You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Avinash Sridharan (JIRA)" <ji...@apache.org> on 2016/10/07 01:08:20 UTC

[jira] [Created] (MESOS-6324) CNI should not use `ifconfig` in executors `pre_exec_command`

Avinash Sridharan created MESOS-6324:
----------------------------------------

             Summary: CNI should not use `ifconfig` in executors `pre_exec_command`
                 Key: MESOS-6324
                 URL: https://issues.apache.org/jira/browse/MESOS-6324
             Project: Mesos
          Issue Type: Bug
          Components: containerization
            Reporter: Avinash Sridharan
            Assignee: Avinash Sridharan


Currently the `network/cni` isolator sets up the `pre_exec_command` for executors when a container needs to be launched on a non-host network. The `pre_exec_command` is `ifconfig lo up`. This is done to primarily bring loopback up in the new network namespace.

Setting up the `pre_exec_command` to bring loopback up is problematic since the executors PATH variable is generally very limited (doesn't contain all path that the agents PATH variable has due to security concerns). 

Therefore instead of running `ifconfig lo up` in the `pre_exec_command` we should run it in `NetworkCniIsolatorSetup` subcommand, which runs with the same PATH variable as the agent.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)