This is an automated email from the ASF dual-hosted git repository. gilbert pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mesos.git
commit ab748689a637db395da985cd2991659a56d197d4 Author: Gilbert Song <[email protected]> AuthorDate: Wed Aug 7 16:40:20 2019 -0700 Added a new agent flag --allow_chown_docker_volume. Review: https://reviews.apache.org/r/71247 --- docs/configuration/agent.md | 12 ++++++++++++ src/slave/flags.cpp | 8 ++++++++ src/slave/flags.hpp | 1 + 3 files changed, 21 insertions(+) diff --git a/docs/configuration/agent.md b/docs/configuration/agent.md index 325a37e..760d22b 100644 --- a/docs/configuration/agent.md +++ b/docs/configuration/agent.md @@ -795,6 +795,18 @@ volumes that each container uses. </td> </tr> +<tr id="docker_volume_chown"> + <td> + --[no-]docker_volume_chown + </td> + <td> +Whether to chown the docker volume's mount point non-recursively +to the container user. Please notice that this flag is not recommended +to turn on if there is any docker volume shared by multiple non-root +users. By default, this flag is off. (default: false) + </td> +</tr> + <tr id="enforce_container_disk_quota"> <td> --[no-]enforce_container_disk_quota diff --git a/src/slave/flags.cpp b/src/slave/flags.cpp index 08ec20b..50b09cf 100644 --- a/src/slave/flags.cpp +++ b/src/slave/flags.cpp @@ -224,6 +224,14 @@ mesos::internal::slave::Flags::Flags() "volumes that each container uses.", "/var/run/mesos/isolators/docker/volume"); + add(&Flags::docker_volume_chown, + "docker_volume_chown", + "Whether to chown the docker volume's mount point non-recursively\n" + "to the container user. Please notice that this flag is not recommended\n" + "to turn on if there is any docker volume shared by multiple non-root\n" + "users. By default, this flag is off.\n", + false); + add(&Flags::docker_ignore_runtime, "docker_ignore_runtime", "Ignore any runtime configuration specified in the Docker image. The\n" diff --git a/src/slave/flags.hpp b/src/slave/flags.hpp index 01834f4..3c5ffca 100644 --- a/src/slave/flags.hpp +++ b/src/slave/flags.hpp @@ -60,6 +60,7 @@ public: std::string docker_registry; std::string docker_store_dir; std::string docker_volume_checkpoint_dir; + bool docker_volume_chown; bool docker_ignore_runtime; std::string default_role;
