Greg Phillips updated YARN-5280:
    Attachment: YARN-5280.005.patch

This patch is built against branch-3.0.0-alpha1 and adds a new 
LinuxContainerRuntime similar to the docker implementation.  App-by-app 
whitelisting is now available via application queues.  
The following configurations are now available to modify the behavior of the 

*yarn.nodemanager.linux-container-executor.sandbox-mode* : This yarn-site.xml 
setting has three options:
* *disabled* - Default behavior. JavaSandboxLinuxContainerRuntime is disabled
* *permissive* - JVM containers will run with Java Security Manager enabled. 
Non-JVM containers will run normally
* *enforcing* - JVM containers will run with Java Security Manager enabled. 
Non-JVM containers will be prevented from executing and an 
ContainerExecutionException will be thrown

*yarn.nodemanager.linux-container-executor.sandbox-mode.file.permissions* : 
Determines the file permissions for the application directories. The 
permissions come in the form of comma separated values (e.g. 
read,write,execute,delete). Defaults to read for read-only.

*yarn.nodemanager.linux-container-executor.sandbox-mode.policy* : Accepts 
canonical path to a java policy file on the local filesystem. This file will be 
loaded as the base policy, any additional container grants will be appended to 
this base file. If not specified, the default java.policy file provided in the 
jar resources will be used.

*yarn.nodemanager.linux-container-executor.sandbox-mode.queue* : Optional 
setting to specify a YARN queue which will be exempt from the sand-boxing 

> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Assignee: Greg Phillips
>            Priority: Minor
>         Attachments: YARN-5280.005.patch, YARN-5280.patch, 
> YARNContainerSandbox.pdf
> YARN applications have the ability to perform privileged actions which have 
> the potential to add instability into the cluster. The Java Security Manager 
> can be used to prevent users from running privileged actions while still 
> allowing their core data processing use cases. 
> Introduce a YARN flag which will allow a Hadoop administrator to enable the 
> Java Security Manager for user code, while still providing complete 
> permissions to core Hadoop libraries.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to