network isolator is ON.
* [MESOS-6446] - WebUI redirect doesn't work with stats from /metric/snapshot.
* [MESOS-6457] - Tasks shouldn't transition from TASK_KILLING to TASK_RUNNING.
* [MESOS-6461] - Duplicate framework ids in /master/frameworks endpoint 'unregistered_frameworks'.
* [MESOS-6502] - _version uses incorrect MESOS_{MAJOR,MINOR,PATCH}_VERSION in libmesos java binding.
* [MESOS-6527] - Memory leak in the libprocess request decoder.
** Improvement
* [MESOS-6075] - Avoid libprocess functions in `mesos-containerizer launch`.
* [MESOS-6299] - Master doesn't remove task from pending when it is invalid.
Release Notes - Mesos - Version 1.0.1
-------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-5388] - MesosContainerizerLaunch flags execute arbitrary commands via shell.
* [MESOS-5862] - External links to .md files broken.
* [MESOS-5911] - Webui redirection to leader in browser does not work.
* [MESOS-5913] - Stale socket FD usage when using libevent + SSL.
* [MESOS-5922] - mesos-agent --help exit status is 1.
* [MESOS-5923] - Ubuntu 14.04 LTS GPU Isolator "/run" directory is noexec.
* [MESOS-5927] - Unable to run "scratch" Dockerfiles with Unified Containerizer.
* [MESOS-5928] - Agent's '--version' flag doesn't work.
* [MESOS-5930] - Orphan tasks can show up as running after they have finished.
* [MESOS-5943] - Incremental http parsing of URLs leads to decoder error.
* [MESOS-5945] - NvidiaVolume::create() should check for root before creating volume.
* [MESOS-5959] - All non-root tests fail on GPU machine.
* [MESOS-5969] - Linux 'MountInfoTable' entries not sorted as expected.
* [MESOS-5982] - NvidiaVolume errors out if any binary is missing.
* [MESOS-5986] - SSL Socket CHECK can fail after socket receives EOF.
* [MESOS-5988] - PollSocketImpl can write to a stale fd.
** Improvement
* [MESOS-5830] - Make a sweep to trim excess space around angle brackets.
** Task
* [MESOS-5970] - Remove HTTP_PARSER_VERSION_MAJOR < 2 code in decoder.
Release Notes - Mesos - Version 1.0.0
-------------------------------------
This release contains the following new features:
* Scheduler and Executor v1 HTTP APIs are now considered stable.
* [MESOS-4791] - **Experimental** support for v1 Master and Agent APIs. These
APIs let operators and services (monitoring, load balancers) send HTTP
requests to '/api/v1' endpoint on master or agent. See
`docs/operator-http-api.md` for details.
* [MESOS-4828] - **Experimental** support for a new `disk/xfs' isolator
has been added to isolate disk resources more efficiently. Please refer to
docs/mesos-containerizer.md for more details.
* [MESOS-4355] - **Experimental** support for Docker volume plugin. We added a
new isolator 'docker/volume' which allows users to use external volumes in
Mesos containerizer. Currently, the isolator interacts with the Docker
volume plugins using a tool called 'dvdcli'. By speaking the Docker volume
plugin API, most of the Docker volume plugins are supported.
* [MESOS-4641] - **Experimental** A new network isolator, the
`network/cni` isolator, has been introduced in the `MesosContainerizer`. The
`network/cni` isolator implements the Container Network Interface (CNI)
specification proposed by CoreOS. With CNI the `network/cni` isolator is
able to allocate a network namespace to Mesos containers and attach the
container to different types of IP networks by invoking network drivers
called CNI plugins.
* [MESOS-2948, MESOS-5403] - The authorizer interface has been refactored in
order to decouple the ACLs definition language from the interface.
It additionally includes the option of retrieving `ObjectApprover`. An
`ObjectApprover` can be used to synchronously check authorizations for a
given object and is hence useful when authorizing a large number of objects
and/or large objects (which need to be copied using request based
authorization). NOTE: This is a **breaking change** for authorizer modules.
* [MESOS-5405] - The `subject` and `object` fields in authorization::Request
have been changed from required to optional. If either of these fields is
not set, the request should only be authorized if any subject/object should
be allowed.
NOTE: This is a semantic change for authorizer modules.
* [MESOS-4931, MESOS-5709, MESOS-5704] - Authorization based HTTP endpoint
filtering enables operators to restrict what part of the cluster state a
user is authorized to see.
Consider for example the `/state` master endpoint: an operator can now
authorize users to only see a subset of the running frameworks, tasks, or
executors. The following endpoints support HTTP endpoint filtering:
'/state', '/state-summary', '/tasks', '/frameworks','/weights',
and '/roles'. Additonally the following v1 API calls support filtering:
'GET_ROLES','GET_WEIGHTS','GET_FRAMEWORKS', 'GET_STATE', and 'GET_TASKS'.
* [MESOS-4909] - Tasks can now specify a kill policy. They are best-effort,
because machine failures or forcible terminations may occur. Currently, the
only available kill policy is how long to wait between graceful and forcible
task kill. In the future, more policies may be available (e.g. hitting an
HTTP endpoint, running a command, etc). Note that it is the executor's
responsibility to enforce kill policies. For executor-less command-based
tasks, the kill is performed via sending a signal to the task process:
SIGTERM for the graceful kill and SIGKILL for the forcible kill. For docker
executor-less tasks the grace period is passed to 'docker stop --time'. This
feature supersedes the '--docker_stop_timeout', which is now deprecated.
* [MESOS-4908] - The task kill policy defined within 'TaskInfo' can now be
overridden when the scheduler kills the task. This can be used by schedulers
to forcefully kill a task which is already being killed, e.g. if something
went wrong during a graceful kill and a forcible kill is desired. Note that
it is the executor's responsibility to honor the 'Event.kill.kill_policy'
field and override the task's kill policy and kill policy from a previous
kill task request. To use this feature, schedulers and executors must
support HTTP API; use the '--http_command_executor' agent flag to ensure
the agent launches the HTTP API based command executor.
* [MESOS-4949] - The executor shutdown grace period can now be configured in
`ExecutorInfo`, which overrides the agent flag. When shutting down an
executor the agent will wait in a best-effort manner for the grace period
specified here before forcibly destroying the container. The executor must
not assume that it will always be allotted the full grace period, as the
agent may decide to allot a shorter period and failures / forcible
terminations may occur. Together with kill policies this gives frameworks
flexibility around how to clean up tasks and executors.
* [MESOS-3094] - **Experimental** support for launching mesos tasks on
Windows. Note that there are no isolation guarantees provided yet.
* [MESOS-4090] - The `mesos.native` python module has been split into two,
`mesos.executor` and `mesos.scheduler`. This change also removes
un-necessary 3rd party dependencies from `mesos.executor` and
`mesos.scheduler`. `mesos.native` still exists, combining both modules for
backwards compatibility with existing code.
* [MESOS-1478] - Phase I of the Slave to Agent rename is complete. To support
the rename, new duplicate flags (e.g., --agent_reregister_timeout), new
binaries (e.g., mesos-agent) and WebUI sandbox links have been added. All
the logging output has been updated to use the term 'agent' now. Flags,
binaries and scripts with 'slave' keyword have been deprecated (see
"Deprecations section below").
* [MESOS-4312] - **Experimental** support for building and running mesos on
IBM PowerPC platform.
* [MESOS-4189] - Weights for resource roles can now be configured dynamically
via the new '/weights' endpoint on the master.
* [MESOS-4424] - Support for using Nvidia GPUs as a resource in the
Mesos "unified" containerizer. This support includes running containers
with and without filesystem isolation (i.e. running both imageless
containers as well as containers using a docker image). Frameworks must
opt-in to receiving GPU resources via the GPU_RESOURCES framework
capability (see the scarce resource problem in MESOS-5377). We support
'nvidia-docker'-style docker containers by injecting a volume that
contains the Nvidia libraries / binaries when the docker image has
the 'com.nvidia.volumes.needed' label. Support for the docker
containerizer will come in a future release.
* [MESOS-5724] - SSL certificate validation allows for additional IP address
subject alternative name extension verification.
Deprecations:
* [MESOS-2281] - Deprecated the plain text format for credentials in favor of
the JSON format.
* [MESOS-4910] - Deprecate the --docker_stop_timeout agent flag.
* [MESOS-5001] - The 'allocator/event_queue_dispatches' metric is now
deprecated in favor 'of allocator/mesos/event_queue_dispatches'.
* [MESOS-5029] - Deprecated the ExecutorInfo.source field in favor of
ExecutorInfo.labels.
* [MESOS-3781] - Deprecated flags with keyword 'slave' in favor of 'agent'.
* [MESOS-3779] - Deprecated sandbox links with 'slave' keyword in the WebUI.
* [MESOS-3784] - Deprecated `slave` subcommand for mesos-cli.
* [MESOS-5155] - Deprecated `SetQuota` and `RemoveQuota` ACLs. This change is
applicable to the local authorizer as well as any custom authorizer module.
* [MESOS-5666] - Deprecated camel cased `taskInfo` and `executorInfo` in
isolator `ContainerConfig`.
* [MESOS-5863] - Deprecated `SSL_*` environment variables used by libprocess
SSL support in favor of using `LIBPROCESS_SSL_*`.
Additional API Changes:
* [MESOS-4580] - Returning `202` (Accepted) for /reserve and related endpoints.
* [MESOS-4735] - Added 'output_file' field to CommandInfo.URI in Scheduler API
and v1 Scheduler HTTP API.
* [MESOS-5014] - Changed Call and Event Type enums in scheduler.proto
from required to optional for the purpose of backwards compatibility.
* [MESOS-5015] - Changed Call and Event Type enums in executor.proto
from required to optional for the purpose of backwards compatibility.
* [MESOS-5029] - Added 'labels' to ExecutorInfo.
* [MESOS-5030] - Added non-terminal task metadata to the container resource
usage information.
* [MESOS-5408] - Deleted the /observe HTTP endpoint.
* [MESOS-4843, MESOS-5150, MESOS-5286, MESOS-5335, MESOS-5336] - Authorization
has been added to the '/metrics/snapshot', '/logging/toggle', '/quota',
'/files/browse', '/files/download', '/files/read', '/flags', and
'/containers' endpoints. If a Mesos cluster has authorization enabled, these
endpoints now require that ACLs be set to authorize principals to access
them. Note that the '/metrics/snapshot' and '/files/*' endpoints are used by
the web UI, and thus using the web UI in a cluster with authorization
enabled will require that ACLs be set appropriately.
* [MESOS-5064] - Remove default value for the agent `work_dir`. This flag is
now required, and the agent will exit immediately if it is not provided.
* [MESOS-5637] - Authorized endpoints consistently return `503` (Service
Unavailable) instead of `500` (Internal Server Error) when the authenticator
or the authorizer fails to process the request.
* [MESOS-5657] - Executors should not inherit environment variables from the
agent.
* [MESOS-5680] - We should not 'chown -R' on persistent volumes every time
container tries to use it.
* [MESOS-5642] - Namespace and header file of `Allocator` has been moved to
be consistent with other packages.
* [MESOS-5851] - The flag `--authenticate_http` has been deprecated in favor
of `--authenticate_http_readwrite`. This new flag enables authentication for
all HTTP endpoints which support authentication and allow modification of
the state of the cluster. A new flag has also been added,
`--authenticate_http_readonly`, which enables authentication for those
authenticatable endpoints that cannot be used to modify the cluster state.
* [MESOS-5833] - Disable the experimental `registry_strict` master flag.
3rd Party Upgrades:
* [MESOS-4805] - Upgraded vendored ry-http-parser-1c3624a to nodejs/http-parser 2.6.1.
* [MESOS-4678] - Upgraded vendored protobuf 2.5.0 to 2.6.1.
* [MESOS-4803] - Upgraded vendored libev 4.15 to 4.22.
* [MESOS-4612] - Upgraded vendored ZooKeeper 3.4.5 to 3.4.8.
Binary API Changes:
* [MESOS-5055] - Slave/Agent Rename Phase I - Update strings in the log message
and standard output.
* [MESOS-3782] - Slave/Agent Rename Phase I - Duplicate/Rename binaries.
* [MESOS-5057] - Slave/Agent Rename Phase I - Update strings in error messages and
other strings.
* [MESOS-5230] - Slave/Agent Rename Phase I: Rename '/include/mesos/slave' folder
All Issues:
** Bug
* [MESOS-1495] - Create separate local data file to manage releases
* [MESOS-1575] - master sets failover timeout to 0 when framework requests a high value
* [MESOS-1865] - Redirect to the leader master when current master is not a leader
* [MESOS-2043] - Framework auth fail with timeout error and never get authenticated
* [MESOS-2198] - Document that TaskIDs should not be reused
* [MESOS-2201] - ReplicaTest.Restore fails with leveldb greater than v1.7.
