You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Daniel Templeton (JIRA)" <ji...@apache.org> on 2016/08/18 14:50:21 UTC

[jira] [Commented] (YARN-5534) Allow whitelisted volume mounts

    [ https://issues.apache.org/jira/browse/YARN-5534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15426566#comment-15426566 ] 

Daniel Templeton commented on YARN-5534:
----------------------------------------

A good use case for this is mounting in the Hadoop directories so that they don't have to be build into the container.  Another use case is mounting in the local tool chain.

> Allow whitelisted volume mounts 
> --------------------------------
>
>                 Key: YARN-5534
>                 URL: https://issues.apache.org/jira/browse/YARN-5534
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: yarn
>            Reporter: luhuichun
>            Assignee: luhuichun
>
> Mounting arbitrary volumes into a Docker container can be a security risk. One approach to provide safe volume mounts is to allow the cluster administrator to configure a set of parent directories in the yarn-site.xml from which volume mounts are allowed.  only these directories and sub-directories are allowed to mount.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org