[
https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15426566#comment-15426566
]
Daniel Templeton commented on YARN-5534:
----------------------------------------
A good use case for this is mounting in the Hadoop directories so that they
don't have to be build into the container. Another use case is mounting in the
local tool chain.
> Allow whitelisted volume mounts
> --------------------------------
>
> Key: YARN-5534
> URL: https://issues.apache.org/jira/browse/YARN-5534
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: yarn
> Reporter: luhuichun
> Assignee: luhuichun
>
> Mounting arbitrary volumes into a Docker container can be a security risk.
> One approach to provide safe volume mounts is to allow the cluster
> administrator to configure a set of parent directories in the yarn-site.xml
> from which volume mounts are allowed. only these directories and
> sub-directories are allowed to mount.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
