> On June 24, 2015, 1:04 a.m., Adam B wrote: > > This seems like a positive step forward, since all volumes were previously > > owned by root (or whatever user the slave was run as). However, if a > > persistent volume is passed from one framework to another within the same > > role, they might have different users, so the second framework would still > > be unable to access it. Moreover, different tasks within the same framework > > might run as different users, so if two subsequent tasks try to mount the > > same persistent volume as different users, they won't both be able to > > access it. > > So, in addition to initially chowning the volume to the frameworkInfo.user, > > we should also consider chowning the volume to the commandInfo.user within > > `_runTask` so that the volume ownership is changed to the user running each > > task before the task begins executing, so that each task mounting the > > volume is guaranteed access to the volume. > > haosdent huang wrote: > Thank you very much for your review. If we change the persistent volume > in _runTask, does it cause the scenario like this: > > task_A use user_A, task_B use user_B. And then they running at the same > time. And the persistent volume could not belong to two different users at > the same time. So one of these two tasks would be failed. Is it acceptable?
Currently we don't allow two concurrent tasks to use the same persistent volume. I suppose this could change in the future, but for now we should be safe chowning the volume before each task takes ownership of the volume. In a future with shared persistent volumes, perhaps we could create a linux group for the role, make the volume rw for the group, and add each task user to the group. This is probably overkill for the moment. - Adam ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/35721/#review89138 ----------------------------------------------------------- On June 21, 2015, 6:56 p.m., haosdent huang wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/35721/ > ----------------------------------------------------------- > > (Updated June 21, 2015, 6:56 p.m.) > > > Review request for mesos, Adam B and Jie Yu. > > > Bugs: MESOS-2603 > https://issues.apache.org/jira/browse/MESOS-2603 > > > Repository: mesos > > > Description > ------- > > Set the owner of persistent volumes to frameworkInfo.user . > > > Diffs > ----- > > src/master/master.cpp 0135c155181546d3cb43e9e05bb874af846d928d > src/messages/messages.proto 1c8d79e3fca365520cdd67051f8730593955cab6 > src/slave/slave.hpp f1cf3b85ccb3eaf614fe844c830f7cc44f7916fe > src/slave/slave.cpp 40c0c33add392591af4767f76ce566196f24e6ee > > Diff: https://reviews.apache.org/r/35721/diff/ > > > Testing > ------- > > > Thanks, > > haosdent huang > >