* [MESOS-2331] - MasterSlaveReconciliationTest.ReconcileRace is flaky
* [MESOS-2858] - FetcherCacheHttpTest.HttpMixed is flaky.
* [MESOS-3181] - Implement package rebundling for Windows
* [MESOS-3319] - Mesos will not build when configured with gperftools enabled
* [MESOS-3402] - mesos-execute does not support credentials
* [MESOS-3573] - Mesos does not kill orphaned docker containers
* [MESOS-3714] - `os::environ` collides with the `environ` macro in Windows headers.
* [MESOS-3737] - `limiter.hpp` causes template specialization error on Windows 10/MSVC 1900
* [MESOS-3739] - Mesos does not set Content-Type for 400 Bad Request
* [MESOS-3881] - Implement `stout/os/pstree.hpp` on Windows
* [MESOS-3902] - The Location header when non-leading master redirects to leading master is incomplete.
* [MESOS-3923] - Implement AuthN handling in Master for the Scheduler endpoint
* [MESOS-3976] - C++ HTTP Scheduler Library does not work with SSL enabled
* [MESOS-4099] - parallel make tests does not build all test targets
* [MESOS-4269] - Minor typo in src/linux/cgroups.cpp
* [MESOS-4279] - Docker executor truncates task's output when the task is killed.
* [MESOS-4387] - Added a new test cases for reviveOffers in allocator test
* [MESOS-4434] - Install 3rdparty package boost, glog, protobuf and picojson when installing Mesos
* [MESOS-4447] - Renamed reserved() API to reservations()
* [MESOS-4462] - Port `gmtime_r`
* [MESOS-4463] - Implement `hsterror`
* [MESOS-4464] - Implement cpu count facilities on Windows
* [MESOS-4465] - Implement pagesize facilities in Windows
* [MESOS-4466] - Implement `waitpid` in Windows
* [MESOS-4469] - Implement memory querying in Windows
* [MESOS-4470] - Implement `uname` in Windows
* [MESOS-4471] - Implement process querying/counting in Windows
* [MESOS-4472] - Implement `getenv` in Windows
* [MESOS-4473] - Implement `shell` in Windows
* [MESOS-4474] - Implement `sendfile` in Windows
* [MESOS-4580] - Consider returning `202` (Accepted) for /reserve and related endpoints
* [MESOS-4611] - Passing a lambda to dispatch() always matches the template returning void
* [MESOS-4633] - Tests will dereference stack allocated agent objects upon assertion/expectation failure.
* [MESOS-4634] - Tests will dereference stack allocated master objects upon assertion/expectation failure.
* [MESOS-4658] - process::Connection can lead to process::wait deadlock
* [MESOS-4662] - PortMapping network isolator should not assume BIND_MOUNT_ROOT is a realpath.
* [MESOS-4672] - Implement aufs based provisioner backend.
* [MESOS-4673] - Agent fails to shutdown after re-registering period timed-out.
* [MESOS-4680] - HTTP requests to non leading mesos-master redirect to top level page
* [MESOS-4684] - Create base docker image for test suite.
* [MESOS-4705] - Linux 'perf' parsing logic may fail when OS distribution has perf backports.
* [MESOS-4744] - mesos-execute should allow setting role
* [MESOS-4807] - IOTest.BufferedRead writes to the current directory
* [MESOS-4810] - ProvisionerDockerPullerTest.ROOT_INTERNET_CURL_ShellCommand fails.
* [MESOS-4827] - Destroy Docker container crashes Mesos slave
* [MESOS-4875] - overlayfs does not work when launching tasks
* [MESOS-4876] - bind backend does not work when launching tasks
* [MESOS-4885] - Unzip should force overwrite
* [MESOS-4901] - Build fails on some systems due to unportable use of time.h
* [MESOS-4911] - Executor driver does not respect executor shutdown grace period.
* [MESOS-4912] - LinuxFilesystemIsolatorTest.ROOT_MultipleContainers fails.
* [MESOS-4922] - Setup proper /etc/hostname, /etc/hosts and /etc/resolv.conf for containers in network/cni isolator.
* [MESOS-4924] - MAC OS build failed
* [MESOS-4942] - Docker runtime isolator tests may cause disk issue.
* [MESOS-4950] - Implement reconnect funtionality in the scheduler library.
* [MESOS-4952] - Annoying image provisioner logging for when images are not used.
* [MESOS-4954] - URI fetcher error message if plugin is not found is mis-leading.
* [MESOS-4957] - Typo in Mesos portal
* [MESOS-4961] - ContainerLoggerTest.LOGROTATE_RotateInSandbox is flaky
* [MESOS-4963] - Incorrect CXXFLAGS with GCC 6
* [MESOS-4972] - Implement `os::rename`
* [MESOS-4978] - Update mesos-execute with Appc changes.
* [MESOS-4981] - Framework (re-)register metric counters broken for calls made via scheduler driver
* [MESOS-4984] - MasterTest.SlavesEndpointTwoSlaves is flaky
* [MESOS-5000] - MasterTest.MasterLost is flaky
* [MESOS-5005] - Enforce that DiskInfo principal is equal to framework/operator principal
* [MESOS-5010] - Installation of mesos python package is incomplete
* [MESOS-5012] - Protobuf change for external storage.
* [MESOS-5013] - Add docker volume driver isolator for Mesos containerizer.
* [MESOS-5018] - FrameworkInfo Capability enum does not support upgrades.
* [MESOS-5031] - Authorization Action enum does not support upgrades.
* [MESOS-5060] - Requesting /files/read.json with a negative length value causes subsequent /files requests to 404.
* [MESOS-5063] - SSLTest.HTTPSPost and SSLTest.HTTPSGet tests fail
* [MESOS-5064] - Remove default value for the agent `work_dir`
* [MESOS-5082] - Fix a bug in the Nvidia GPU device isolator that exposes a discrepancy between clang and gcc in 'using' declarations
* [MESOS-5113] - `network/cni` isolator crashes when launched without the --network_cni_plugins_dir flag
* [MESOS-5114] - Flags::parse does not handle empty string correctly.
* [MESOS-5115] - Grant access to /dev/nvidiactl and /dev/nvidia-uvm in the Nvidia GPU isolator.
* [MESOS-5121] - pivot_root is not available on PowerPC
* [MESOS-5125] - Commit message hook iterates over words, rather than lines.
* [MESOS-5126] - Commit message hook iterates over the commented lines.
* [MESOS-5127] - Reset `LIBPROCESS_IP` in `network\cni` isolator.
* [MESOS-5128] - PersistentVolumeTest.AccessPersistentVolume is flaky
* [MESOS-5131] - Slave allows the resource estimator to send non-revocable resources.
* [MESOS-5132] - Commit message hook lints the diff in verbose mode.
* [MESOS-5138] - Fix Nvidia GPU test build for namespace change of MasterDetector
* [MESOS-5142] - Add agent flags for HTTP authorization.
* [MESOS-5146] - MasterAllocatorTest/1.RebalancedForUpdatedWeights is flaky.
* [MESOS-5153] - Sandboxes contents should be protected from unauthorized users
* [MESOS-5162] - Commit message hook behaves incorrectly when a message includes a "*".
* [MESOS-5166] - ExamplesTest.DynamicReservationFramework is slow
* [MESOS-5181] - Master should reject calls from the scheduler driver if the scheduler is not connected.
* [MESOS-5184] - Mesos does not validate role info when framework registered with specified role
* [MESOS-5196] - Sandbox GC shouldn't return early in the face of an error.
* [MESOS-5199] - The mesos-execute prints confusing message when launching tasks.
* [MESOS-5216] - Document docker volume driver isolator.
* [MESOS-5224] - buffer overflow error in slave upon processing malformed UUIDs
* [MESOS-5225] - Command executor can not start when joining a CNI network
* [MESOS-5226] - The image-less task launched by mesos-execute can not join CNI network
* [MESOS-5230] - Slave/Agent Rename Phase I: Rename '/include/mesos/slave' folder
* [MESOS-5233] - python packages installation is broken
* [MESOS-5237] - The windows version of `os::access` has differing behavior than the POSIX version.
* [MESOS-5239] - Persistent volume DockerContainerizer support assumes proper mount propagation setup on the host.
* [MESOS-5240] - Command executor may escalate after the task is reaped.
* [MESOS-5244] - Compilation failure on Ubuntu 16.04
* [MESOS-5253] - Isolator cleanup should not be invoked if they are not prepared yet.
* [MESOS-5263] - pivot_root is not available on ARM
* [MESOS-5265] - Update mesos-execute to support docker volume isolator.
* [MESOS-5266] - add test cases for docker volume driver
* [MESOS-5277] - Need to add REMOVE semantics to the copy backend
* [MESOS-5279] - DRF sorter add/activate doesn't check if it's adding a duplicate entry
* [MESOS-5282] - Destroy container while provisioning volume images may lead to a race.
* [MESOS-5287] - boto is no longer a Mesos dependency.
* [MESOS-5293] - Endpoint handlers for master and agent are implemented surprisingly differently.
* [MESOS-5294] - Status updates after a health check are incomplete or invalid
* [MESOS-5295] - The task launched by non-checkpointed HTTP command executor will keep running till executor shutdown grace period (5s) after agent process exits.
* [MESOS-5304] - /metrics/snapshot endpoint help disappeared on agent.
* [MESOS-5308] - ROOT_XFS_QuotaTest.NoCheckpointRecovery failed.
* [MESOS-5312] - Env `MESOS_SANDBOX` is not set properly for command tasks that changes rootfs.
* [MESOS-5318] - Make `os::close` always catch structured exceptions on Windows
* [MESOS-5326] - Error symbolic link of include/slave
* [MESOS-5330] - Agent should backoff before connecting to the master
* [MESOS-5340] - libevent builds may prevent new connections
* [MESOS-5341] - Enabled docker volume support for DockerContainerizer
* [MESOS-5351] - DockerVolumeIsolatorTest.ROOT_INTERNET_CURL_CommandTaskRootfsWithVolumes is flaky
* [MESOS-5354] - Update "driver" as optional for DockerVolume.
* [MESOS-5359] - The scheduler library should have a delay before initiating a connection with master.
* [MESOS-5380] - Killing a queued task can cause the corresponding command executor to never terminate.
* [MESOS-5381] - Network portmapping isolator disable IPv6 failed
* [MESOS-5382] - Implement os::fsync
* [MESOS-5383] - Implement os::setHostname
* [MESOS-5386] - Add `HANDLE` overloads for functions that take a file descriptor
* [MESOS-5389] - docker containerizer should prefix relative volume.container_path values with the path to the sandbox.
* [MESOS-5390] - v1 Executor Protos not included in maven jar
* [MESOS-5397] - Slave/Agent Rename Phase 1: Update terms in the website
* [MESOS-5403] - Introduce ObjectApprover Interface to Authorizer.
* [MESOS-5405] - Make fields in authorization::Request protobuf optional.
* [MESOS-5407] - Slave/Agent rename: diagrams in docs
* [MESOS-5408] - Delete the /observe HTTP endpoint
* [MESOS-5413] - `network/cni` isolator should skip the bind mounting of the CNI network information root directory if possible
* [MESOS-5414] - configure failed on ubuntu and centos
* [MESOS-5415] - bootstrap of libprocess fails.
* [MESOS-5416] - make check of stout fails.
* [MESOS-5422] - Website README.md is out of dated
* [MESOS-5423] - Updating the website section in release-guide is out of dated
* [MESOS-5428] - Update the mechanism to define flags in FlagsBase derived clases
* [MESOS-5429] - Enhance error message for mesos-ps
* [MESOS-5432] - Javadoc in project website didn't include the generated protobuf
* [MESOS-5434] - Incomplete bootstrap 3.3.6 upgrade in webui
* [MESOS-5436] - GPU resource broke framework data table in webUI
* [MESOS-5437] - AppC appc_simple_discovery_uri_prefix is lost in configuration.md
* [MESOS-5438] - Add more verbose log for mesos-cat, mesos-tail or mesos-scp
* [MESOS-5445] - Allow libprocess/stout to build without first doing `make` in 3rdparty.
* [MESOS-5449] - Memory leak in SchedulerProcess.declineOffer
* [MESOS-5450] - Make the SASL dependency optional.
* [MESOS-5451] - Show Framework ID in log for long-lived-framework
* [MESOS-5453] - CNI should not store subnet of address in NetworkInfo
* [MESOS-5477] - Implement GET_HEALTH Call in v1 master API.
* [MESOS-5478] - Implement GET_HEALTH Call in v1 agent API.
* [MESOS-5479] - Implement GET_VERSION Call in v1 master API.
* [MESOS-5480] - Implement GET_VERSION Call in v1 agent API.
