Yan Xu created MESOS-5081:
-----------------------------
Summary: Posix disk isolator allows unrestricted sandbox disk
usage if the executor/task doesn't specify disk resource
Key: MESOS-5081
URL: https://issues.apache.org/jira/browse/MESOS-5081
Project: Mesos
Issue Type: Bug
Components: containerization
Reporter: Yan Xu
This is the case even if {{flags.enforce_container_disk_quota}} is true. When a
task/executor doesn't specify a disk resource, it still gets to write to the
container sandbox. However the posix disk isolator doesn't limit it.
Even though tasks always have access to the sandbox, it should be able to write
zero bytes if it doesn't have any {{disk}} resource (it can still touch files).
This likely will cause tasks to immediately fail due to stdout/stderr/executor
download, etc. but should be the correct behavior (when
{{flags.enforce_container_disk_quota}} is true).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
