[jira] [Commented] (YARN-3988) DockerContainerExecutor should allow user specify "docker run" parameters

Allen Wittenauer (JIRA) Tue, 28 Jul 2015 12:04:35 -0700

    [ 
https://issues.apache.org/jira/browse/YARN-3988?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14644863#comment-14644863
 ]


Allen Wittenauer commented on YARN-3988:
----------------------------------------

It's a bit of a security hole to let users dictate docker run params....

> DockerContainerExecutor should allow user specify "docker run" parameters
> -------------------------------------------------------------------------
>
>                 Key: YARN-3988
>                 URL: https://issues.apache.org/jira/browse/YARN-3988
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: nodemanager
>    Affects Versions: 2.7.1
>            Reporter: Chen He
>            Assignee: Chen He
>
> In current DockerContainerExecutor, the "docker run" command has fixed 
> parameters:
> String commandStr = commands.append(dockerExecutor)
>       .append(" ")
>       .append("run")
>       .append(" ")
>       .append("--rm --net=host")
>       .append(" ")
>       .append(" --name " + containerIdStr)
>       .append(localDirMount)
>       .append(logDirMount)
>       .append(containerWorkDirMount)
>       .append(" ")
>       .append(containerImageName)
>       .toString();
> For example, it is not flexible if users want to start a docker container 
> with attaching extra volume(s) and other "docker run" parameters. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (YARN-3988) DockerContainerExecutor should allow user specify "docker run" parameters

Reply via email to