* [MESOS-5531] - Re-enable style-check for stout.
* [MESOS-5537] - http v1 SUBSCRIBED scheduler event always has nil http_interval_seconds
* [MESOS-5543] - /dev/fd is missing in the Mesos containerizer environment
* [MESOS-5554] - Change major/minor device types for Nvidia GPUs to `unsigned int`
* [MESOS-5556] - Fix method of populating device entries for `/dev/nvidia-uvm`, etc.
* [MESOS-5561] - Need to remove references to "messages/messages.hpp" from `State` API
* [MESOS-5571] - Scheduler JNI throws exception when the major versions of JAR and libmesos don't match
* [MESOS-5575] - Attempting to Parse PID logging is too verbose
* [MESOS-5577] - Modules using replicated log state API require zookeeper headers
* [MESOS-5587] - FullFrameworkWriter makes master segmentation fault.
* [MESOS-5595] - GMock warning in FaultToleranceTest.SchedulerReregisterAfterFailoverTimeout
* [MESOS-5600] - DRF sorter unnecessarily re-sorts due to misuse of "dirty" bit.
* [MESOS-5601] - DRF sorter does not re-calculate share if a client weight is updated.
* [MESOS-5607] - Refactored overlay, overlayfs and aufs checking to fs::supported
* [MESOS-5609] - Put initial scaffolding in place for implementing SUBSCRIBE call on v1 Master API.
* [MESOS-5611] - Error message is not clear when create docker volume with absolute path
* [MESOS-5615] - When using command executor, the ExecutorInfo is useless for sandbox authorization
* [MESOS-5616] - Add missing comments for GET_FLAGS, GET_HEALTH, GET_VERSION, GET_LOGGING_LEVEL, GET_LEADING_MASTER
* [MESOS-5627] - Quota-related authorization actions should be removed rather than deprecated.
* [MESOS-5629] - Agent segfaults after request to '/files/browse'
* [MESOS-5637] - Authorized endpoint results are inconsistent for failures.
* [MESOS-5642] - Move include/mesos/v1/master/allocator.proto to its own directory and package
* [MESOS-5657] - Executors should not inherit environment variables from the agent.
* [MESOS-5660] - ContainerizerTest.ROOT_CGROUPS_BalloonFramework fails because executor environment isn't inherited
* [MESOS-5664] - Invalid resources sent to '/reserve' are silently dropped
* [MESOS-5667] - CniIsolatorTest.ROOT_INTERNET_CURL_LaunchCommandTask fails on CentOS 7.
* [MESOS-5668] - Add CGROUP namespace to linux ns helper.
* [MESOS-5669] - CNI isolator should not return failure if /etc/hostname does not exist on host.
* [MESOS-5670] - MemoryPressureMesosTest.CGROUPS_ROOT_SlaveRecovery is flaky.
* [MESOS-5671] - MemoryPressureMesosTest.CGROUPS_ROOT_Statistics is flaky.
* [MESOS-5673] - Port mapping isolator may cause segfault if it bind mount root does not exist.
* [MESOS-5674] - Port mapping isolator may fail in 'isolate' method.
* [MESOS-5680] - We should not 'chown -R' on persistent volumes every time container tries to use it.
* [MESOS-5684] - Master captures `this` when creating authorization callback
* [MESOS-5685] - The /files/download endpoint's authorization can be compromised
* [MESOS-5691] - SSL downgrade support will leak sockets in CLOSE_WAIT status
* [MESOS-5692] - Add helper function "begin_with/end_with" to strings
* [MESOS-5695] - Add missing comments for GET_ROLES, GET_WEIGHTS, SUBSCRIBE, CREATE_VOLUMES, DESTROY_VOLUMES, SET_QUOTA
* [MESOS-5698] - Quota sorter not updated for resource changes at agent.
* [MESOS-5715] - Enhance startsWith/endsWith's performance
* [MESOS-5723] - SSL-enabled libprocess will leak incoming links to forks
* [MESOS-5724] - SSL certificate validation should allow IP only verification.
* [MESOS-5727] - Command executor health check does not work when the task specifies container image.
* [MESOS-5748] - Potential segfault in `link` and `send` when linking to a remote process
* [MESOS-5755] - NVML headers are not installed as part of 3rdparty install with --enable-install-module-dependencies
* [MESOS-5757] - Authorize orphaned tasks
* [MESOS-5760] - MAC OS Build failed
* [MESOS-5763] - Task stuck in fetching is not cleaned up after --executor_registration_timeout.
* [MESOS-5766] - Missing License Information for Bundled NVML headers
* [MESOS-5794] - Agent's /containers endpoint should skip terminated executors.
* [MESOS-5799] - docker::inspect() may get wrong output when a docker container is not in "running" state
* [MESOS-5806] - CNI isolator should prepare network related /etc/* files for containers using host mode but specify container images.
* [MESOS-5834] - Mesos may pass --volume-driver to the Docker daemon multiple times.
* [MESOS-5844] - PersistentVolumeEndpointsTest.OfferCreateThenEndpointRemove test is flaky
* [MESOS-5845] - The fetcher can access any local file as root
* [MESOS-5848] - Docker health checks are malformed.
* [MESOS-5851] - Create mechanism to control authentication between different HTTP endpoints
* [MESOS-5863] - Enabling SSL causes fetcher fail to fetch from HTTPS sites.
* [MESOS-5891] - /help endpoint does not set Content-Type to HTML.
** Documentation
* [MESOS-4381] - Improve upgrade compatibility documentation.
* [MESOS-4514] - Document how to implement Mesos HTTP operator endpoints.
* [MESOS-4689] - Design doc for v1 Operator API
* [MESOS-4726] - Document scheduler driver calls in framework development guide.
* [MESOS-4750] - Document: Mesos Executor expects all SSL_* environment variables to be set
* [MESOS-4785] - Reorganize ACL subject/object descriptions.
* [MESOS-4787] - HTTP endpoint docs should use shorter paths
* [MESOS-5215] - Update the documentation for '/reserve' and '/create-volumes'
* [MESOS-5313] - Failed to set quota and update weight according to document
* [MESOS-5366] - Update documentation to include contender/detector module
* [MESOS-5419] - Document all known client libraries for the Scheduler/Executor API
* [MESOS-5583] - Improve authorization documentation when setting permissive flag.
* [MESOS-5586] - Move design docs from wiki to web page
* [MESOS-5702] - CNI documentation example is not explicit enough about external plugins
** Epic
* [MESOS-1478] - Slave to Agent rename (Phase I).
* [MESOS-2297] - Add authentication support for HTTP API
* [MESOS-2948] - Generalize authorizer interface in order to allow for arbitrary Subjects, Actions and Objects
* [MESOS-4189] - Dynamic weights
* [MESOS-4843] - Authorize Master Operator Endpoints
* [MESOS-4847] - Agent HTTP Authentication
* [MESOS-4931] - Authorization based filtering for endpoints.
* [MESOS-5150] - Authorize Agent HTTP Endpoints
* [MESOS-5703] - Authorize operator endpoints for Mesos 1.0
** Improvement
* [MESOS-1571] - Signal escalation timeout is not configurable.
* [MESOS-2145] - Distinguish frameworks according to their state in the webui
* [MESOS-2154] - Port CFS quota support to Docker Containerizer
* [MESOS-2281] - Deprecate plain text Credential format.
* [MESOS-2372] - Test script for verifying compatibility between Mesos components
* [MESOS-2602] - Provide a way to "push" cluster state updates to a registered service.
* [MESOS-2720] - Publish the schema for operator endpoints
* [MESOS-3243] - Replace NULL with nullptr
* [MESOS-3690] - Make Apache Mesos' website mobile friendly
* [MESOS-3774] - Migrate Future tests from process_tests.cpp to future_tests.cpp
* [MESOS-3775] - MasterAllocatorTest.SlaveLost is slow.
* [MESOS-4090] - Create light-weight executor only and scheduler only mesos eggs
* [MESOS-4126] - Construct the error string in `MethodNotAllowed`.
* [MESOS-4160] - Log recover tests are slow.
* [MESOS-4164] - MasterTest.RecoverResources is slow.
* [MESOS-4165] - MasterTest.MasterInfoOnReElection is slow.
* [MESOS-4166] - MasterTest.LaunchCombinedOfferTest is slow.
* [MESOS-4167] - MasterTest.OfferTimeout is slow.
* [MESOS-4170] - OversubscriptionTest.UpdateAllocatorOnSchedulerFailover is slow.
* [MESOS-4171] - OversubscriptionTest.RemoveCapabilitiesOnSchedulerFailover is slow.
* [MESOS-4174] - HookTest.VerifySlaveLaunchExecutorHook is slow.
* [MESOS-4175] - ContentType/SchedulerTest.Decline is slow.
* [MESOS-4309] - Update documentation to cover HTTP authentication.
* [MESOS-4353] - Limit the number of processes created by libprocess
* [MESOS-4369] - Enhance DockerExecuter to support Docker's user-defined networks
* [MESOS-4386] - Deprecate 'authenticate' master flag in favor of 'authenticate_frameworks' flag
* [MESOS-4576] - Introduce a stout helper for "which"
* [MESOS-4610] - MasterContender/MasterDetector should be loadable as modules
* [MESOS-4612] - Update vendored ZooKeeper to 3.4.8
* [MESOS-4678] - Upgrade vendored Protobuf to 2.6.1
* [MESOS-4720] - Add allocator metrics for total vs offered/allocated resources.
* [MESOS-4721] - Expose allocation algorithm latency via a metric.
* [MESOS-4722] - Add allocator metric for number of active offer filters
* [MESOS-4723] - Add allocator metric for currently satisfied quotas
* [MESOS-4724] - Add allocator metric for currrent dominant shares of frameworks and roles
* [MESOS-4735] - CommandInfo.URI should allow specifying target filename
* [MESOS-4790] - Revert external linkage of symbols in master/constants.hpp
* [MESOS-4801] - Updated `createFrameworkInfo` for hierarchical_allocator_tests.cpp.
* [MESOS-4802] - Update leveldb patch file to suport PowerPC LE
* [MESOS-4803] - Update vendored libev to 4.22
* [MESOS-4805] - Update ry-http-parser-1c3624a to nodejs/http-parser 2.6.1
* [MESOS-4839] - Move placement new processes into the freezer cgroup into a parent hook.
* [MESOS-4868] - PersistentVolumeTests do not need to set up ACLs.
* [MESOS-4879] - Update glog patch to support PowerPC LE
* [MESOS-4886] - Support mesos containerizer force_pull_image option.
* [MESOS-4891] - Add a '/containers' endpoint to the agent to list all the active containers.
* [MESOS-4897] - Update test cases to support PowerPC LE
* [MESOS-4902] - Add authentication to libprocess endpoints
* [MESOS-4908] - Tasks cannot be killed forcefully.
* [MESOS-4909] - Introduce kill policy for tasks.
* [MESOS-4910] - Deprecate the --docker_stop_timeout agent flag.
* [MESOS-4914] - ProcessorManager delegate should be an Option<string>, not just a string.
* [MESOS-4926] - Add a list parser for comma separated integers in flags.
* [MESOS-4928] - Remove all '.get().' calls on Option / Try variables in the resources abstraction.
* [MESOS-4943] - Reduce the size of LinuxRootfs in tests.
* [MESOS-4949] - Executor shutdown grace period should be configurable.
* [MESOS-4951] - Enable actors to pass an authentication realm to libprocess
* [MESOS-4956] - Add authentication to /files endpoints
* [MESOS-5001] - Prefix allocator metrics with "mesos/" to better support custom allocator metrics.
* [MESOS-5002] - Reflecting the Tachyon => Alluxio rename in the documentation.
* [MESOS-5014] - Call and Event Type enums in scheduler.proto should be optional
* [MESOS-5015] - Call and Event Type enums in executor.proto should be optional
* [MESOS-5020] - Drop `404 Not Found` and `307 Temporary Redirect` in the scheduler library.
* [MESOS-5029] - Add labels to ExecutorInfo
* [MESOS-5030] - Expose TaskInfo's metadata to ResourceUsage struct
* [MESOS-5044] - Temporary directories created by environment->mkdtemp cleanup can be problematic.
* [MESOS-5049] - Refactore subproces setup functions.
* [MESOS-5062] - Update the long-lived-framework example to run on test clusters
* [MESOS-5069] - Upgrade http-parser to v2.6.2
* [MESOS-5073] - Mesos allocator leaks role sorter and quota role sorters.
* [MESOS-5101] - Add CMake build to docker_build.sh
* [MESOS-5117] - Enhance mesos-execute for specifying CNI networks
* [MESOS-5124] - TASK_KILLING is not supported by mesos-execute.
* [MESOS-5155] - Consolidate authorization actions for quota.
