[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-11-16 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16255850#comment-16255850 ] Eric Yang commented on YARN-5534: - [~shaneku...@gmail.com][~ebadger] . Thanks for the input. I open a

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-11-16 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16255681#comment-16255681 ] Shane Kumpf commented on YARN-5534: --- {code} We can check the origin of the docker image, if it comes from

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-11-16 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16255612#comment-16255612 ] Eric Badger commented on YARN-5534: --- Arbitrary docker images will need to be handled separately than what

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-11-16 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16255583#comment-16255583 ] Eric Yang commented on YARN-5534: - [~ebadger] [~shaneku...@gmail.com] In YARN-7430, there was mentioned how

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-10-25 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16219238#comment-16219238 ] Eric Yang commented on YARN-5534: - [~shaneku...@gmail.com] It doesn't look like YARN-6623 contain all

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-10-17 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16208475#comment-16208475 ] Eric Badger commented on YARN-5534: --- [~eyang], ah yes good point. I'll try and take a look at those unit

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-10-17 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16208161#comment-16208161 ] Eric Yang commented on YARN-5534: - [~ebadger] YARN-6623 is committed, but there seems to have some issues

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-10-17 Thread Hadoop QA (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16208102#comment-16208102 ] Hadoop QA commented on YARN-5534: - | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem ||

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-10-17 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16208099#comment-16208099 ] Eric Badger commented on YARN-5534: --- I think that we can close this as it's been completely superceded by

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-25 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16179209#comment-16179209 ] Eric Yang commented on YARN-5534: - [~miklos.szeg...@cloudera.com] White list should be visible to all users

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-19 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16172102#comment-16172102 ] Miklos Szegedi commented on YARN-5534: -- Thank you, [~eyang] for sharing your thoughts. Sorry, I am

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-18 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16170803#comment-16170803 ] Eric Yang commented on YARN-5534: - [~miklos.szeg...@cloudera.com] I think core-site.xml make most sense to

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-18 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16170610#comment-16170610 ] Miklos Szegedi commented on YARN-5534: -- Thank you, [~eyang] for the comment. Can you please clarify

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-16 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16169188#comment-16169188 ] Eric Yang commented on YARN-5534: - [~miklos.szeg...@cloudera.com] It's a cute perspective, but there might

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-15 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16168728#comment-16168728 ] Miklos Szegedi commented on YARN-5534: -- [~eyang] I would approach this from the user point of new.

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-09-15 Thread Eric Yang (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16168584#comment-16168584 ] Eric Yang commented on YARN-5534: - Yarn-site.xml and core-site.xml are trusted configuration from Hdoop

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-09 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16119965#comment-16119965 ] Eric Badger commented on YARN-5534: --- bq. For example(just made up), an admin may want to mount

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-09 Thread Varun Vasudev (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16119924#comment-16119924 ] Varun Vasudev commented on YARN-5534: - It's going to end up being a combination. Some settings have to

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-08 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16118526#comment-16118526 ] Eric Badger commented on YARN-5534: --- I emailed [~miklos.szeg...@cloudera.com] about this offline, but I'd

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-03 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16113231#comment-16113231 ] Miklos Szegedi commented on YARN-5534: -- [~ebadger], only the ones that need root access. > Allow

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-03 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16113207#comment-16113207 ] Eric Badger commented on YARN-5534: --- So is the assumption here that yarn-site.xml is untrusted and can be

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-03 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16113114#comment-16113114 ] Miklos Szegedi commented on YARN-5534: -- Thank you, [~shaneku...@gmail.com] and [~vinodkv] for the

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-03 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16112970#comment-16112970 ] Shane Kumpf commented on YARN-5534: --- >From a usability stand point, I have to agree with

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Vinod Kumar Vavilapalli (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16112046#comment-16112046 ] Vinod Kumar Vavilapalli commented on YARN-5534: --- bq. In general I think this is redundant.

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16111750#comment-16111750 ] Miklos Szegedi commented on YARN-5534: -- bq. The config should be there in both the places -

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Vinod Kumar Vavilapalli (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16111602#comment-16111602 ] Vinod Kumar Vavilapalli commented on YARN-5534: --- It does look like YARN-6033 is very close.

