Benjamin Mahler commented on MESOS-5081:

There would most likely need to be a means to ensure that old frameworks that 
do not specify disk can still function, but this would need to be explicitly 
allowed by the operator.

> Posix disk isolator allows unrestricted sandbox disk usage if the 
> executor/task doesn't specify disk resource
> -------------------------------------------------------------------------------------------------------------
>                 Key: MESOS-5081
>                 URL: https://issues.apache.org/jira/browse/MESOS-5081
>             Project: Mesos
>          Issue Type: Bug
>          Components: containerization
>            Reporter: Yan Xu
>              Labels: mesosphere
> This is the case even if {{flags.enforce_container_disk_quota}} is true. When 
> a task/executor doesn't specify a disk resource, it still gets to write to 
> the container sandbox. However the posix disk isolator doesn't limit it.
> Even though tasks always have access to the sandbox, it should be able to 
> write zero bytes if it doesn't have any {{disk}} resource (it can still touch 
> files). This likely will cause tasks to immediately fail due to 
> stdout/stderr/executor download, etc. but should be the correct behavior 
> (when {{flags.enforce_container_disk_quota}} is true).

This message was sent by Atlassian JIRA

Reply via email to