* [MESOS-5168] - Benchmark overhead of authorization based filtering.
* [MESOS-5169] - Introduce new Authorizer Actions for Authorized based filtering of endpoints.
* [MESOS-5170] - Adapt json creation for authorization based endpoint filtering.
* [MESOS-5174] - Update the balloon-framework to run on test clusters
* [MESOS-5179] - Enhance the error message for Duration flag.
* [MESOS-5212] - Allow any principal in ReservationInfo when HTTP authentication is off
* [MESOS-5214] - Populate FrameworkInfo.principal for authenticated frameworks
* [MESOS-5271] - Add alias support for Flags
* [MESOS-5273] - Need support for Authorization information via HELP.
* [MESOS-5286] - Add authorization to libprocess HTTP endpoints
* [MESOS-5296] - Split Resource and Inverse offer protobufs for V1 API
* [MESOS-5302] - Consider adding an Executor Shim/Adapter for the new/old API
* [MESOS-5307] - Sandbox mounts should not be in the host mount namespace.
* [MESOS-5316] - Authenticate the agent's '/containers' endpoint.
* [MESOS-5317] - Authorize the agent's '/containers' endpoint.
* [MESOS-5331] - Some cleanup in filesystem_isolator_tests.cpp
* [MESOS-5335] - Add authorization to GET /weights.
* [MESOS-5336] - Add authorization to GET /quota.
* [MESOS-5338] - Add `user` to `Task` protobuf message.
* [MESOS-5339] - Create Tests for testing fine-grained HTTP endpoint filtering.
* [MESOS-5347] - Enhance the log message when launching mesos containerizer.
* [MESOS-5348] - Enhance the log message when launching docker containerizer.
* [MESOS-5350] - Add asynchronous hook for validating docker containerizer tasks
* [MESOS-5356] - Add Windows support for StopWatch
* [MESOS-5360] - Set death signal for dvdcli subprocess in docker volume isolator.
* [MESOS-5370] - Add deprecation support for Flags
* [MESOS-5372] - Add random() to os:: namespace
* [MESOS-5373] - Remove `Zookeeper's` NTDDI_VERSION define
* [MESOS-5374] - Add support for Console Ctrl handling in `slave.cpp`
* [MESOS-5375] - Implement stout/os/windows/kill.hpp
* [MESOS-5398] - Rewrite os::read() to be friendlier to reading binary files
* [MESOS-5399] - Add utility for parsing ld.so.cache on linux.
* [MESOS-5400] - Add preliminary support for parsing ELF files in stout.
* [MESOS-5401] - Add ability to inject a Volume of Nvidia libraries/binaries into a docker-image container in mesos containerizer.
* [MESOS-5404] - Allow `Task` to be authorized.
* [MESOS-5420] - Implement os::exists for processes
* [MESOS-5424] - Update the style of code under website folder to match other exist source code
* [MESOS-5430] - Design the improvement of the home page of mesos.apache.org
* [MESOS-5431] - Update the website generation and development workflows with docker.
* [MESOS-5435] - Add default implementations to all Isolator virtual functions
* [MESOS-5452] - Agent modules should be initialized before all components except firewall.
* [MESOS-5456] - Master anonymous modules should initialized before any other components.
* [MESOS-5457] - Create a small testing doc for the v1 Scheduler/Executor API
* [MESOS-5459] - Update RUN_TASK_WITH_USER to use additional metadata
* [MESOS-5519] - Refresh Mesos project website homepage
* [MESOS-5532] - Maven build is too verbose for batch builds
* [MESOS-5540] - Support building with non-GNU libc
* [MESOS-5550] - Remove Nvidia GPU Isolator's link-time dependence on `libnvidia-ml`
* [MESOS-5551] - Move the Nvidia GPU isolator from `cgroups/devices/gpu/nvidia` to `gpu/nvidia`
* [MESOS-5552] - Bundle NVML headers for Nvidia GPU support.
* [MESOS-5555] - Always provide access to NVIDIA control devices within containers (if GPU isolation is enabled).
* [MESOS-5557] - Add `NvidiaGpuAllocator` component for cross-containerizer GPU allocation
* [MESOS-5558] - Update `Containerizer::resources()` to use the `NvidiaGpuAllocator`
* [MESOS-5559] - Integrate the `NvidiaGpuAllocator` into the `NvidiaGpuIsolator`
* [MESOS-5562] - Add class to share Nvidia-specific components between containerizers
* [MESOS-5563] - Rearrange Nvidia GPU files to cleanup semantics for header inclusion.
* [MESOS-5572] - Change Operator API RPC handlers return type to http::Response
* [MESOS-5576] - Masters may drop the first message they send between masters after a network partition
* [MESOS-5581] - Guarantee ordering between Isolators
* [MESOS-5592] - Pass NetworkInfo to CNI Plugins
* [MESOS-5593] - Devolve v1 operator protos before using them in Master/Agent.
* [MESOS-5617] - Mesos website preview incorrect in facebook
* [MESOS-5618] - Added a metric indicating if replicated log for the registrar has recovered or not.
* [MESOS-5630] - Change build to always enable Nvidia GPU support for Linux
* [MESOS-5636] - Display allocated resources in the agent listing of the webui.
* [MESOS-5666] - Deprecate camel case proto field in isolator ContainerConfig.
* [MESOS-5697] - Support file volume in mesos containerizer.
* [MESOS-5737] - Expose Executor PID in containers endpoint
* [MESOS-5740] - Consider adding `relink` functionality to libprocess
* [MESOS-5743] - Added a flag parser for hashset<std::string>.
* [MESOS-5749] - Have maven run in batch mode
* [MESOS-5753] - Command executor should use `mesos-containerizer launch` to launch user task.
* [MESOS-5758] - Add ability to exclude resources from fair sharing.
* [MESOS-5765] - Add 'systemGetDriverVersion' to NVML abstraction.
* [MESOS-5767] - Add ELFIO as bundled Dependency to Mesos
* [MESOS-5768] - Reimplement the stout ELF abstraction in terms of ELFIO
* [MESOS-5769] - Add get_abi_version() to ELF abstraction in stout
* [MESOS-5782] - Renamed 'commands' to 'pre_exec_commands' in ContainerLaunchInfo.
* [MESOS-5787] - Add ability to set framework capabilities in 'mesos-execute'
* [MESOS-5793] - Add ability to inject Nvidia devices into a container
* [MESOS-5833] - Disable '--registry_strict' master flag
** Task
* [MESOS-338] - Mesos 1.0
* [MESOS-2257] - Version the Operator/Admin API
* [MESOS-2408] - Slave should reclaim storage for destroyed persistent volumes.
* [MESOS-2950] - Implement current mesos Authorizer in terms of generalized Authorizer interface
* [MESOS-3063] - Add an example framework using dynamic reservation
* [MESOS-3103] - Separate OS-specific code in the libprocess library
* [MESOS-3214] - Replace boost foreach with range-based for
* [MESOS-3368] - Add device support in cgroups abstraction
* [MESOS-3371] - Implement process::subprocess on Windows
* [MESOS-3436] - Port dynamiclibrary_test.cpp to Windows
* [MESOS-3438] - Port gzip_test to Windows
* [MESOS-3439] - Port ip_tests
* [MESOS-3443] - Windows: Port protobuf_tests.hpp
* [MESOS-3541] - Add CMakeLists that builds the Mesos master
* [MESOS-3558] - Implement HTTPCommandExecutor that uses the Executor Library
* [MESOS-3559] - Make the Command Scheduler use the HTTP Scheduler Library
* [MESOS-3609] - Port slave/gc.cpp
* [MESOS-3610] - Port slave/flags.cpp to Windows
* [MESOS-3611] - Port slave/http.cpp to Windows
* [MESOS-3612] - Port slave/metrics.cpp to Windows
* [MESOS-3614] - Port slave/slave.cpp to Windows
* [MESOS-3616] - Port slave/status_update_manager.cpp to Windows
* [MESOS-3617] - Port slave/containerizer/containerizer.cpp to Windows
* [MESOS-3618] - Port slave/containerizer/fetcher.cpp
* [MESOS-3619] - Port slave/containerizer/isolator.cpp to Windows
* [MESOS-3620] - Create slave/containerizer/isolators/filesystem/windows.cpp
* [MESOS-3622] - Port slave/containerizer/launcher.cpp to Windows
* [MESOS-3623] - Port slave/containerizer/mesos/containerizer.cpp to Windows
* [MESOS-3624] - Port slave/containerizer/mesos/launch.cpp to Windows
* [MESOS-3634] - Port process/protobuf.hpp
* [MESOS-3635] - Port process/defer.hpp to Windows
* [MESOS-3636] - Port process/dispatch.hpp
* [MESOS-3637] - Port process/process.hpp to Windows
* [MESOS-3639] - Implement stout/os/windows/killtree.hpp
* [MESOS-3641] - Implement stout/os/windows/read.hpp and write.hpp
* [MESOS-3642] - Implement stout/os/windows/sendfile.hpp
* [MESOS-3646] - Port process/clock.hpp to Windows
* [MESOS-3647] - Port process/time.hpp to Windows
* [MESOS-3648] - Port stout/duration.hpp to Windows
* [MESOS-3649] - Port process/future.hpp to Windows
* [MESOS-3650] - Port process/event.hpp to Windows
* [MESOS-3651] - Port process/latch.hpp to Windows
* [MESOS-3652] - Port process/http.hpp to Windows
* [MESOS-3653] - Port process/message.hpp to Windows
* [MESOS-3654] - Port process/filter.hpp to Windows
* [MESOS-3657] - Port process/deferred.hpp to Windows
* [MESOS-3661] - Port slave/metrics.hpp to Windows
* [MESOS-3662] - Port slave/slave.hpp to Windows
* [MESOS-3663] - Port process/metrics/gauge.hpp to Windows
* [MESOS-3664] - Port process/metrics/metric.hpp to Windows
* [MESOS-3666] - Port process/metrics/metrics.hpp to Windows
* [MESOS-3668] - Port process/delay.hpp to Windows
* [MESOS-3669] - Port process/clock.hpp to Windows
* [MESOS-3670] - Port process/time.hpp to Windows
* [MESOS-3671] - Port stout/duration.hpp to Windows
* [MESOS-3672] - Port process/timer.hpp to Windows
* [MESOS-3673] - Port process/timeout.hpp to Windows
* [MESOS-3674] - Port process/async.hpp to Windows
* [MESOS-3675] - Port process/check.hpp to Windows
* [MESOS-3679] - Port slave/containerizer/containerizer.hpp to Windows
* [MESOS-3680] - Port process/subprocess.hpp to Windows
* [MESOS-3681] - Port slave/containerizer/fetcher.hpp to Windows
* [MESOS-3682] - Port slave/containerizer/launcher.hpp to Windows
* [MESOS-3683] - Port slave/containerizer/isolator.hpp to Windows
* [MESOS-3685] - Port process/io.hpp to Windows
* [MESOS-3779] - Slave/Agent Rename Phase I - Update terms in Web UI.
* [MESOS-3781] - Replace Master/Slave Terminology Phase I - Rename flag names and deprecate old ones
* [MESOS-3782] - Slave/Agent Rename Phase I - Add duplicate binaries (or create symlinks)
* [MESOS-3783] - Replace Master/Slave Terminology Phase I - Update documentation
* [MESOS-3784] - Replace Master/Slave Terminology Phase I - Update mesos-cli
* [MESOS-3854] - Finalize design for generalized Authorizer interface
* [MESOS-3945] - Add operator documentation for /weight endpoint
* [MESOS-4033] - Add a commit hook for non-ascii characters.
* [MESOS-4112] - Clean up libprocess gtest macros
* [MESOS-4214] - Introduce HTTP endpoint /weights for updating weight
* [MESOS-4316] - Support get non-default weights by /weights
* [MESOS-4459] - Implement AuthN handling on the scheduler library
* [MESOS-4623] - Add a stub Nvidia GPU isolator.
* [MESOS-4624] - Add allocation metrics for "gpus" resources.
* [MESOS-4625] - Implement Nvidia GPU isolation w/o filesystem isolation enabled.
* [MESOS-4626] - Support Nvidia GPUs with filesystem isolation enabled in mesos containerizer.
* [MESOS-4629] - Implement fault tolerance tests for the HTTP Scheduler API.
* [MESOS-4704] - Enable zlib on Windows.
* [MESOS-4758] - Add a 'name' field into NetworkInfo.
* [MESOS-4759] - Add network/cni isolator for Mesos containerizer.
* [MESOS-4761] - Add agent flags to allow operators to specify CNI plugin and config directories.
* [MESOS-4764] - The network/cni isolator should report assigned IP address.
* [MESOS-4771] - Document the network/cni isolator.
