[
https://issues.apache.org/jira/browse/YARN-8342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16491922#comment-16491922
]
Eric Yang commented on YARN-8342:
---------------------------------
[~ebadger] {quote}
2. Registries from which we can run non-privileged containers with mounts
3. Registries from which we can run privileged or non-privileged containers
with mounts
{quote}
Is there any reason to block sudo users from running images in non-privileged
containers with mounts?
3 is a superset of 2. The control valve for privileged container or
non-privileged container is through sudo check. Privileged and
non-privileged users can use 3 as 2 without making 2 and 3 as separate support
type.
> Using docker image from a non-privileged registry, the launch_command is not
> honored
> ------------------------------------------------------------------------------------
>
> Key: YARN-8342
> URL: https://issues.apache.org/jira/browse/YARN-8342
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Wangda Tan
> Assignee: Eric Yang
> Priority: Critical
> Labels: Docker
> Attachments: YARN-8342.001.patch
>
>
> During test of the Docker feature, I found that if a container comes from
> non-privileged docker registry, the specified launch command will be ignored.
> Container will success without any log, which is very confusing to end users.
> And this behavior is inconsistent to containers from privileged docker
> registries.
> cc: [~eyang], [[email protected]], [~ebadger], [~jlowe]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
