[jira] [Commented] (YARN-5621) Support LinuxContainerExecutor to create symlinks

Thu, 08 Sep 2016 21:24:07 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-5621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15475871#comment-15475871
 ] 

Allen Wittenauer commented on YARN-5621:
----------------------------------------

bq. Because it is a actually a script file and can also be used for other 
customized commands. What security reasons are you referring to? It is no 
difference than running current container launch script.

One of the keys goals for container-executor was to try to limit doing as much 
as it could as possible since it is doing things with privilege.  The container 
launch script is pretty self contained, is mostly controlled by the NM, and 
there are other actions in the pipeline.  Running a generic script without any 
of that extra baggage around it seems to be greatly expanding the footprint of 
c-e.  I mean, if it's must going to be script, you might as well make it "run 
this command" and just skip the script step... and when you put it like that, 
it sounds pretty bad, no?

You said earlier that it needs to create directories in addition to a symlink.  
Why can't the directory structure be built by the NM and it just be a chown 
operation by c-e? Why can't the directory and symlink structure be passed as 
parameters and let c-e just do that work?  Why does this have to be a script?

> Support LinuxContainerExecutor to create symlinks
> -------------------------------------------------
>
>                 Key: YARN-5621
>                 URL: https://issues.apache.org/jira/browse/YARN-5621
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Jian He
>            Assignee: Jian He
>         Attachments: YARN-5621.1.patch, YARN-5621.2.patch, YARN-5621.3.patch
>
>
> When new resources are localized, new symlink needs to be created for the 
> localized resource. This is the change for the LinuxContainerExecutor to 
> create the symlinks.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to