hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sidharta Seethana (JIRA)" <j...@apache.org>
Subject [jira] [Created] (YARN-4262) Allow admins to run privileged docker containers.
Date Wed, 14 Oct 2015 11:38:06 GMT
Sidharta Seethana created YARN-4262:
---------------------------------------

             Summary: Allow admins to run privileged docker containers. 
                 Key: YARN-4262
                 URL: https://issues.apache.org/jira/browse/YARN-4262
             Project: Hadoop YARN
          Issue Type: Sub-task
            Reporter: Sidharta Seethana
            Assignee: Sidharta Seethana


There are scenarios where privileged containers are necessary in order to run certain kinds
of applications (one example is trying to run postresql/oracle inside containers). However,
given the security implications, we should ensure that : 
1) privileged containers are disabled by default, even for admins 
2) if enabled, only admins should be allowed to launch such containers and 
3) Not all containers launched by admin users need to be privileged containers : admin users
need to explicitly request that a privileged container be launched.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message