Sidharta Seethana created YARN-4262:
---------------------------------------

             Summary: Allow admins to run privileged docker containers. 
                 Key: YARN-4262
                 URL: https://issues.apache.org/jira/browse/YARN-4262
             Project: Hadoop YARN
          Issue Type: Sub-task
            Reporter: Sidharta Seethana
            Assignee: Sidharta Seethana


There are scenarios where privileged containers are necessary in order to run 
certain kinds of applications (one example is trying to run postresql/oracle 
inside containers). However, given the security implications, we should ensure 
that : 
1) privileged containers are disabled by default, even for admins 
2) if enabled, only admins should be allowed to launch such containers and 
3) Not all containers launched by admin users need to be privileged containers 
: admin users need to explicitly request that a privileged container be 
launched.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to