hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Templeton (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-5534) Allow whitelisted volume mounts
Date Thu, 18 Aug 2016 14:50:21 GMT

    [ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15426566#comment-15426566

Daniel Templeton commented on YARN-5534:

A good use case for this is mounting in the Hadoop directories so that they don't have to
be build into the container.  Another use case is mounting in the local tool chain.

> Allow whitelisted volume mounts 
> --------------------------------
>                 Key: YARN-5534
>                 URL: https://issues.apache.org/jira/browse/YARN-5534
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: yarn
>            Reporter: luhuichun
>            Assignee: luhuichun
> Mounting arbitrary volumes into a Docker container can be a security risk. One approach
to provide safe volume mounts is to allow the cluster administrator to configure a set of
parent directories in the yarn-site.xml from which volume mounts are allowed.  only these
directories and sub-directories are allowed to mount.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org

View raw message