* [MESOS-4788] - Mesos UI should show the role and principal of a framework
* [MESOS-4797] - Add a couple of registrar tests for /weights endpoint
* [MESOS-4813] - Implement base tests for unified container using local puller.
* [MESOS-4818] - Add end to end testing for Appc images.
* [MESOS-4840] - Remove internal usage of deprecated ShutdownFramework ACL
* [MESOS-4844] - Add authentication to master endpoints
* [MESOS-4849] - Add agent flags for HTTP authentication
* [MESOS-4850] - Add authentication to agent endpoints /state and /flags
* [MESOS-4858] - Make changes to executor v1 library around managing connections.
* [MESOS-4860] - Add a script to install the Nvidia GDK on a host.
* [MESOS-4861] - Add configure flags to build with Nvidia GPU support.
* [MESOS-4863] - Add Nvidia GPU isolator tests.
* [MESOS-4864] - Add flag to specify available Nvidia GPUs on an agent's command line.
* [MESOS-4865] - Add GPUs as an explicit resource.
* [MESOS-4881] - Rescind all outstanding offers after changing some weights.
* [MESOS-4887] - Design doc for Slave/Agent rename
* [MESOS-4889] - Implement runtime isolator tests.
* [MESOS-4906] - Upgrade to clang-format-3.8.
* [MESOS-4932] - Propose Design for Authorization based filtering for endpoints.
* [MESOS-4933] - Registrar HTTP Authentication.
* [MESOS-4934] - Enable HELP to include authentication status of endpoint.
* [MESOS-4938] - Support docker registry authentication
* [MESOS-4939] - Support specifying per-container docker registry.
* [MESOS-4944] - Improve overlay backend so that it's writable
* [MESOS-4962] - Support for Mesos releases
* [MESOS-4982] - Update example long running to use v1 API.
* [MESOS-4993] - FetcherTest.ExtractZipFile assumes `unzip` is installed
* [MESOS-5050] - Design Linux capability support for Mesos containerizer
* [MESOS-5055] - Slave/Agent Rename Phase I - Update strings in the log message and standard output
* [MESOS-5057] - Slave/Agent Rename Phase I - Update strings in error messages and other strings
* [MESOS-5065] - Support docker private registry default docker config.
* [MESOS-5108] - Design a short-term solution for a typed error handling mechanism.
* [MESOS-5109] - Capture the error code in `ErrnoError` and `WindowsError`.
* [MESOS-5110] - Introduce an additional template parameter to `Try` for typed error.
* [MESOS-5111] - Update `network::connect` to use the typed error state of `Try`.
* [MESOS-5112] - Introduce `WindowsSocketError`.
* [MESOS-5130] - Enable `newtork/cni` isolator in `MesosContainerizer` as the default `network` isolator.
* [MESOS-5135] - Update existing documentation to Include references to GPUs as a first class resource.
* [MESOS-5136] - Update the default JSON representation of a Resource to include GPUs
* [MESOS-5137] - Remove 'dashboard.js' from the webui.
* [MESOS-5152] - Add authentication to agent's /monitor/statistics endpoint
* [MESOS-5157] - Update webui for GPU metrics
* [MESOS-5159] - Add test to verify error when requesting fractional GPUs
* [MESOS-5164] - Add authorization to agent's /monitor/statistics endpoint.
* [MESOS-5167] - Add tests for `network/cni` isolator
* [MESOS-5171] - Expose state/state.hpp to public headers
* [MESOS-5173] - Allow master/agent to take multiple modules manifest files
* [MESOS-5178] - Add logic to validate for non-fractional GPU requests in the master
* [MESOS-5209] - Add a slave hook that runs after the fetching is done.
* [MESOS-5222] - Create a benchmark for scale testing HTTP frameworks
* [MESOS-5249] - Update CMake files to reflect reorganized 3rdparty
* [MESOS-5250] - Move 3rdparty/libprocess/3rdparty/* to 3rdparty/
* [MESOS-5256] - Add support for per-containerizer resource enumeration
* [MESOS-5257] - Add autodiscovery for GPU resources
* [MESOS-5272] - Support docker image labels.
* [MESOS-5297] - Add authorization to the master's "/flags" endpoint.
* [MESOS-5365] - Introduce a timeout for docker volume driver mount/unmount operation.
* [MESOS-5394] - Rename isolator name 'xfs/disk' and 'posix/disk' to 'disk/xfs' and 'disk/du'
* [MESOS-5474] - Implement GET_FLAGS Call in v1 master API.
* [MESOS-5475] - Implement GET_FLAGS Call in v1 agent API.
* [MESOS-5484] - Implement GET_METRICS Call in v1 master API.
* [MESOS-5485] - Implement GET_LOGGING_LEVEL Call in v1 master API.
* [MESOS-5486] - Implement SET_LOGGING_LEVEL Call in v1 master API.
* [MESOS-5487] - Implement LIST_FILES Call in v1 master API.
* [MESOS-5489] - Implement GET_STATE Call in v1 master API.
* [MESOS-5491] - Implement GET_AGENTS Call in v1 master API.
* [MESOS-5492] - Implement GET_FRAMEWORKS Call in v1 master API.
* [MESOS-5493] - Implement GET_TASKS Call in v1 master API.
* [MESOS-5494] - Implement GET_ROLES Call in v1 master API.
* [MESOS-5495] - Implement GET_WEIGHTS Call in v1 master API.
* [MESOS-5496] - Implement UPDATE_WEIGHTS Call in v1 master API.
* [MESOS-5497] - Implement GET_MASTER Call in v1 master API.
* [MESOS-5498] - Implement SUBSCRIBE Call in v1 master API.
* [MESOS-5499] - Implement RESERVE_RESOURCES Call in v1 master API.
* [MESOS-5500] - Implement UNRESERVE_RESOURCES Call in v1 master API.
* [MESOS-5501] - Implement CREATE_VOLUMES Call in v1 master API.
* [MESOS-5502] - Implement DESTROY_VOLUMES Call in v1 master API.
* [MESOS-5503] - Implement GET_MAINTENANCE_STATUS Call in v1 master API.
* [MESOS-5504] - Implement GET_MAINTENANCE_SCHEDULE Call in v1 master API.
* [MESOS-5505] - Implement UPDATE_MAINTENANCE_SCHEDULE Call in v1 master API.
* [MESOS-5506] - Implement START_MAINTENANCE Call in v1 master API.
* [MESOS-5507] - Implement STOP_MAINTENANCE Call in v1 master API.
* [MESOS-5508] - Implement GET_QUOTA Call in v1 master API.
* [MESOS-5509] - Implement SET_QUOTA Call in v1 master API.
* [MESOS-5510] - Implement REMOVE_QUOTA Call in v1 master API.
* [MESOS-5511] - Implement GET_METRICS Call in v1 agent API.
* [MESOS-5512] - Implement GET_LOGGING_LEVEL Call in v1 agent API.
* [MESOS-5513] - Implement SET_LOGGING_LEVEL Call in v1 agent API.
* [MESOS-5514] - Implement LIST_FILES Call in v1 agent API.
* [MESOS-5517] - Implement GET_RESOURCE_STATISTICS Call in v1 agent API.
* [MESOS-5518] - Implement GET_CONTAINERS Call in v1 agent API.
* [MESOS-5549] - Document aufs provisioner backend.
* [MESOS-5628] - `QuotaHandler` should only make one authorization request to the authorizer.
* [MESOS-5634] - Add Framework Capability for GPU_RESOURCES
* [MESOS-5639] - Add documentation about metadata for CNI plugins.
* [MESOS-5641] - Update docker-volume.md to add some content for how to test
* [MESOS-5663] - Remove hard dependence on libelf for Linux
* [MESOS-5699] - Create new documentation for Mesos networking.
* [MESOS-5704] - Fine-grained authorization on /frameworks
* [MESOS-5705] - ZK credential is exposed in /flags and /state
* [MESOS-5706] - GET_ENDPOINT_WITH_PATH authz doesn't make sense for /flags
* [MESOS-5707] - LocalAuthorizer should error if passed a GET_ENDPOINT ACL with an unhandled path
* [MESOS-5708] - Add authz to /files/debug
* [MESOS-5709] - Authorization for /roles
* [MESOS-5711] - Update AUTHORIZATION strings in endpoint help
* [MESOS-5712] - Document exactly what is handled by GET_ENDPOINTS_WITH_PATH acl
* [MESOS-5750] - Implement GET_EXECUTORS Call in v1 master API.
* [MESOS-5764] - Whitelist the nvidia-uvm-tools device in the Nvidia GPU isolator.
Release Notes - Mesos - Version 0.28.3
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-5571] - Scheduler JNI throws exception when the major versions of JAR and libmesos don't match.
* [MESOS-5673] - Port mapping isolator may cause segfault if it bind mount root does not exist.
* [MESOS-5330] - Agent should backoff before connecting to the master.
* [MESOS-5543] - /dev/fd is missing in the Mesos containerizer environment.
* [MESOS-5691] - SSL downgrade support will leak sockets in CLOSE_WAIT status.
* [MESOS-5723] - SSL-enabled libprocess will leak incoming links to forks.
* [MESOS-5748] - Potential segfault in `link` when linking to a remote process.
* [MESOS-5763] - Task stuck in fetching is not cleaned up after --executor_registration_timeout.
* [MESOS-5073] - Mesos allocator leaks role sorter and quota role sorters.
* [MESOS-5698] - Quota sorter not updated for resource changes at agent.
* [MESOS-5740] - Consider adding `relink` functionality to libprocess.
* [MESOS-5576] - Masters may drop the first message they send between masters after a network partition.
* [MESOS-5913] - Stale socket FD usage when using libevent + SSL.
* [MESOS-5927] - Unable to run "scratch" Dockerfiles with Unified Containerizer.
* [MESOS-5943] - Incremental http parsing of URLs leads to decoder error.
* [MESOS-5986] - SSL Socket CHECK can fail after socket receives EOF.
* [MESOS-6104] - Potential FD double close in libevent's implementation of `sendfile`.
* [MESOS-6142] - Frameworks may RESERVE for an arbitrary role.
* [MESOS-6152] - Resource leak in libevent_ssl_socket.cpp.
* [MESOS-6233] - Master CHECK fails during recovery while relinking to other masters.
* [MESOS-6234] - Potential socket leak during Zookeeper network changes.
* [MESOS-6246] - Libprocess links will not generate an ExitedEvent if the socket creation fails.
* [MESOS-6299] - Master doesn't remove task from pending when it is invalid.
* [MESOS-6457] - Tasks shouldn't transition from TASK_KILLING to TASK_RUNNING.
* [MESOS-6527] - Memory leak in the libprocess request decoder.
Release Notes - Mesos - Version 0.28.2
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4705] - Linux 'perf' parsing logic may fail when OS distribution has perf backports.
* [MESOS-5239] - Persistent volume DockerContainerizer support assumes proper mount propagation setup on the host.
* [MESOS-5253] - Isolator cleanup should not be invoked if they are not prepared yet.
* [MESOS-5282] - Destroy container while provisioning volume images may lead to a race.
* [MESOS-5312] - Env `MESOS_SANDBOX` is not set properly for command tasks that changes rootfs.
* [MESOS-4885] - Unzip should force overwrite.
* [MESOS-5449] - Memory leak in SchedulerProcess.declineOffer.
* [MESOS-5380] - Killing a queued task can cause the corresponding command executor to never terminate.
** Improvement
* [MESOS-5307] - Sandbox mounts should not be in the host mount namespace.
Release Notes - Mesos - Version 0.28.1
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4662] - PortMapping network isolator should not assume BIND_MOUNT_ROOT is a realpath.
* [MESOS-4874] - overlayfs does not work with kernel 4.2.3
* [MESOS-4877] - Mesos containerizer can't handle top level docker image like "alpine" (must use "library/alpine")
* [MESOS-4878] - Task stuck in TASK_STAGING when docker fetcher failed to fetch the image
* [MESOS-4964] - curl based docker fetcher fails to decode chunked encoding
* [MESOS-4985] - Destroy a container while it's provisioning can lead to leaked provisioned directories.
* [MESOS-5009] - local docker puller fails to find private registry repositories
* [MESOS-5018] - FrameworkInfo Capability enum does not support upgrades.
* [MESOS-5021] - Memory leak in subprocess when 'environment' argument is provided.
* [MESOS-5023] - MesosContainerizerProvisionerTest.DestroyWhileProvisioning is flaky.
* [MESOS-5114] - Flags::parse does not handle empty string correctly.
Release Notes - Mesos - Version 0.28.0
--------------------------------------
This release contains the following new features:
* [MESOS-4343] - A new cgroups isolator for enabling the net_cls subsystem in
Linux. The cgroups/net_cls isolator allows operators to provide network
performance isolation and network segmentation for containers within a Mesos
cluster. To enable the cgroups/net_cls isolator, append `cgroups/net_cls` to
the `--isolation` flag when starting the slave. Please refer to
docs/mesos-containerizer.md for more details.
