[
https://issues.apache.org/jira/browse/YARN-9564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16901500#comment-16901500
]
Eric Yang commented on YARN-9564:
---------------------------------
[~ebadger] {quote}Yes, you'll need to run this script as sudo due to a few of
the commands in the script. It's probably easiest to run the whole script as
root, but I like to run as little as possible as root. I could require the
script run as root and then drop privileges when they aren't needed.{quote}
My first choice is to route this operation via YARN daemon to perform the
privilege escalation operations similar to container launch. This would put
the usage of the command similar to "docker build" that requires a trusted
daemon to validate security then perform the image build operation. The second
choice is to check the current user is a privileged user and run accordingly.
{quote}I believe that Craig Condit has a java version of something similar to
this tool. I don't think that I'm going to have time to rewrite this in Java,
but we might be able to leverage his tool if you think that approach is
better.{quote}
[~ccondit]'s tool provides basic flatten of docker image to squashfs. The
python implementation provides more metadata management of layers. Unless
there is effort to add metadata management to Craig's version. They are not
equal in functionality. I can not recommend to change direction unless someone
willing put in the effort to covert the python work to Java. I am shy from
committing python version at this time because external dependencies make this
script incomplete to function as standalone unit. I think it is too hard to
replicate for normal users. The script can improves on detecting
pre-requisites dependencies ahead of time instead of error out half way of the
script execution.
> Create docker-to-squash tool for image conversion
> -------------------------------------------------
>
> Key: YARN-9564
> URL: https://issues.apache.org/jira/browse/YARN-9564
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Eric Badger
> Assignee: Eric Badger
> Priority: Major
> Attachments: YARN-9564.001.patch, YARN-9564.002.patch
>
>
> The new runc runtime uses docker images that are converted into multiple
> squashfs images. Each layer of the docker image will get its own squashfs
> image. We need a tool to help automate the creation of these squashfs images
> when all we have is a docker image
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
