[
https://issues.apache.org/jira/browse/YARN-7729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Billie Rinaldi updated YARN-7729:
---------------------------------
Attachment: YARN-7729.001.patch
Attaching first draft. This patch adds a yarn-site.xml property
yarn.nodemanager.runtime.linux.docker.host-pid-namespace.allowed (valued true
or false), an environment variable
YARN_CONTAINER_RUNTIME_DOCKER_CONTAINER_PID_NAMESPACE for the docker runtime
(value would be "host" to request the host pid namespace), and a docker
container-executor.cfg property docker.pid-host.enabled (valued 0 or 1).
> Add support for setting the PID namespace mode
> ----------------------------------------------
>
> Key: YARN-7729
> URL: https://issues.apache.org/jira/browse/YARN-7729
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: nodemanager
> Reporter: Shane Kumpf
> Assignee: Billie Rinaldi
> Attachments: YARN-7729.001.patch
>
>
> Docker has support for allowing containers to share the PID namespace with
> the host or other containers via the {{docker run --pid}} flag.
> There are a number of use cases where this is desirable:
> * Monitoring tools running in containers that need access to the host level
> PIDs.
> * Debug containers that can attach to another container to run strace, gdb,
> etc.
> * Testing Docker on YARN in a container, where the docker socket is bind
> mounted.
> Enabling this feature should be considered privileged as it exposes host
> details inside the container.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
