[
https://issues.apache.org/jira/browse/YARN-8342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16488222#comment-16488222
]
Eric Yang commented on YARN-8342:
---------------------------------
We have the following options:
1. Allow exemption to bind-mount launch-container.sh for untrusted yarn mode,
and not drop launch_command.
2. Change the name docker.privileged-containers.registries back to
docker.trusted.registries. Images outside of trusted.registries are disallowed.
3. Add a error message to indicate that untrusted yarn mode without launch
command is not supported.
Option 1 requires RHEL 7.5+ to be completely immune to security hole. Option 2
and 3 are safe but it would be hard for users to understand the problem was
generated from Hadoop implementation limitations.
I am in favor of implementing option 1. Thoughts?
> Using docker image from a non-privileged registry, the launch_command is not
> honored
> ------------------------------------------------------------------------------------
>
> Key: YARN-8342
> URL: https://issues.apache.org/jira/browse/YARN-8342
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Wangda Tan
> Priority: Critical
> Labels: Docker
>
> During test of the Docker feature, I found that if a container comes from
> non-privileged docker registry, the specified launch command will be ignored.
> Container will success without any log, which is very confusing to end users.
> And this behavior is inconsistent to containers from privileged docker
> registries.
> cc: [~eyang], [[email protected]], [~ebadger], [~jlowe]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
