-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50041/
-----------------------------------------------------------
Review request for mesos, Benjamin Mahler, Artem Harutyunyan, Jie Yu, and
Timothy Chen.
Bugs: MESOS-5754
https://issues.apache.org/jira/browse/MESOS-5754
Repository: mesos
Description
-------
This patch allows the container launched by docker containerizer
to run as a user defined user (either the user from FrameworkInfo
or CommandInfo).
Important NOTE:
1. This is a behavior change, since the agent flag 'switch_user'
defaults to be true. So the docker container will defaultly
run as the framework/command user.
2. The user has to be existed in both host machine and the
docker image. Otherwise, either the host would fail to
chown to a non-existed user, or the docker daemon cannot
start the container due to unable to find the user.
Diffs
-----
src/docker/docker.hpp 9093371afc8ea792ba94f61c6875703e547ea6b0
src/docker/docker.cpp 515842d381ca8a91ad481f66c7be057dff2f3f28
src/docker/executor.hpp 7b63d784d6b8685912598b77fb38cf6e70646ae3
src/docker/executor.cpp 69511044e39bc05d7d6240264ec70b6e6f44edba
src/slave/containerizer/docker.cpp f1ecf3b25d85597f6c3dcaa47968860ed119dbd5
src/tests/containerizer/docker_tests.cpp
7b73a4939da33d0b7dd08fdcf56525b6403eada3
src/tests/mesos.hpp e4eccfc3810bed3649a3ab80e252849470de4c72
Diff: https://reviews.apache.org/r/50041/diff/
Testing
-------
make check
sudo ./bin/mesos-tests.sh
Manually tested by /src/mesos-execute with CommandInfo.user set as `nobody`
using docker image `alpine`.
Thanks,
Gilbert Song
