Github user vanzin commented on a diff in the pull request:
https://github.com/apache/spark/pull/23017#discussion_r233545303
--- Diff:
resource-managers/kubernetes/docker/src/main/dockerfiles/spark/entrypoint.sh ---
@@ -30,6 +30,10 @@ set -e
# If there is no passwd entry for the container UID, attempt to create one
if [ -z "$uidentry" ] ; then
if [ -w /etc/passwd ] ; then
+ # TODO Should we allow providing an environment variable to set
the desired username?
--- End diff --
@rvesse I tried your patch with a modified entrypoint just to print the
UID. Here's what it prints:
```
AT START: 185
AT RUN POINT: 185, CMD:
```
The patch:
```
---
a/resource-managers/kubernetes/docker/src/main/dockerfiles/spark/entrypoint.sh
+++
b/resource-managers/kubernetes/docker/src/main/dockerfiles/spark/entrypoint.sh
@@ -19,6 +19,8 @@
# echo commands to the terminal output
set -ex
+echo "AT START: $(id -u)"
+
# Check whether there is a passwd entry for the container UID
myuid=$(id -u)
mygid=$(id -g)
@@ -91,6 +93,10 @@ if ! [ -z ${HADOOP_CONF_DIR+x} ]; then
SPARK_CLASSPATH="$HADOOP_CONF_DIR:$SPARK_CLASSPATH";
fi
+echo "AT RUN POINT: $(id -u), CMD: $SPARK_K8S_CMD"
+grep $(id -u) /etc/passwd
+exit 0
+
case "$SPARK_K8S_CMD" in
driver)
CMD=(
```
So I think two things from that experiment:
- what I said is right, that the entrypoint is being run as the defined UID
even if it's declared before the UID switch, and that code is a no-op if you
defined the UID.
- docker seems to create the UID for you if it doesn't exist. either that
or the image we're inheriting from already has that UID.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
