hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Badger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-7066) Add ability to specify volumes to mount for DockerContainerRuntime
Date Fri, 13 Oct 2017 22:41:00 GMT

    [ https://issues.apache.org/jira/browse/YARN-7066?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16204291#comment-16204291
] 

Eric Badger commented on YARN-7066:
-----------------------------------

Hi [~eyang]. I took a quick look at the patch and it looks like the user can supply any arbitrary
volume to be mounted into the directory. Am I missing something? That would be a pretty massive
security hole as the user would be able to get root access to anything on the node. Hopefully
I'm just misunderstanding something here

> Add ability to specify volumes to mount for DockerContainerRuntime
> ------------------------------------------------------------------
>
>                 Key: YARN-7066
>                 URL: https://issues.apache.org/jira/browse/YARN-7066
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: yarn-native-services
>    Affects Versions: 3.0.0-beta1
>            Reporter: Eric Yang
>         Attachments: YARN-7066.001.patch, YARN-7066.002.patch
>
>
> Yarnfile describes environment, docker image, and configuration template for launching
docker containers in YARN.  It would be nice to have ability to specify the volumes to mount.
 This can be used in combination to AMBARI-21748 to mount HDFS as data directories to docker
containers.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message