You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by Apache Wiki <wi...@apache.org> on 2015/05/21 23:03:13 UTC

[Hadoop Wiki] Update of "dineshs/IsolatingYarnAppsInDockerContainers" by Abin Shahab

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Hadoop Wiki" for change notification.

The "dineshs/IsolatingYarnAppsInDockerContainers" page has been changed by Abin Shahab:
https://wiki.apache.org/hadoop/dineshs/IsolatingYarnAppsInDockerContainers?action=diff&rev1=3&rev2=4

  = Isolating YARN Applications in Docker Containers =
  
  The Docker executor for YARN involves work on YARN along with its counterpart in Docker to forge the necessary API end points.  The purpose of this page is to collect related tickets across both projects in one location.
+ 
+ == May 2015 Update ==
+ 
+ The initial implementation of Docker Container Executor required that
+ all YARN containers be launched in a Docker container.  While this
+ approach allowed us to more quickly get hands-on experiencing bringing
+ Docker to YARN, it's not practical for production clusters.  Also, we
+ noticed that a production-quality implementation of Docker Container
+ Executor would require borrowing a large amount of important -- and
+ security-sensitive -- code and configuration from Linux Container
+ Executor (and it's supporting binary).
+ 
+ As a result, we've concluded that the best way to bring Docker to a
+ production cluster is to add Docker as a feature of the Linux
+ Container Executor.  With this features, individual jobs -- and even
+ individual YARN containers -- can be configured to use Docker
+ containers, while other jobs can continue to use regular Linux
+ containers.
+ 
+ Based on this conclusion, we have developed the following plan for
+ moving forward:
+ 
+ * Add to the Linux Container Executor (LCE) the option to launch
+ containers using Docker.
+ 
+ * Add this functionality in a way that leverages LCE's existing
+ ability to create cgroups to obtain cgroups for Docker containers.
+ 
+ * Add the ability to load the Docker image from a localized tar
+ file (in addition to being able to load from a Docker registry).
+ 
+ * Extend our Docker work to behave correctly in Kerberized clusters.
+ 
+ * Verify that the distributed cache works correctly in Docker
+ containers (we think it does, but we haven't fully tested).
+ 
+ We are targeting a beta release of this functionality for Hadoop 2.8.
  
  == Motivation ==