[
https://issues.apache.org/jira/browse/YARN-3852?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14635879#comment-14635879
]
Varun Vasudev commented on YARN-3852:
-------------------------------------
Thanks for the latest patch [~ashahab]. Patch looks good to me, just a couple
of minor changes -
# In container-executor.c and container-executor.h
{code}
-int check_dir(const char* npath, mode_t st_mode, mode_t desired, int
finalComponent) {
+int check_dir(char* npath, mode_t st_mode, mode_t desired, int finalComponent)
{
{code}
and
{code}
-int check_dir(const char* npath, mode_t st_mode, mode_t desired,
+int check_dir(char* npath, mode_t st_mode, mode_t desired,
int finalComponent);
-int create_validate_dir(const char* npath, mode_t perm, const char* path,
+int create_validate_dir(char* npath, mode_t perm, char* path,
int finalComponent);
{code}
You've removed the const-ness of npath.
# In container-executor.c
{code}
+int create_script_paths(const char *work_dir,
+ const char *script_name, const char *cred_file,
+ char** script_file_dest, char** cred_file_dest,
+ int* container_file_source, int* cred_file_source ) {
{code}
The rest of the patch looks good to me.
> Add docker container support to container-executor
> ---------------------------------------------------
>
> Key: YARN-3852
> URL: https://issues.apache.org/jira/browse/YARN-3852
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: yarn
> Reporter: Sidharta Seethana
> Assignee: Abin Shahab
> Attachments: YARN-3852-1.patch, YARN-3852.patch
>
>
> For security reasons, we need to ensure that access to the docker daemon and
> the ability to run docker containers is restricted to privileged users ( i.e
> users running applications should not have direct access to docker). In order
> to ensure the node manager can run docker commands, we need to add docker
> support to the container-executor binary.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