* [MESOS-4687] - The implementation of scalar resource values (e.g., "2.5
CPUs") has changed. Mesos now reliably supports resources with up to three
decimal digits of precision (e.g., "2.501 CPUs"); resources with more than
three decimal digits of precision will be rounded. Internally, resource math
is now done using a fixed-point format that supports three decimal digits of
precision, and then converted to/from floating point for input and output,
respectively. Frameworks that do their own resource math and manipulate
fractional resources may observe differences in roundoff error and numerical
precision.
* [MESOS-4479] - Reserved resources can now optionally include "labels".
Labels are a set of key-value pairs that can be used to associate metadata
with a reserved resource. For example, frameworks can use this feature to
distinguish between two reservations for the same role at the same agent
that are intended for different purposes.
* [MESOS-2840] - **Experimental** support for container images in Mesos
containerizer (a.k.a. Unified Containerizer). This allows frameworks to
launch Docker/Appc containers using Mesos containerizer without relying on
docker daemon (engine) or rkt. The isolation of the containers is done using
isolators. Please refer to docs/container-image.md for currently supported
features and limitations.
* [MESOS-4793] - **Experimental** support for v1 Executor HTTP API. This
allows executors to send HTTP requests to the /api/v1/executor agent
endpoint without the need for an executor driver. Please refer to
docs/executor-http-api.md for more details.
* [MESOS-4370] Added support for service discovery of Docker containers that
use Docker Remote API v1.21.
Additional API Changes:
* [MESOS-4066] - Agent should not return partial state when a request is made
to /state endpoint during recovery.
* [MESOS-4547] - Introduce TASK_KILLING state.
* [MESOS-4712] - Remove 'force' field from the Subscribe Call in v1
Scheduler API.
* [MESOS-4591] - Change the object of ReserveResources and CreateVolume ACLs
to `roles`.
* [MESOS-3583] - Add stream IDs for HTTP schedulers.
* [MESOS-4427] - Ensure ip_address in state.json (from NetworkInfo) is valid.
All Issues:
** Bug
* [MESOS-1187] - precision errors with allocation calculations
* [MESOS-1469] - No output from review bot on timeout
* [MESOS-2007] - AllocatorTest/0.SlaveReregistersFirst is flaky
* [MESOS-2017] - Segfault with "Pure virtual method called" when tests fail
* [MESOS-3273] - EventCall Test Framework is flaky
* [MESOS-3397] - sorter.cpp: Check failed: total.resources.contains(slaveId)
* [MESOS-3413] - Docker containerizer does not symlink persistent volumes into sandbox
* [MESOS-3570] - Make Scheduler Library use HTTP Pipelining Abstraction in Libprocess
* [MESOS-3719] - Core dump on /teardown
* [MESOS-3725] - shared library loading depends on environment variable updates
* [MESOS-3833] - /help endpoints do not work for nested paths
* [MESOS-3940] - /reserve and /unreserve should be permissive under a master without authentication.
* [MESOS-4029] - ContentType/SchedulerTest is flaky.
* [MESOS-4047] - MemoryPressureMesosTest.CGROUPS_ROOT_SlaveRecovery is flaky
* [MESOS-4071] - Master crash during framework teardown ( Check failed: total.resources.contains(slaveId))
* [MESOS-4249] - Mesos fetcher step skipped with MESOS_DOCKER_MESOS_IMAGE flag
* [MESOS-4255] - Add mechanism for testing recovery of HTTP based executors
* [MESOS-4285] - Mesos command task doesn't support volumes with image
* [MESOS-4291] - fs::enter(rootfs) does not work if 'rootfs' is read only.
* [MESOS-4298] - Sync up configuration.md and flags.cpp
* [MESOS-4338] - Create utilities for common shell commands used.
* [MESOS-4370] - NetworkSettings.IPAddress field is deprecated in Docker
* [MESOS-4383] - Support docker runtime configuration env var from image.
* [MESOS-4395] - Add persistent volume endpoint tests with no principal
* [MESOS-4416] - Get the perf version function return fail
* [MESOS-4427] - Ensure ip_address in state.json (from NetworkInfo) is valid
* [MESOS-4454] - Create common sha512 compute utility function.
* [MESOS-4478] - ReviewBot seemed to be crashing ReviewBoard server when posting large reviews
* [MESOS-4484] - GMock warning in MasterTest.OrphanTasks
* [MESOS-4495] - Delete `os::chown` on Windows
* [MESOS-4496] - Replace `glob` on Windows with something more suited to the platform
* [MESOS-4499] - Docker provisioner store should reuse existing layers in the cache.
* [MESOS-4517] - Introduce docker runtime isolator.
* [MESOS-4542] - MasterQuotaTest.AvailableResourcesAfterRescinding is flaky.
* [MESOS-4546] - Mesos Agents needs to re-resolve hosts in zk string on leader change / failure to connect
* [MESOS-4555] - Build broken with GCC 5.3.0
* [MESOS-4556] - ShasumTest.SHA512SimpleFile failed on centos7.
* [MESOS-4562] - Mesos UI shows wrong count for "started" tasks
* [MESOS-4563] - Docker::Container::Create should handle NetworkSettings.IPAddress being an empty string.
* [MESOS-4570] - DockerFetcherPluginTest.INTERNET_CURL_FetchImage seems flaky.
* [MESOS-4573] - Design doc for scheduler HTTP Stream IDs
* [MESOS-4583] - Rename `examples/event_call_framework.cpp` to `examples/test_http_framework.cpp`
* [MESOS-4584] - Update Rakefile for mesos site generation
* [MESOS-4585] - mesos-fetcher LIBPROCESS_PORT set to 5051 URI fetch failure
* [MESOS-4587] - Docker environment variables must be able to contain the equal sign
* [MESOS-4591] - `/reserve` and `/create-volumes` endpoints allow operations for any role
* [MESOS-4597] - `freebsd.hpp` is missing from the release tarball
* [MESOS-4598] - Logrotate ContainerLogger should not remove IP from environment.
* [MESOS-4602] - Invalid usage of ATOMIC_FLAG_INIT in member initialization
* [MESOS-4614] - SlaveRecoveryTest/0.CleanupHTTPExecutor is flaky
* [MESOS-4615] - ContainerLoggerTest.DefaultToSandbox is flaky
* [MESOS-4619] - Remove markdown files from doxygen pages
* [MESOS-4637] - Docker process executor can die with agent unit on systemd.
* [MESOS-4639] - Posix process executor can die with agent unit on systemd.
* [MESOS-4640] - Logrotate container logger can die with agent unit on systemd.
* [MESOS-4656] - strings::split behaves incorrectly when n=1
* [MESOS-4661] - SlaveRecoveryTest/0.ReconnectHTTPExecutor is flaky
* [MESOS-4669] - Add common compression utility
* [MESOS-4670] - `cgroup_info` not being exposed in state.json when ComposingContainerizer is used.
* [MESOS-4671] - Status updates from executor can be forwarded out of order by the Agent.
* [MESOS-4674] - Linux filesystem isolator tests are flaky.
* [MESOS-4675] - Cannot disable systemd support
* [MESOS-4676] - ROOT_DOCKER_Logs is flaky.
* [MESOS-4677] - LimitedCpuIsolatorTest.ROOT_CGROUPS_Pids_and_Tids is flaky.
* [MESOS-4681] - Updated libnl3 download links
* [MESOS-4683] - Document docker runtime isolator.
* [MESOS-4693] - Variable shadowing in HookManager::slavePreLaunchDockerHook
* [MESOS-4703] - Make Stout configuration modular and consumable by downstream (e.g., libprocess and agent)
* [MESOS-4711] - Race condition in libevent poll implementation causes crash
* [MESOS-4714] - "make DESTDIR=<path> install" broken
* [MESOS-4743] - Mesos fetcher not working correctly on docker apps on CoreOS
* [MESOS-4747] - ContainerLoggerTest.MesosContainerizerRecover cannot be executed in isolation
* [MESOS-4768] - MasterMaintenanceTest.InverseOffers is flaky
* [MESOS-4774] - Wrong symbolic link of some Mesos libraries
* [MESOS-4784] - SlaveTest.MetricsSlaveLaunchErrors test relies on implicit blocking behavior hitting the global metrics endpoint
* [MESOS-4806] - LevelDBStateTests write to the current directory
* [MESOS-4824] - "filesystem/linux" isolator does not unmount orphaned persistent volumes
* [MESOS-4825] - Master's slave reregister logic does not update version field
* [MESOS-4830] - Bind docker runtime isolator with docker image provider.
* [MESOS-4831] - Master sometimes sends two inverse offers after the agent goes into maintenance.
* [MESOS-4832] - DockerContainerizerTest.ROOT_DOCKER_RecoverOrphanedPersistentVolumes exits when the /tmp directory is bind-mounted
* [MESOS-4833] - Poor allocator performance with labeled resources and/or persistent volumes
* [MESOS-4836] - Fix rmdir for windows
* [MESOS-4866] - Added document for overlayfs backend.
* [MESOS-4888] - Default cmd is executed as an incorrect command.
* [MESOS-4903] - Allow multiple loads of module manifests
** Documentation
* [MESOS-1471] - Document replicated log design/internals
* [MESOS-3831] - Document operator HTTP endpoints
* [MESOS-4376] - Document semantics of `slaveLost`
* [MESOS-4377] - Document units associated with resource types
* [MESOS-4452] - Improve documentation around roles, principals, authz, and reservations
* [MESOS-4622] - Update configuration.md with `--cgroups_net_cls_primary_handle` agent flag.
* [MESOS-4702] - Document default value of "offer_timeout"
* [MESOS-4786] - Example in C++ style guide uses wrong indention for wrapped line
* [MESOS-4854] - Update CHANGELOG with net_cls isolator
* [MESOS-4873] - Add documentation about container image support.
** Epic
* [MESOS-4343] - Introduce the ability to assign network handles to mesos containers
* [MESOS-4793] - Executor API v1
** Improvement
* [MESOS-197] - Executor sendStatusUpdate should ACK on slave checkpoint
* [MESOS-2585] - Use full width for mesos div.container
* [MESOS-2971] - Implement OverlayFS based provisioner backend
* [MESOS-3608] - Optionally install test binaries.
* [MESOS-4004] - Support default entrypoint and command runtime config in Mesos containerizer
* [MESOS-4005] - Support workdir runtime configuration from image
* [MESOS-4169] - MasterMaintenanceTest.InverseOffers is slow
* [MESOS-4225] - Exposed docker/appc image manifest to mesos containerizer.
* [MESOS-4261] - Remove docker auth server flag
* [MESOS-4333] - Refactor Appc provisioner tests
* [MESOS-4344] - Allow operators to assign net_cls major handles to mesos agents
* [MESOS-4479] - Implement reservation labels
* [MESOS-4486] - Speed up FetcherCacheTest.Local* test cases
* [MESOS-4487] - Introduce status() interface in `Containerizer`
* [MESOS-4488] - Define a CgroupInfo protobuf to expose cgroup isolator configuration.
* [MESOS-4489] - The `cgroups/net_cls` isolator needs to expose handles in the ContainerStatus
* [MESOS-4490] - Get container status information in slave.
* [MESOS-4493] - Add ability to create symlink on Windows
* [MESOS-4494] - Implement `size`, `usage`, and other disk metrics reporting on Windows.
* [MESOS-4497] - Add ZK to the Windows agent build
* [MESOS-4498] - Refactor os.hpp to be less monolithic, and more cross-platform compatible
* [MESOS-4520] - Introduce a status() interface for isolators
* [MESOS-4523] - Enable benchmark tests in ASF CI
* [MESOS-4547] - Introduce TASK_KILLING state.
* [MESOS-4551] - process::collect() and process::await only take a fixed number of arguments (when not using a list).
* [MESOS-4552] - Help strings are not removed from the global help process upon process termination.
* [MESOS-4564] - Separate Appc protobuf messages to its own file.
* [MESOS-4566] - Avoid unnecessary temporary `std::string` constructions and copies in `jsonify`.
* [MESOS-4571] - SlaveRecoveryTest.RecoverStatusUpdateManager is not consistent with its description
* [MESOS-4575] - Fix Appc image caching to share with image fetcher
* [MESOS-4588] - Set title for documentation webpages.
* [MESOS-4618] - Speed up FetcherCacheTest.SimpleEviction
* [MESOS-4628] - Speed up FetcherCache test cases by reduce allocation_interval.
* [MESOS-4636] - Add parent hook to subprocess.
* [MESOS-4657] - Add LOG(INFO) in `cgroups/net_cls` for debugging allocation of net_cls handles.
