Sidharta Seethana commented on YARN-4262:

The checkstyle issue refers to the length of YarnConfiguration.java (there 
isn't much that can be done about that at this point). Pre-patch failure is 
unrelated to this patch.

> Allow admins to run privileged docker containers. 
> --------------------------------------------------
>                 Key: YARN-4262
>                 URL: https://issues.apache.org/jira/browse/YARN-4262
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: yarn
>            Reporter: Sidharta Seethana
>            Assignee: Sidharta Seethana
>         Attachments: YARN-4262.001.patch
> There are scenarios where privileged containers are necessary in order to run 
> certain kinds of applications (one example is trying to run postresql/oracle 
> inside containers). However, given the security implications, we should 
> ensure that : 
> 1) privileged containers are disabled by default, even for admins 
> 2) if enabled, only admins should be allowed to launch such containers and 
> 3) Not all containers launched by admin users need to be privileged 
> containers : admin users need to explicitly request that a privileged 
> container be launched.

This message was sent by Atlassian JIRA

Reply via email to