Re: Volume ownership and permission

2018-04-26 Thread James Peach 


> On Apr 26, 2018, at 7:25 PM, Qian Zhang  wrote:
> 
> Hi James,
> 
> Thanks for your comment!
> 
> I think you are talking about the SANDBOX_PATH volume ownership issue
> mentioned in the design doc
> ,
> IIUC, you prefer to leaving it to framework, i.e., framework itself ought
> to be able to handle such issue. But I am curious how framework can handle
> it in such situation. If the framework launches a task group with different
> users and with a SANDBOX_PATH volume of PARENT type, the tasks in the group
> will definitely fail to write to the volume due to the ownership issue
> though the volume's mode is set to "rw". So in this case, how should
> framework handle it?

The framework launched tasks in a group with different users? Sounds like they 
dug their own hole :)

I'd argue that the "rw" on the sandbox path is analogous to the "rw" mount 
option. That is, it is mounted writeable, but says nothing about which 
credentials can write to it.

> And if we want to document it, what is our recommended
> solution in the doc?
> 
> 
> 
> Regards,
> Qian Zhang
> 
> On Fri, Apr 27, 2018 at 1:16 AM, James Peach  wrote:
> 
>> I commented on the doc, but at least some of the issues raised there I
>> would not regard as issues. Rather, they are about setting expectations
>> correctly and ensuring that we are documenting (and maybe enforcing)
>> sensible behavior.
>> 
>> I'm not that keen on Mesos automatically "fixing" filesystem permissions
>> and we should proceed down that path with caution, especially in the ACLs
>> case.
>> 
>>> On Apr 10, 2018, at 3:15 AM, Qian Zhang  wrote:
>>> 
>>> Hi Folks,
>>> 
>>> I am working on MESOS-8767 to improve Mesos volume support regarding
>> volume ownership and permission, here is the design doc. Please feel free
>> to let me know if you have any comments/feedbacks, you can reply this mail
>> or comment on the design doc directly. Thanks!
>>> 
>>> 
>>> Regards,
>>> Qian Zhang
>> 
>>

Re: Volume ownership and permission

2018-04-26 Thread Qian Zhang 
Hi James,

Thanks for your comment!

I think you are talking about the SANDBOX_PATH volume ownership issue
mentioned in the design doc
,
IIUC, you prefer to leaving it to framework, i.e., framework itself ought
to be able to handle such issue. But I am curious how framework can handle
it in such situation. If the framework launches a task group with different
users and with a SANDBOX_PATH volume of PARENT type, the tasks in the group
will definitely fail to write to the volume due to the ownership issue
though the volume's mode is set to "rw". So in this case, how should
framework handle it? And if we want to document it, what is our recommended
solution in the doc?



Regards,
Qian Zhang

On Fri, Apr 27, 2018 at 1:16 AM, James Peach  wrote:

> I commented on the doc, but at least some of the issues raised there I
> would not regard as issues. Rather, they are about setting expectations
> correctly and ensuring that we are documenting (and maybe enforcing)
> sensible behavior.
>
> I'm not that keen on Mesos automatically "fixing" filesystem permissions
> and we should proceed down that path with caution, especially in the ACLs
> case.
>
> > On Apr 10, 2018, at 3:15 AM, Qian Zhang  wrote:
> >
> > Hi Folks,
> >
> > I am working on MESOS-8767 to improve Mesos volume support regarding
> volume ownership and permission, here is the design doc. Please feel free
> to let me know if you have any comments/feedbacks, you can reply this mail
> or comment on the design doc directly. Thanks!
> >
> >
> > Regards,
> > Qian Zhang
>
>

Re: Volume ownership and permission

2018-04-26 Thread James Peach 
I commented on the doc, but at least some of the issues raised there I would 
not regard as issues. Rather, they are about setting expectations correctly and 
ensuring that we are documenting (and maybe enforcing) sensible behavior. 

I'm not that keen on Mesos automatically "fixing" filesystem permissions and we 
should proceed down that path with caution, especially in the ACLs case.

> On Apr 10, 2018, at 3:15 AM, Qian Zhang  wrote:
> 
> Hi Folks,
> 
> I am working on MESOS-8767 to improve Mesos volume support regarding volume 
> ownership and permission, here is the design doc. Please feel free to let me 
> know if you have any comments/feedbacks, you can reply this mail or comment 
> on the design doc directly. Thanks!
> 
> 
> Regards,
> Qian Zhang

ApacheCon current-event banner

2018-04-26 Thread Piergiorgio Lucidi 
Hi,

I'm contributing in the Apache ComDev project and we would like to spread out 
informations about Apache-related events such as ApacheCon. 

Rich Bowen started a thread about this topic and we are actually searching to 
use a dynamic banner that will be updated automatically without the need to 
update the website everytime for every new event. On the dev@community.a.o list 
Rich Bowen asked to get this included in as many project websites as possible 
[2].

It would be great to have also Mesos website updated to include the 
current-event banner described in the first step of this README [1].

To track the progress of all projects updating their website, a link to this 
thread will be put in a shared google spreadsheet [3].

Thank you so much for your cooperation.

Cheers,
Piergiorgio

[1] - http://apache.org/events/README.txt
[2] - 
https://lists.apache.org/thread.html/d672b1849f6668c0f67ff4c71b20bbb4f56a49a1777607b12643d1dc@%3Cdev.community.apache.org%3E
[3] - 
https://docs.google.com/spreadsheets/d/101O3EVBYv_QhHW74bFLoO89ydaXoUJW4AC97YhnR530/edit#gid=0