profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/kamaradclimber/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

chef-boneyard/chef-vault 63

chef-vault cookbook

criteo/marathon_exporter 33

A Prometheus metrics exporter for the Marathon Mesos framework

criteo/consul-bench 14

A tool to bench Consul Clusters

criteo/defcon 10

DefCon - Status page and API for production status

acornies/dotnetcore-cookbook 8

Chef cookbook for managing .NET Core (http://dotnet.github.io/) installation and applications on all supported platforms.

chef/chef-vault-testfixtures 6

provides an RSpec shared context for testing Chef cookbooks that use chef-vault

criteo/http-proxy-exporter 4

Expose proxy performance statistics in a Prometheus-friendly way.

brugidou/chef-repo 1

My workstation chef-solo repository

push eventcriteo-forks/marathon

djdhm

commit sha f54f7bc1ec327106e38647e2e443eae9def1f135

Added request resources directive (#55) Change-Id: Id148e3fcc689a922e993a8f9f9edbb780b08ca7d Co-authored-by: Djamel Dahmane <d.dahmane@criteo.com>

view details

push time in 2 hours

PR merged criteo-forks/marathon

Reviewers
Added Request Resources directive

Added a role directive "Request Resources" to update minimum resources requested by each role. the new directive is translated into a Request Resources Call sent to Mesos. This directive is triggered every time a change occurs on the instances to deploy list, and take in consideration only the scheduled instances by filtering on the backed off instances.

+145 -59

0 comment

5 changed files

djdhm

pr closed time in 2 hours

push eventkamaradclimber/Dotfiles

Grégoire Seux

commit sha 316f10f0dd8aeac1bfcf014283e3ecb5b96038f2

Commit all local changes I am too lazy to enumerate changes Change-Id: I5650c35915ccd217ae1242894664d1efe3e4609e

view details

push time in 11 hours

push eventkamaradclimber/Dotfiles

Grégoire Seux

commit sha 1fe09b7bb2a58622b6eb39eee959d029d9ab3545

Add brightness bar in awesome Change-Id: I9102b739637e601d35cff8843ab0e3bd2d8ee230

view details

push time in 11 hours

PullRequestReviewEvent

Pull request review commentcriteo-forks/marathon

Added Request Resources directive

 class ReviveOffersActor(         Resource.newBuilder.setName("disk")           .setType(SCALAR)           .setScalar(Scalar.newBuilder().setValue(resources.disk)))-+      .addResources(+        Resource.newBuilder.setName("gpus")+          .setType(SCALAR)+          .setScalar(Scalar.newBuilder().setValue(resources.gpus)))

shouldn't we add network bandwidth?

djdhm

comment created time in a day

PullRequestReviewEvent

push eventcriteo-forks/mesos

Grégoire Seux

commit sha cb8a7804ffee4589fcfc1cad3d53cdc59ad7756a

Revert "Restrict mount point permission for /dev/shm" The mount syscall does not take a use name but only ids. This reverts commit 06a2e4f8e066c65ce527e628c505c05e30534b82.

view details

push time in 2 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 6c3357e0ff7abedaebd2a52cc72bba6e7bb93a02

Restrict mount point permission for /dev/shm (#64) /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 3 days

delete branch criteo-forks/mesos

delete branch : shmPerm

delete time in 3 days

PR merged criteo-forks/mesos

Restrict mount point permission for /dev/shm ready-to-submit

/dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private.

Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

+13 -6

0 comment

1 changed file

kamaradclimber

pr closed time in 3 days

PR closed criteo-forks/mesos

Empty commit to check CI

Change-Id: I0f44f121ba5bf0c9a2518eb721831f1fcf92d3a4

+0 -0

0 comment

0 changed file

kamaradclimber

pr closed time in 3 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 06a2e4f8e066c65ce527e628c505c05e30534b82

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 6 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 8f30dc6b228401fe3562e4664e12db88a668ac91

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 6 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 85f7a7264c3a251784c74b525a6d438caf9619a9

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 6 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 56818a9d732c6a7ec2a9ca1fa952fc5ba1cca1cc

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 6 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha cb0d731919a18f396228bd4f2001f5c37dce9960

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 7 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 6b904ac07578490cdea073293cc2c7e7062ec4b0

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 7 days

push eventkamaradclimber/userscript-gerrit-linkifyer

Grégoire Seux

commit sha 4869bae3a3dba40a5b1650e342800fb4668e6c08

Colorize code Ok it's ugly but very easy to see Change-Id: I994811de09dfe79c9e7451742c5b59eb8a6c2cdb

view details

push time in 8 days

push eventkamaradclimber/userscript-gerrit-linkifyer

Grégoire Seux

commit sha a7e6cf06ccc9dc487fa0d0c6d7f876d44915a401

Add codify script Change-Id: I7619df256a1305a4dc2395867a99f028b9807f5b

view details

push time in 8 days

PR opened criteo-forks/mesos

Empty commit to check CI

Change-Id: I0f44f121ba5bf0c9a2518eb721831f1fcf92d3a4

+0 -0

0 comment

0 changed file

pr created time in 8 days

create barnchcriteo-forks/mesos

branch : demo

created branch time in 8 days

PR opened criteo-forks/mesos

Restrict mount point permission for /dev/shm

/dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private.

Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

+6 -6

0 comment

1 changed file

pr created time in 9 days

push eventcriteo-forks/mesos

Grégoire Seux

commit sha 96c246b93e9a2ec5042827a89abee207075d1427

Add connect-timeout when fetching container images (#46) The -y option used does not cover connection time. A future patch should probably add a global cap on download time.

view details

Grégoire Seux

commit sha 3590a2f4ab30007bd2e816d9f4e8f5aaa6ca7cc8

Cap execution of docker image fetch (#48)

view details

Achref Hawech

commit sha 7829b4d6f73658cc122c07c26d61060f1f0f2d67

Slave now automatically adds the criteo subnet to the container NetworkInfo if the CNI is enabled. (#47) Co-authored-by: Achref Hawech <a.hawech@criteo.com>

view details

Thomas Langé

commit sha 328c7ac868f672f9ecb445babab3d88d7a17d2e2

Bump to 1.9.0-criteo17

view details

Achref Hawech

commit sha 37f49eb7bbc14e5fa32c7ded98a113a794695568

Fixed a bug where the slave crashes when the subnet is injected without discovery info.(#51) This happens because the call to mutable_discovery() creates an object if none exists, the slave then crashes because said object does not have its mandatory visibility field initiated. Co-authored-by: Achref Hawech <a.hawech@criteo.com>

view details

Flavien Quesnel

commit sha 4fa956411d4043c7e846edf6cb9122846eba022c

Do not raise an error when a framework reregisters using a new user Currently, it is not possible to restart an existing framework using a new user without draining mesos agents hosting its tasks + triggering a mesos leader election. This is not acceptable in production. This commit transforms the validation error into a simple warning. This is not an issue on our infrastructure, since we always specify a user for tasks launched by frameworks. JIRA: MESOS-4868

view details

Flavien Quesnel

commit sha 5a6f2f49dfc0c945d0e4de9ba212e33bdab42ce7

Fix tests on FrameworkInfo update. JIRA: MESOS-4868

view details

djdhm

commit sha 9b048c316fd0ccb2783fe5ce3b1289e2a7aea849

Allocator Slaves Sorters Fix (#54)

view details

Thomas Langé

commit sha b65cad5e44b4c13296beaf6eeca60199d99ebf9f

Explicitely set python major version for tooling (#56) * Explicitely set python major version for tooling Otherwise rpm linter for centos8 does not like it JIRA: MESOS-4966

view details

Charles-Francois Natali

commit sha 45fe83063cd8edc8260fa9d888a394c68141310f

Let Mesos accept new capabilities to run on recent kernels Fixed agent crash when kernel supports unknown capabilities. When capabilities are enabled, the capabilities initialisation code would check that /proc/sys/kernel/cap_last_cap is less than MAX_CAPABILITY, i.e. that the kernel doesn't support any capability the code doesn't expect. However the error message attempted to format cap_last_cap value as a Capability enum, which would crash. Part of fix for #10203. Added CAP_PERFMON, CAP_BPF and CAP_CHECKPOINT_RESTORE support. Part of fix for #10203. Fixed compilation against Linux 5.9+ capability.h. They should be defined without the "CAP_" prefix to avoid clashing with the corresponding definitions in `linux/capability.h` - and be consistent with other capabilities. Release constraint on kernel in the CI

view details

djdhm

commit sha 11e61ff8676755d675be1499d562b83f5055b0bd

Sorting roles once per allocation cycle (#59) * Remove the slaves shuffle * Removed random shuffle of slaves list * Fixed Lexigocraphic Sorter compare function * Fixing the cpu first slaves sorter * Added tsl library to dependencies * changed slaves resources map to an ordered map * Removed unecessary logs * Making random sorter the default slave sorter * Added constructor of orderedmap from hashmap * Added sum function for ordered_map * Added orderedmap to tests * Fixed Tests * Run tests on Ubuntu-18.04 instead of Ubuntu:latest The failing tests are maybe related to the change of version in running container of the wrokflow * Sort roles one time in a cycle of allocation Change-Id: I16348eb8f54a040ad837100d6d70812c1cbae39b * Ignore Role sorter failing tests Change-Id: Ifcd6270c5a3fc475680cec5f188b163cd879c583 * Added Sort roles again flag Change-Id: Ic0fdb47244e1abed5c04a5bbf4740d9fe38073cd * set default value of sort roles again flag to false Change-Id: I32992223d64cf3edb8aedc346ef76fcdd153ca9c * Remove unnecessary include Co-authored-by: Djamel Dahmane <d.dahmane@criteo.com>

