[
https://issues.apache.org/jira/browse/YARN-7654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16420623#comment-16420623
]
Jason Lowe commented on YARN-7654:
----------------------------------
{quote}The cmd file section based approach is the best option in my opinion to
ensure we don't have to look through multiple files to puzzle together the
launch command.
{quote}
I strongly disagree here. It is much more dangerous try to place the untrusted
environment variable settings on the docker command-line directly rather than
in a separate file that can only be interpreted as env settings by docker. The
envfile approach drastically simplifies this implementation, makes it much more
secure, and reduces the need to significantly lengthen an already potentially
very long docker run command line.
{quote}After fork, parent and child have different address space because they
are separate processes.
{quote}
Ah yes, sorry my bad. I was thinking of thread semantics for a bit there but
yes, the child is a completely separate process at that point.
{quote}The sample code is GPL license right? Can this be a problem for us to
use this?
{quote}
Maybe. So ignore the code in the vnsprintf manpage, but the point of the
comment is still valid – it would be very helpful to have something like an
alloc_sprintf that automatically allocates a buffer rather than having coders
guesstimate and hand calculate how big it needs to be. We've gotten this wrong
so many times already. The idea is essentially to have a varargs function that
calls vsnprintf twice, something like this (I wrote this off the top of my
head, may not compile. It's just an example to show the general idea):
{code:java}
char* alloc_sprintf(const char* fmt, ...) {
va_list vargs;
va_start(vargs);
size_t buflen = vsnprintf(NULL, 0, fmt, vargs) + 1;
va_end(vargs);
char* buf = malloc(buflen);
if (buf != NULL) {
va_start(vargs);
vsnprintf(buf, buflen, fmt, vargs);
va_end(vargs);
}
return buf;
}
{code}
> Support ENTRY_POINT for docker container
> ----------------------------------------
>
> Key: YARN-7654
> URL: https://issues.apache.org/jira/browse/YARN-7654
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: yarn
> Affects Versions: 3.1.0
> Reporter: Eric Yang
> Assignee: Eric Yang
> Priority: Blocker
> Attachments: YARN-7654.001.patch, YARN-7654.002.patch,
> YARN-7654.003.patch, YARN-7654.004.patch, YARN-7654.005.patch,
> YARN-7654.006.patch, YARN-7654.007.patch
>
>
> Docker image may have ENTRY_POINT predefined, but this is not supported in
> the current implementation. It would be nice if we can detect existence of
> {{launch_command}} and base on this variable launch docker container in
> different ways:
> h3. Launch command exists
> {code}
> docker run [image]:[version]
> docker exec [container_id] [launch_command]
> {code}
> h3. Use ENTRY_POINT
> {code}
> docker run [image]:[version]
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
