[ https://issues.apache.org/jira/browse/MESOS-8356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jie Yu updated MESOS-8356: -------------------------- Target Version/s: 1.4.2, 1.5.1 > Persistent volume ownership is set to root despite of sandbox owner > (frameworkInfo.user) when docker executor is used > --------------------------------------------------------------------------------------------------------------------- > > Key: MESOS-8356 > URL: https://issues.apache.org/jira/browse/MESOS-8356 > Project: Mesos > Issue Type: Bug > Affects Versions: 1.4.1 > Environment: Centos 7, Mesos 1.4.1, Docker Engine 1.13 > Reporter: Konstantin Kalin > Assignee: Jie Yu > Labels: persistent-volumes > > PersistentVolume ownership is not set to match the sandbox user when the > docker executor is used. Looks like the issue was introduced by > https://reviews.apache.org/r/45963/ > I didn't check the universal containerizer yet. > As far as I understand the following code is supposed to check that a volume > is not being already used by other tasks/containers. > src/slave/containerizer/docker.cpp > {code:java} > foreachvalue (const Container* container, containers_) { > if (container->resources.contains(resource)) { > isVolumeInUse = true; > break; > } > } > {code} > But it doesn't exclude a container to be launch (In my case I have only one > container - no group of tasks). Thus the ownership of PersistentVolume stays > "root" (I run mesos-agent under root) and it's impossible to use the volume > inside the container. We always run processes inside Docker containers under > unprivileged user. > Making a small patch to exclude the container to launch fixes the issue. > {code:java} > foreachvalue (const Container* container, containers_) { > if (container->resources.contains(resource) && > containerId != container->id) { > isVolumeInUse = true; > break; > } > } > {code} -- This message was sent by Atlassian JIRA (v6.4.14#64029)