view details

djdhm

commit sha 8da1e282f36936bf44ec084a21be79497e9bf41e

Filter offers with minimal cpus requirement for each role (#60) * Added Offers filters with minimal cpus requirement Change-Id: Ida552013fdc8e095baf33759c627c16c2a490925 * Added Offers filters with minimal cpus requirement Change-Id: Ida552013fdc8e095baf33759c627c16c2a490925 * removed sort roles once and min offerable filter Change-Id: I6649b666e87d4c84e927fcc2b43dfde1982bd906 * Added miin offerable filter in slaves sorter Change-Id: If8895417739e772d0ec164c386895a13ad03a797 * Filter offers before offering or reserving Change-Id: If278002dbc66980cb37fd42559de303d388f69e2 * removed min offerable option and fixed style issues Change-Id: I911a0a9176cade4b03fa208b12f1caef5ed2804d * Fixed flaky allocator tests Change-Id: Iaf082934fbe5aedd6a624cfce5d623a25d60118d Co-authored-by: Djamel Dahmane <d.dahmane@criteo.com>

view details

djdhm

commit sha f1bf61ba765f27a222610b74d4b791ef9cebbde1

Add Resources Request Call Handler (#62) Co-authored-by: Djamel Dahmane <d.dahmane@criteo.com>

view details

Grégoire Seux

commit sha 39c6c8c132edbdce090a9600ee52ef417bab2cba

Safety check for unknown roles (#63) Upon startup, mesos-master could face a situation when a role has not reregistered yet. It should avoid we sometimes face on startup where mesos-master crashes once due to: > Aborting libprocess: 'hierarchical-allocator(1)@127.0.2.1:5050' threw exception: _Map_base::at Change-Id: I26d9c7a36f5953efc6a460890bde08337663cd9d

view details

Grégoire Seux

commit sha 399d915491468bb92ee6972c1f0f7d65904535ef

Restrict mount point permission for /dev/shm /dev/shm is a bindmount on /run/mesos/<containerid>/.. This directory is a tmpfs created with very wide permssions. Sadly it allows any container without a rootfs to view and read files in this directory. User expectations for /dev/shm can be to store private elements and they can forget to set special permissions. Like sandboxes were made private by default, this patch makes /dev/shm really private. Change-Id: I4db1ede989af1c0bb9a88ef04cf4802c9c3e2b49 JIRA: MESOS-5187

view details

push time in 9 days

create barnchcriteo-forks/mesos

branch : shmPerm

created branch time in 9 days

PR merged criteo-cookbooks/choregraphie

Reviewers
Ease debuggability of after primitive

It will more convenient to have marker files touched only when necessary.

Change-Id: Ife2f1ea21358679a2ad444f06acd250fe047b9c2

+3 -2

0 comment

2 changed files

kamaradclimber

pr closed time in 15 days

delete branch criteo-cookbooks/choregraphie

delete branch : after_debuggability

delete time in 15 days

push eventcriteo-cookbooks/choregraphie

Grégoire Seux

commit sha 78ff49c1aa2ec68e9cefbf16e276a14ff418af23

Ease debuggability of after primitive It will more convenient to have marker files touched only when necessary. Change-Id: Ife2f1ea21358679a2ad444f06acd250fe047b9c2

view details

Grégoire Seux

commit sha 37fef19c720d860568ebf609d64603763b618530

Merge pull request #58 from criteo-cookbooks/after_debuggability Ease debuggability of after primitive

view details

push time in 15 days

push eventkamaradclimber/userscript-gerrit-linkifyer

Grégoire Seux

commit sha 7fffa944f94fe0703b005321ac146f3a9fbb7d81

Improve support for auto-update case Change-Id: I9b89fa0069d2c08bb8f015b530d93afb1e93d648

view details

push time in 15 days

push eventkamaradclimber/userscript-gerrit-linkifyer

Grégoire Seux

commit sha 59a53c891d78adbba3ca30155474567c0cc1f81f

Add minimal metadata for openuserjs website

view details

push time in 15 days