You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-dev@hadoop.apache.org by "Sidharta Seethana (JIRA)" <ji...@apache.org> on 2015/10/14 13:38:06 UTC

[jira] [Created] (YARN-4262) Allow admins to run privileged docker containers.

Sidharta Seethana created YARN-4262:
---------------------------------------

             Summary: Allow admins to run privileged docker containers. 
                 Key: YARN-4262
                 URL: https://issues.apache.org/jira/browse/YARN-4262
             Project: Hadoop YARN
          Issue Type: Sub-task
            Reporter: Sidharta Seethana
            Assignee: Sidharta Seethana


There are scenarios where privileged containers are necessary in order to run certain kinds of applications (one example is trying to run postresql/oracle inside containers). However, given the security implications, we should ensure that : 
1) privileged containers are disabled by default, even for admins 
2) if enabled, only admins should be allowed to launch such containers and 
3) Not all containers launched by admin users need to be privileged containers : admin users need to explicitly request that a privileged container be launched.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)