You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Jie Yu (JIRA)" <ji...@apache.org> on 2016/10/11 18:59:20 UTC

[jira] [Updated] (MESOS-6324) CNI should not use `ifconfig` in executors `pre_exec_command`

     [ https://issues.apache.org/jira/browse/MESOS-6324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jie Yu updated MESOS-6324:
--------------------------
    Fix Version/s: 1.0.2

> CNI should not use `ifconfig` in executors `pre_exec_command`
> -------------------------------------------------------------
>
>                 Key: MESOS-6324
>                 URL: https://issues.apache.org/jira/browse/MESOS-6324
>             Project: Mesos
>          Issue Type: Bug
>          Components: containerization
>            Reporter: Avinash Sridharan
>            Assignee: Avinash Sridharan
>             Fix For: 1.0.2, 1.1.0
>
>
> Currently the `network/cni` isolator sets up the `pre_exec_command` for executors when a container needs to be launched on a non-host network. The `pre_exec_command` is `ifconfig lo up`. This is done to primarily bring loopback up in the new network namespace.
> Setting up the `pre_exec_command` to bring loopback up is problematic since the executors PATH variable is generally very limited (doesn't contain all path that the agents PATH variable has due to security concerns). 
> Therefore instead of running `ifconfig lo up` in the `pre_exec_command` we should run it in `NetworkCniIsolatorSetup` subcommand, which runs with the same PATH variable as the agent.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)