You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Jie Yu (JIRA)" <ji...@apache.org> on 2016/10/11 18:59:20 UTC
[jira] [Updated] (MESOS-6324) CNI should not use `ifconfig` in
executors `pre_exec_command`
[ https://issues.apache.org/jira/browse/MESOS-6324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jie Yu updated MESOS-6324:
--------------------------
Fix Version/s: 1.0.2
> CNI should not use `ifconfig` in executors `pre_exec_command`
> -------------------------------------------------------------
>
> Key: MESOS-6324
> URL: https://issues.apache.org/jira/browse/MESOS-6324
> Project: Mesos
> Issue Type: Bug
> Components: containerization
> Reporter: Avinash Sridharan
> Assignee: Avinash Sridharan
> Fix For: 1.0.2, 1.1.0
>
>
> Currently the `network/cni` isolator sets up the `pre_exec_command` for executors when a container needs to be launched on a non-host network. The `pre_exec_command` is `ifconfig lo up`. This is done to primarily bring loopback up in the new network namespace.
> Setting up the `pre_exec_command` to bring loopback up is problematic since the executors PATH variable is generally very limited (doesn't contain all path that the agents PATH variable has due to security concerns).
> Therefore instead of running `ifconfig lo up` in the `pre_exec_command` we should run it in `NetworkCniIsolatorSetup` subcommand, which runs with the same PATH variable as the agent.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)