[
https://issues.apache.org/jira/browse/MESOS-6324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jie Yu updated MESOS-6324:
--------------------------
Fix Version/s: 1.0.2
> CNI should not use `ifconfig` in executors `pre_exec_command`
> -------------------------------------------------------------
>
> Key: MESOS-6324
> URL: https://issues.apache.org/jira/browse/MESOS-6324
> Project: Mesos
> Issue Type: Bug
> Components: containerization
> Reporter: Avinash Sridharan
> Assignee: Avinash Sridharan
> Fix For: 1.0.2, 1.1.0
>
>
> Currently the `network/cni` isolator sets up the `pre_exec_command` for
> executors when a container needs to be launched on a non-host network. The
> `pre_exec_command` is `ifconfig lo up`. This is done to primarily bring
> loopback up in the new network namespace.
> Setting up the `pre_exec_command` to bring loopback up is problematic since
> the executors PATH variable is generally very limited (doesn't contain all
> path that the agents PATH variable has due to security concerns).
> Therefore instead of running `ifconfig lo up` in the `pre_exec_command` we
> should run it in `NetworkCniIsolatorSetup` subcommand, which runs with the
> same PATH variable as the agent.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
