[
https://issues.apache.org/jira/browse/YARN-8259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510275#comment-16510275
]
Eric Yang commented on YARN-8259:
---------------------------------
4 People have expressed opinion to go with option #1. Therefore, this patch
should be ready for commit in it's current form. [~shaneku...@gmail.com] Could
you add some information to DockerContainers.md, Privileged Container Security
Consideration section to indicate to white list NM user if hidepid option is
enabled?
> Revisit liveliness checks for Docker containers
> -----------------------------------------------
>
> Key: YARN-8259
> URL: https://issues.apache.org/jira/browse/YARN-8259
> Project: Hadoop YARN
> Issue Type: Sub-task
> Affects Versions: 3.0.2, 3.2.0, 3.1.1
> Reporter: Shane Kumpf
> Assignee: Shane Kumpf
> Priority: Blocker
> Labels: Docker
> Attachments: YARN-8259.001.patch
>
>
> As privileged containers may execute as a user that does not match the YARN
> run as user, sending the null signal for liveliness checks could fail. We
> need to reconsider how liveliness checks are handled in the Docker case.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