* [MESOS-4667] - Expose persistent volume information in HTTP endpoints
* [MESOS-4685] - Speed up FetcherCache test cases by disable framework checkpoint.
* [MESOS-4710] - Add comment about labels caveats to mesos.proto
* [MESOS-4731] - Update /frameworks to use jsonify
* [MESOS-4776] - Libprocess metrics/snapshot endpoint rate limiting should be configurable.
* [MESOS-4783] - Disable rate limiting of the global metrics endpoint for mesos-tests execution
* [MESOS-4792] - Remove src/common/date_utils.{c,h}pp
* [MESOS-4796] - Debug ability enhancement for unified container
** Task
* [MESOS-1940] - Add Mesos-graced/hosted libraries to installation path
* [MESOS-3339] - Implement filtering mechanism for (Scheduler API Events) Testing
* [MESOS-3424] - Support fetching AppC images into the store
* [MESOS-3525] - Figure out how to enforce 64-bit builds on Windows.
* [MESOS-3583] - Introduce stream IDs in HTTP Scheduler API
* [MESOS-3613] - Port slave/paths.cpp to Windows
* [MESOS-3643] - Implement stout/os/windows/shell.hpp
* [MESOS-3763] - Need for http::put request method
* [MESOS-3929] - Automate the process of landing commits for committers
* [MESOS-3943] - Support dynamic weight in allocator
* [MESOS-4066] - Agent should not return partial state when a request is made to /state endpoint during recovery.
* [MESOS-4200] - Test case(s) for weights + allocation behavior
* [MESOS-4345] - Implement a network-handle manager for net_cls cgroup subsystem
* [MESOS-4358] - Expose net_cls network handles in agent's state endpoint
* [MESOS-4421] - Document that /reserve, /create-volumes endpoints can return misleading "success"
* [MESOS-4433] - Implement a callback testing interface for the Executor Library
* [MESOS-4435] - Update `Master::Http::stateSummary` to use `jsonify`.
* [MESOS-4438] - Add 'dependency' message to 'AppcImageManifest' protobuf.
* [MESOS-4439] - Fix appc CachedImage image validation
* [MESOS-4457] - Implement tests for the new Executor library
* [MESOS-4531] - Document multi-disk support.
* [MESOS-4590] - Add test case for reservations with same role, different principals
* [MESOS-4596] - Add common Appc spec utilities.
* [MESOS-4660] - Document net_cls isolator in docs/mesos-containerizer.md.
* [MESOS-4686] - Implement master failover tests for the scheduler library.
* [MESOS-4691] - Add a HierarchicalAllocator benchmark with reservation labels.
* [MESOS-4700] - Allow agent to configure net_cls handle minor range.
* [MESOS-4707] - Add fs:supported() function for detecting whether a file system is supported
* [MESOS-4712] - Remove 'force' field from the Subscribe Call in v1 Scheduler API
* [MESOS-4713] - ReviewBot should not fail hard if there are circular dependencies in a review chain
* [MESOS-4746] - CMake: Add leveldb library to 3rdparty external builds.
* [MESOS-4748] - Add Appc image fetcher tests.
* [MESOS-4780] - Remove `user` and `rootfs` flags in Windows launcher.
* [MESOS-4798] - Make existing scheduler library tests use the callback interface.
* [MESOS-4817] - Remove internal usage of deprecated *.json endpoints.
* [MESOS-4822] - Add support for local image fetching in Appc provisioner.
* [MESOS-4829] - Remove `grace_period_seconds` field from Shutdown event v1 protobuf.
* [MESOS-4834] - Add 'file' fetcher plugin.
Release Notes - Mesos - Version 0.27.4
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-5330] - Agent should backoff before connecting to the master.
* [MESOS-5571] - Scheduler JNI throws exception when the major versions of JAR and libmesos don't match.
* [MESOS-5691] - SSL downgrade support will leak sockets in CLOSE_WAIT status.
* [MESOS-5723] - SSL-enabled libprocess will leak incoming links to forks.
* [MESOS-5748] - Potential segfault in `link` when linking to a remote process.
* [MESOS-5913] - Stale socket FD usage when using libevent + SSL.
* [MESOS-5943] - Incremental http parsing of URLs leads to decoder error.
* [MESOS-5986] - SSL Socket CHECK can fail after socket receives EOF.
* [MESOS-6104] - Potential FD double close in libevent's implementation of `sendfile`.
* [MESOS-6152] - Resource leak in libevent_ssl_socket.cpp.
Release Notes - Mesos - Version 0.27.3
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4705] - Linux 'perf' parsing logic may fail when OS distribution has perf backports.
* [MESOS-4869] - /usr/libexec/mesos/mesos-health-check using/leaking a lot of memory.
* [MESOS-5018] - FrameworkInfo Capability enum does not support upgrades.
* [MESOS-5021] - Memory leak in subprocess when 'environment' argument is provided.
* [MESOS-5449] - Memory leak in SchedulerProcess.declineOffer.
Release Notes - Mesos - Version 0.27.2
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4693] - Variable shadowing in HookManager::slavePreLaunchDockerHook.
* [MESOS-4711] - Race condition in libevent poll implementation causes crash.
* [MESOS-4754] - The "executors" field is exposed under a backwards incompatible schema.
** Improvement
* [MESOS-4687] - Implement reliable floating point for scalar resources.
Release Notes - Mesos - Version 0.27.1
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4546] - Mesos Agents needs to re-resolve hosts in zk string on leader change / failure to connect.
* [MESOS-4563] - Docker::Container::Create should handle NetworkSettings.IPAddress being an empty string.
* [MESOS-4582] - state.json serving duplicate "active" fields.
* [MESOS-4585] - mesos-fetcher LIBPROCESS_PORT set to 5051 URI fetch failure.
* [MESOS-4587] - Docker environment variables must be able to contain the equal sign.
* [MESOS-4597] - `freebsd.hpp` is missing from the release tarball.
* [MESOS-4598] - Logrotate ContainerLogger should not remove IP from environment.
* [MESOS-4637] - Docker process executor can die with agent unit on systemd.
* [MESOS-4639] - Posix process executor can die with agent unit on systemd.
* [MESOS-4640] - Logrotate container logger can die with agent unit on systemd.
* [MESOS-4675] - Can not disable systemd support.
** Improvement
* [MESOS-4566] - Avoid unnecessary temporary `std::string` constructions and copies in `jsonify`.
* [MESOS-4636] - Add parent hook to subprocess.
** Task
* [MESOS-4435] - Update `Master::Http::stateSummary` to use `jsonify`.
* [MESOS-4531] - Document multi-disk support.
Release Notes - Mesos - Version 0.27.0
--------------------------------------------
API Changes:
* [MESOS-313] - Report executor termination to framework schedulers.
* [MESOS-2315] - Removed deprecated CommandInfo::ContainerInfo.
* [MESOS-3988] - Implicit roles.
* [MESOS-4154] - Rename shutdown_frameworks to teardown_frameworks.
All Issues:
** Bug
* [MESOS-934] - 'Logging and Debugging' document is out-of-date.
* [MESOS-1613] - HealthCheckTest.ConsecutiveFailures is flaky
* [MESOS-2209] - Mesos should not use negative exit codes
* [MESOS-2768] - SIGPIPE in process::run_in_event_loop()
* [MESOS-3134] - Port bootstrap to CMake
* [MESOS-3151] - ReservationTest.CompatibleCheckpointedResourcesWithPersistentVolumes is flaky
* [MESOS-3235] - FetcherCacheHttpTest.HttpCachedSerialized and FetcherCacheHttpTest.HttpCachedConcurrent are flaky
* [MESOS-3307] - Configurable size of completed task / framework history
* [MESOS-3349] - Removing mount point fails with EBUSY in LinuxFilesystemIsolator.
* [MESOS-3379] - LinuxFilesystemIsolatorTest.ROOT_VolumeFromHostSandboxMountPoint is failed
* [MESOS-3472] - RegistryTokenTest.ExpiredToken test is flaky
* [MESOS-3479] - COMMAND Health Checks are not executed if the timeout is exceeded
* [MESOS-3551] - Replace use of strerror with thread-safe alternatives strerror_r / strerror_l.
* [MESOS-3595] - Framework process hangs after master failover when number frameworks > libprocess thread pool size
* [MESOS-3718] - Implement Quota support in allocator
* [MESOS-3773] - RegistryClientTest.SimpleGetBlob is flaky
* [MESOS-3799] - Compilation warning with Ubuntu wily: auto_ptr is deprecated
* [MESOS-3809] - Expose advertise_ip and advertise_port as command line options in mesos slave
* [MESOS-3817] - Rename offers to outstanding offers
* [MESOS-3832] - Scheduler HTTP API does not redirect to leading master
* [MESOS-3834] - slave upgrade framework checkpoint incompatibility
* [MESOS-3851] - Investigate recent crashes in Command Executor
* [MESOS-3859] - Add github support to apply-reviews.py.
* [MESOS-3860] - Add support for `stout/process.hpp` on Windows.
* [MESOS-3868] - Make apply-review.sh use apply-reviews.py
* [MESOS-3909] - isolator module headers depend on picojson headers
* [MESOS-3916] - MasterMaintenanceTest.InverseOffersFilters is flaky
* [MESOS-3939] - ubsan error in net::IP::create(sockaddr const&): misaligned address
* [MESOS-3963] - Move "using mesos::fetcher::FetcherInfo" into internal namespace in "fetcher.hpp"
* [MESOS-3965] - Ensure resources in `QuotaInfo` protobuf do not contain `role`
* [MESOS-4002] - ReservationEndpointsTest.UnreserveAvailableAndOfferedResources is flaky
* [MESOS-4024] - HealthCheckTest.CheckCommandTimeout is flaky.
* [MESOS-4031] - slave crashed in cgroupstatistics()
* [MESOS-4047] - MemoryPressureMesosTest.CGROUPS_ROOT_SlaveRecovery is flaky
* [MESOS-4067] - ReservationTest.ACLMultipleOperations is flaky
* [MESOS-4069] - libevent_ssl_socket assertion fails
* [MESOS-4072] - The lt-mesos-master will coredump in some situation.
* [MESOS-4102] - Quota doesn't allocate resources on slave joining.
* [MESOS-4107] - `os::strerror_r` breaks the Windows build
* [MESOS-4108] - Implement `os::mkdtemp` for Windows
* [MESOS-4109] - HTTPConnectionTest.ClosingResponse is flaky
* [MESOS-4110] - Implement `WindowsError` to correspond with `ErrnoError`.
* [MESOS-4154] - Rename shutdown_frameworks to teardown_frameworks
* [MESOS-4177] - Create a user doc for Executor HTTP API
* [MESOS-4184] - Jenkins builds for Centos fail with missing 'which' utility and incorrect 'java.home'
* [MESOS-4192] - Add documentation for API Versioning
* [MESOS-4193] - Port `process/file.hpp`
* [MESOS-4202] - Race in SSL socket shutdown
* [MESOS-4218] - Test for Quota Status Endpoint
* [MESOS-4266] - S3 URIs prefixed with / by fetcher
* [MESOS-4274] - libprocess build fail with libhttp-parser >= 2.0
* [MESOS-4275] - Duration uses fixed-width types inconsistently
* [MESOS-4281] - Correctly handle disk quota usage when volumes are bind mounted into the container.
* [MESOS-4283] - Accept 3-field version of HDFS du output
* [MESOS-4290] - Reject tasks with images with filesystem/posix isolator
* [MESOS-4293] - Updated master help message for acls.
* [MESOS-4294] - Protobuf parse should support parsing JSON object containing JSON Null.
* [MESOS-4310] - Disable support for --switch-user on Windows.
* [MESOS-4311] - Protobuf parse should pass error messages when parsing nested JSON.
* [MESOS-4328] - Docker container REST API /monitor/statistics.json output have no timestamp field
* [MESOS-4347] - GMock warning in ReservationTest.ACLMultipleOperations
* [MESOS-4348] - GMock warning in HookTest.VerifySlaveRunTaskHook, HookTest.VerifySlaveTaskStatusDecorator
* [MESOS-4349] - GMock warning in SlaveTest.ContainerUpdatedBeforeTaskReachesExecutor
* [MESOS-4357] - GMock warning in RoleTest.ImplicitRoleStaticReservation
* [MESOS-4375] - Allow schemes in HDFS URI fetcher plugin to be configurable.
* [MESOS-4409] - MasterTest.MaxCompletedFrameworksFlag is flaky
* [MESOS-4411] - Traverse all roles for quota allocation.
* [MESOS-4417] - Prevent allocator from crashing on successful recovery.
* [MESOS-4425] - Introduce filtering test abstractions for HTTP events to libprocess
* [MESOS-4449] - SegFault on agent during executor startup
* [MESOS-4507] - Replace busybox image with alpine in Docker tests
* [MESOS-4515] - ContainerLoggerTest.LOGROTATE_RotateInSandbox breaks when running on Centos6.
