Allen Wittenauer commented on YARN-4262:

But admin also exposes functionality on the RM.

bq.  should we expose such functionality to anybody who is not in the 'admin' 
role for the cluster?

No, which is why it should be a separate list.  This isn't an "either/or". You 
need three lists: regular users, users who can run docker in priv mode, and 
admin level privs.  This is particular relevant when you think about OSes that 
aren't Linux that support Docker container formats but do support roles...

> Allow admins to run privileged docker containers. 
> --------------------------------------------------
>                 Key: YARN-4262
>                 URL: https://issues.apache.org/jira/browse/YARN-4262
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: yarn
>            Reporter: Sidharta Seethana
>            Assignee: Sidharta Seethana
>         Attachments: YARN-4262.001.patch
> There are scenarios where privileged containers are necessary in order to run 
> certain kinds of applications (one example is trying to run postresql/oracle 
> inside containers). However, given the security implications, we should 
> ensure that : 
> 1) privileged containers are disabled by default, even for admins 
> 2) if enabled, only admins should be allowed to launch such containers and 
> 3) Not all containers launched by admin users need to be privileged 
> containers : admin users need to explicitly request that a privileged 
> container be launched.

This message was sent by Atlassian JIRA

Reply via email to