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Vinod Kumar Vavilapalli (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16111552#comment-16111552 ] Vinod Kumar Vavilapalli commented on YARN-5534: --- bq. Quick question, should not

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16111465#comment-16111465 ] Miklos Szegedi commented on YARN-5534: -- [~shaneku...@gmail.com], container-executor.cfg is only

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Varun Vasudev (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16110834#comment-16110834 ] Varun Vasudev commented on YARN-5534: - bq. Thank you for the patch Shane Kumpf. Quick question, should

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-02 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16110829#comment-16110829 ] Shane Kumpf commented on YARN-5534: --- {quote} should not white-list-volume-mounts be a setting in

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-08-01 Thread Miklos Szegedi (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16109862#comment-16109862 ] Miklos Szegedi commented on YARN-5534: -- Thank you for the patch [~shaneku...@gmail.com]. Quick

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-31 Thread Hadoop QA (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16108037#comment-16108037 ] Hadoop QA commented on YARN-5534: - | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem ||

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-19 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16093145#comment-16093145 ] Eric Badger commented on YARN-5534: --- bq. IMO, I think that feature might be better suited as a separate

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-19 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16093026#comment-16093026 ] Shane Kumpf commented on YARN-5534: --- Thanks [~ebadger] and [~templedf] for the feedback. {quote}I was

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-18 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16091952#comment-16091952 ] Eric Badger commented on YARN-5534: --- bq. Can you help me understand the use case here? While there are

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-18 Thread Daniel Templeton (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16091851#comment-16091851 ] Daniel Templeton commented on YARN-5534: I agree with the opt-in model guarded by the admin-defined

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-18 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16091824#comment-16091824 ] Shane Kumpf commented on YARN-5534: --- {quote} So you're proposing having a whitelist of volumes that can

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-18 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16091749#comment-16091749 ] Eric Badger commented on YARN-5534: --- bq. The admin will define a comma separated list of : (ro or rw)

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-17 Thread Daniel Templeton (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16089762#comment-16089762 ] Daniel Templeton commented on YARN-5534: I don't see any need to restrict the mount point in the

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-17 Thread Hadoop QA (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16089755#comment-16089755 ] Hadoop QA commented on YARN-5534: - | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem ||

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-17 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16089694#comment-16089694 ] Shane Kumpf commented on YARN-5534: --- [~ebadger] - sorry for the delay here. I'm actively working on this.

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-07-06 Thread Eric Badger (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16076690#comment-16076690 ] Eric Badger commented on YARN-5534: --- Any update on this? > Allow whitelisted volume mounts >

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-06-29 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16068231#comment-16068231 ] Shane Kumpf commented on YARN-5534: --- Thanks, [~luhuichun]! > Allow whitelisted volume mounts >

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-06-29 Thread luhuichun (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16068018#comment-16068018 ] luhuichun commented on YARN-5534: - [~shaneku...@gmail.com] ok it's ok for me > Allow whitelisted volume

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2017-04-28 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15989104#comment-15989104 ] Shane Kumpf commented on YARN-5534: --- [~luhuichun] [~tangzhankun] - We're close on this one. Would you

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-11-21 Thread Shane Kumpf (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15684542#comment-15684542 ] Shane Kumpf commented on YARN-5534: --- Thanks for the patch [~luhuichun]! I agree with [~templedf].

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-11-21 Thread Daniel Templeton (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15684333#comment-15684333 ] Daniel Templeton commented on YARN-5534: {{validateMount()}} already rejects anything that isn't a

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-11-20 Thread luhuichun (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15681517#comment-15681517 ] luhuichun commented on YARN-5534: - yes, Daniel. YARN-4595 and YARN-5298 only mounts localized directories.

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-11-20 Thread Daniel Templeton (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15681421#comment-15681421 ] Daniel Templeton commented on YARN-5534: Thanks for posting the patch, [~luhuichun]. Sorry for

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-11-08 Thread Varun Vasudev (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15647920#comment-15647920 ] Varun Vasudev commented on YARN-5534: - [~luhuichun] - can you please address the issues in the Jenkins

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-11-08 Thread Hadoop QA (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15646911#comment-15646911 ] Hadoop QA commented on YARN-5534: - | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem ||

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-09-06 Thread luhuichun (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15466568#comment-15466568 ] luhuichun commented on YARN-5534: - [~sidharta-s][~vvasudev] > Allow whitelisted volume mounts >

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

2016-08-18 Thread Daniel Templeton (JIRA)
[ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15426566#comment-15426566 ] Daniel Templeton commented on YARN-5534: A good use case for this is mounting in the Hadoop