hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abin Shahab (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-3611) Support Docker Containers In LinuxContainerExecutor
Date Wed, 13 May 2015 17:02:00 GMT

    [ https://issues.apache.org/jira/browse/YARN-3611?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14542235#comment-14542235
] 

Abin Shahab commented on YARN-3611:
-----------------------------------

I agree with [~vinodkv]. Both Jiras have the same objective, and I am fine with either.
I like the proposal in this Jira, because it makes Docker a first class citizen of Hadoop.
However, I'm fine with keeping it in DefaultContainerExecutor also if merging this into LCE
slows the whole process down. 
Also, network and disk resource management is new in LCE, so we should not make those a blocker
for Docker integration.
My main concern across all Docker issues is that are we making incremental progress. We have
alpha, and we should make incremental progress towards beta.


> Support Docker Containers In LinuxContainerExecutor
> ---------------------------------------------------
>
>                 Key: YARN-3611
>                 URL: https://issues.apache.org/jira/browse/YARN-3611
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: yarn
>            Reporter: Sidharta Seethana
>            Assignee: Sidharta Seethana
>
> Support Docker Containers In LinuxContainerExecutor
> LinuxContainerExecutor provides useful functionality today with respect to localization,
cgroups based resource management and isolation for CPU, network, disk etc. as well as security
with a well-defined mechanism to execute privileged operations using the container-executor
utility.  Bringing docker support to LinuxContainerExecutor lets us use all of this functionality
when running docker containers under YARN, while not requiring users and admins to configure
and use a different ContainerExecutor. 
> There are several aspects here that need to be worked through :
> * Mechanism(s) to let clients request docker-specific functionality - we could initially
implement this via environment variables without impacting the client API.
> * Security - both docker daemon as well as application
> * Docker image localization
> * Running a docker container via container-executor as a specified user
> * “Isolate” the docker container in terms of CPU/network/disk/etc
> * Communicating with and/or signaling the running container (ensure correct pid handling)
> * Figure out workarounds for certain performance-sensitive scenarios like HDFS short-circuit
reads 
> * All of these need to be achieved without changing the current behavior of LinuxContainerExecutor



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message