James DeFelice created MESOS-7605:
-------------------------------------
Summary: UCR doesn't isolate uts namespace w/ host networking
Key: MESOS-7605
URL: https://issues.apache.org/jira/browse/MESOS-7605
Project: Mesos
Issue Type: Improvement
Components: containerization
Reporter: James DeFelice
Docker's {{run}} command supports a {{--hostname}} parameter which impacts
container isolation, even in {{host}} network mode: (via
https://docs.docker.com/engine/reference/run/)
{quote}
Even in host network mode a container has its own UTS namespace by default. As
such --hostname is allowed in host network mode and will only change the
hostname inside the container. Similar to --hostname, the --add-host, --dns,
--dns-search, and --dns-option options can be used in host network mode.
{quote}
I see no evidence that UCR offers a similar isolation capability.
Related: the {{ContainerInfo}} protobuf has a {{hostname}} field which was
initially added to support the Docker containerizer's use of the {{--hostname}}
Docker {{run}} flag.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