* [MESOS-4530] - NetClsIsolatorTest.ROOT_CGROUPS_NetClsIsolate is flaky
* [MESOS-4533] - DiskUsageCollectorTest.ExcludeRelativePath fails on Linux
* [MESOS-4534] - Resources object can be mutated through the public API
* [MESOS-4535] - Logrotate ContainerLogger may not handle FD ownership correctly
* [MESOS-4539] - Exclude paths in Posix disk isolator should be absolute paths.
** Documentation
* [MESOS-3581] - License headers show up all over doxygen documentation.
* [MESOS-3936] - Document possible task state transitions for framework authors
* [MESOS-3996] - libprocess: document when, why defer() is necessary
* [MESOS-4204] - Document that frameworks that participate in a role should cooperate
* [MESOS-4206] - Write new logging-related documentation
* [MESOS-4207] - Add an example bug due to a lack of defer() to the defer() documentation
* [MESOS-4209] - Document "how to program with dynamic reservations and persistent volumes"
* [MESOS-4314] - Publish Quota Documentation
* [MESOS-4396] - Adding Tachyon to the list of frameworks
** Improvement
* [MESOS-313] - Report executor terminations to framework schedulers.
* [MESOS-920] - Set GLOG_drop_log_memory=false in environment prior to logging initialization.
* [MESOS-2275] - Document header include rules in style guide
* [MESOS-2353] - Improve performance of the state.json endpoint for large clusters.
* [MESOS-3074] - Add capacity heuristic for quota requests in Master
* [MESOS-3232] - Implement HTTP Basic Authentication for Mesos endpoints
* [MESOS-3493] - benchmark for declining offers
* [MESOS-3720] - Tests for Quota support in master
* [MESOS-3827] - Improve compilation speed of GMock tests
* [MESOS-3960] - Standardize quota endpoints
* [MESOS-3979] - Replace `QuotaInfo` with `Quota` in allocator interface
* [MESOS-4020] - Introduce filter for non-revocable resources in `Resources`
* [MESOS-4021] - Remove quota from Registry for quota remove request
* [MESOS-4056] - Respond with `MethodNotAllowed` if a request uses an unsupported method.
* [MESOS-4058] - Do not use `Resource.role` for resources in quota request.
* [MESOS-4085] - Implement implicit roles
* [MESOS-4103] - Show disk usage and allocation in WebUI
* [MESOS-4128] - Refactor sorter factories in allocator and improve comments around them.
* [MESOS-4136] - Add a ContainerLogger module that restrains log sizes
* [MESOS-4183] - Move operator<< definitions to .cpp files and include <iosfwd> in .hpp where possible.
* [MESOS-4195] - Add dynamic reservation tests with no principal
* [MESOS-4231] - Add a new category to cpplint to detect missing white-space in comments
* [MESOS-4241] - Consolidate docker store slave flags
* [MESOS-4262] - Enable net_cls subsytem in cgroup infrastructure
* [MESOS-4277] - Provide constexpr Duration::min() and max()
* [MESOS-4302] - Offer filter timeouts are ignored if the allocator is slow or backlogged.
* [MESOS-4337] - Implement a simple Windows version of dirent.hpp, for compatibility.
* [MESOS-4351] - Remove logic around checkpointing in the slave
* [MESOS-4410] - Introduce protobuf for quota set request.
* [MESOS-4505] - Hierarchical allocator performance is slow due to Quota
* [MESOS-4578] - docker run -c is deprecated
** Task
* [MESOS-2079] - IO.Write test is flaky on OS X 10.10.
* [MESOS-2210] - Disallow special characters in role.
* [MESOS-2296] - Implement the Events stream on slave for Call endpoint
* [MESOS-2315] - Deprecate / Remove CommandInfo::ContainerInfo
* [MESOS-2455] - Add operator endpoints to create/destroy persistent volumes.
* [MESOS-3515] - Support Subscribe Call for HTTP based Executors
* [MESOS-3550] - Create a Executor Library based on the new Executor HTTP API
* [MESOS-3615] - Port slave/state.cpp
* [MESOS-3627] - Port process/pid.hpp to Windows
* [MESOS-3628] - Port process/address.hpp to Windows
* [MESOS-3629] - Port stout/ip.hpp to Windows
* [MESOS-3630] - Port stout/net.hpp to Windows
* [MESOS-3631] - Implement stout/windows/net.hpp
* [MESOS-3633] - Port stout/path.hpp to Windows
* [MESOS-3640] - Implement stout/os/windows/ls.hpp
* [MESOS-3645] - Implement stout/os/windows/stat.hpp
* [MESOS-3658] - Port stout/protobuf.hpp to Windows
* [MESOS-3659] - Port slave/paths.hpp to Windows
* [MESOS-3660] - Port slave/state.hpp to Windows
* [MESOS-3693] - Port stout/os/open.hpp to Windows
* [MESOS-3861] - Authenticate quota requests
* [MESOS-3862] - Authorize set quota requests.
* [MESOS-3864] - Simplify and/or document the libprocess initialization synchronization logic
* [MESOS-3882] - Libprocess: Implement process::Clock::finalize
* [MESOS-3911] - Add a `--force` flag to disable sanity check in quota
* [MESOS-3912] - Rescind offers in order to satisfy quota
* [MESOS-3925] - Add HDFS based URI fetcher plugin.
* [MESOS-3951] - Make HDFS tool wrappers asynchronous.
* [MESOS-3981] - Implement recovery in the Hierarchical allocator
* [MESOS-3983] - Tests for quota request validation
* [MESOS-3984] - Tests for quota support in `allocate()` function.
* [MESOS-3985] - Tests for rescinding offers for quota
* [MESOS-4013] - Introduce status endpoint for quota
* [MESOS-4014] - Introduce remove endpoint for quota
* [MESOS-4064] - Add ContainerInfo to internal Task protobuf.
* [MESOS-4081] - Authorize quota removal
* [MESOS-4087] - Introduce a module for logging executor/task output
* [MESOS-4088] - Modularize existing plain-file logging for executor/task logs launched with the Mesos Containerizer
* [MESOS-4116] - Add tests for quotas + empty roles (no registered frameworks)
* [MESOS-4137] - Modularize plain-file logging for executor/task logs launched with the Docker Containerizer
* [MESOS-4150] - Implement container logger module metadata recovery
* [MESOS-4220] - Introduce result_of with C++14 semantics to stout.
* [MESOS-4221] - Invoke _Deferred's implicit conversion operator explicitly.
* [MESOS-4228] - Use std::is_bind_expression to reroute the result of std::bind.
* [MESOS-4236] - Create a design document for jsonify
* [MESOS-4237] - Introduce `jsonify` to stout.
* [MESOS-4238] - Update `Master::Http::state` to use the `jsonify` facility.
* [MESOS-4239] - Update relevant libprocess components to support the `jsonify` facility.
* [MESOS-4240] - Pull provisioner from linux filesystem isolator to Mesos containerizer.
* [MESOS-4378] - Add Source to Resource.DiskInfo.
* [MESOS-4380] - Adjust Resource arithmetics for DiskInfo.Source.
* [MESOS-4400] - Create persistent volume directories based on DiskInfo.Source.
* [MESOS-4402] - Update filesystem isolators to look for persistent volume directories from the correct location.
* [MESOS-4403] - Check paths in DiskInfo.Source.Path exist during slave initialization.
* [MESOS-4415] - Implement stout/os/windows/rmdir.hpp
* [MESOS-4506] - Posix disk isolator should ignore disk quota enforcement for MOUNT type disk resources.
* [MESOS-4526] - Include the allocated portion of reserved resources in the role sorter for DRF.
* [MESOS-4527] - Include allocated portion of the reserved resources in the quota role sorter for DRF.
* [MESOS-4528] - Account for reserved resources in the quota guarantee check.
* [MESOS-4529] - Update the allocator to not offer unreserved resources beyond quota.
** Wish
* [MESOS-3962] - Add labels to the message Port
Release Notes - Mesos - Version 0.26.2
--------------------------------------
* This is a bug fix release.
All Issues:
** Bug
* [MESOS-4705] - Linux 'perf' parsing logic may fail when OS distribution has perf backports.
* [MESOS-5449] - Memory leak in SchedulerProcess.declineOffer.
Release Notes - Mesos - Version 0.26.1
--------------------------------------------
* This is a bug fix release.
** Bug
* [MESOS-1187] - precision errors with allocation calculations.
* [MESOS-3307] - Configurable size of completed task / framework history.
* [MESOS-3397] - sorter.cpp: Check failed: total.resources.contains(slaveId).
* [MESOS-3605] - hdfs.du() fails on os x due to lack of native-hadoop library.
* [MESOS-3719] - Core dump on /teardown.
* [MESOS-3773] - RegistryClientTest.SimpleGetBlob is flaky.
* [MESOS-3834] - slave upgrade framework checkpoint incompatibility.
* [MESOS-4031] - slave crashed in cgroupstatistics().
* [MESOS-4069] - libevent_ssl_socket assertion fails.
* [MESOS-4071] - Master crash during framework teardown (Check failed: total.resources.contains(slaveId)).
* [MESOS-4283] - Accept 3-field version of HDFS du output.
* [MESOS-4311] - Protobuf parse should pass error messages when parsing nested JSON.
* [MESOS-4409] - MasterTest.MaxCompletedFrameworksFlag is flaky.
* [MESOS-4449] - SegFault on agent during executor startup.
* [MESOS-4518] - MasterTest.MaxCompletedTasksPerFrameworkFlag is flaky.
* [MESOS-4582] - state.json serving duplicate "active" fields.
* [MESOS-4637] - Docker process executor can die with agent unit on systemd.
* [MESOS-4639] - Posix process executor can die with agent unit on systemd.
* [MESOS-4711] - Race condition in libevent poll implementation causes crash.
* [MESOS-4754] - The "executors" field is exposed under a backwards incompatible schema.
* [MESOS-4979] - os::rmdir does not handle special files (e.g., device, socket).
* [MESOS-5021] - Memory leak in subprocess when 'environment' argument is provided.
** Improvement
* [MESOS-920] - Set GLOG_drop_log_memory=false in environment prior to logging initialization.
* [MESOS-2353] - Improve performance of the state.json endpoint for large clusters.
* [MESOS-4302] - Offer filter timeouts are ignored if the allocator is slow or backlogged.
* [MESOS-4566] - Avoid unnecessary temporary `std::string` constructions and copies in `jsonify`.
* [MESOS-4636] - Add parent hook to subprocess.
* [MESOS-4687] - Implement reliable floating point for scalar resources.
** Task
* [MESOS-4237] - Introduce `jsonify` to stout.
* [MESOS-4238] - Update `Master::Http::state` to use the `jsonify` facility.
* [MESOS-4239] - Update relevant libprocess components to support the `jsonify` facility.
* [MESOS-4435] - Update `Master::Http::stateSummary` to use `jsonify`.
Release Notes - Mesos - Version 0.26.0
--------------------------------------
API Changes:
* [MESOS-3560] - Fix JSON-based credential files by changing protobuf
`Credential` field `secret` from bytes to string.
* [MESOS-3824] - Add /frameworks endpoint to master.
All Issues:
** Bug
* [MESOS-1867] - Precision errors in UI.
* [MESOS-2864] - Master should not change the state of a terminal task if it receives another terminal update.
* [MESOS-3030] - Build failure on OS 10.11 using Xcode 7.
* [MESOS-3280] - Master fails to access replicated log after network partition.
* [MESOS-3293] - Failing ROOT_ tests on CentOS 7.1 - LimitedCpuIsolatorTest.
* [MESOS-3326] - Make use of C++11 atomics.
* [MESOS-3329] - Unused hashmap::existsValue functions have incomplete code paths.
* [MESOS-3411] - ReservationEndpointsTest.AvailableResources appears to be faulty.
* [MESOS-3428] - Support running filesystem isolation with Command Executor in MesosContainerizer.
* [MESOS-3470] - UserCgroupIsolatorTest failed on CentOS 6.6.
* [MESOS-3501] - Configure cannot find libevent headers in CentOS 6.
* [MESOS-3506] - Build instructions for CentOS 6.6 should include `sudo yum update`.
* [MESOS-3517] - Building mesos from source fails when OS language is not English.
* [MESOS-3519] - Fix file descriptor leakage / double close in the code base.
* [MESOS-3522] - MesosScheduler declineOffer results in an acceptOffer.
* [MESOS-3552] - CHECK failure due to floating point precision on reservation request.
* [MESOS-3553] - LIBPROCESS_IP not passed when executor's environment is specified.
* [MESOS-3560] - JSON-based credential files do not work correctly.
* [MESOS-3563] - Revocable task CPU shows as zero in /state.json.