Gilbert Song created MESOS-9908:
-----------------------------------
Summary: Introduce a new agent flag and support docker volume
chown to task user.
Key: MESOS-9908
URL: https://issues.apache.org/jira/browse/MESOS-9908
Project: Mesos
Issue Type: Improvement
Components: containerization
Reporter: Gilbert Song
Currently, docker volume is always mounted as root, which is not accessible by
non-root task users. For security concerns, there are use cases that operator
may only allow non-root users to run as container user and docker volume needs
to be supported for those non-root users.
A new agent flag is needed to make this support configurable, because chown-ing
a docker volume may be limited to some use case - e.g., multiple non-root users
on different hosts sharing the same docker volume simultaneously. Operators are
expected to turn on this flag if their cluster's docker volume is not shared by
multiple non-root users.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
