Benjamin Mahler created MESOS-7651:
--------------------------------------
Summary: Consider a more explicit way to bind reservations /
volumes to a framework.
Key: MESOS-7651
URL: https://issues.apache.org/jira/browse/MESOS-7651
Project: Mesos
Issue Type: Improvement
Reporter: Benjamin Mahler
Currently, when a framework creates a reservation or a persistent volume, and
it wants exclusive access to this volume or reservation, it must take a few
steps:
* Ensure that no other frameworks are running within the reservation role (or
the other frameworks are co-operative).
* With hierarchical roles, frameworks must also ensure that the role is a leaf
so that no descendant roles will have access to the reservation/volume. This
could be done by generating a role (e.g. eng/kafka/<instance id>).
It's not easy for the framework to ensure these things, since role ACLs are
controlled by the operator.
We should consider a more direct way for a framework to ensure that their
reservation/volume cannot be shared. E.g. by binding it to their framework id
(perhaps re-using roles for this rather than introducing something new?)
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
