Eric Yang created YARN-8376:
-------------------------------
Summary: Separate white list for docker.trusted.registries and
docker.privileged-container.registries
Key: YARN-8376
URL: https://issues.apache.org/jira/browse/YARN-8376
Project: Hadoop YARN
Issue Type: Improvement
Reporter: Eric Yang
In the ideal world, it would be possible to have separate white lists for
docker registry depending on the security requirement for each type of docker
images:
1. Registries from which we can run non-privileged containers without mounts
2. Registries from which we can run non-privileged containers with mounts
3. Registries from which we can run privileged or non-privileged containers
with mounts
In the current implementation, there are only type 1 and type 2 or 3. It would
be nice to definite a separate white list to differentiate between 2 and 3.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
