YARN-7814. Remove automatic mounting of the cgroups root directory into Docker containers. Contributed by Shane Kumpf.

2018-01-25 16:32:01 -08:00 · 2018-01-25 16:32:01 -08:00 · 2e5865606b
commit 2e5865606b
parent cc10852252
2 changed files with 0 additions and 26 deletions
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
@ -230,7 +230,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
  private PrivilegedOperationExecutor privilegedOperationExecutor;
  private Set<String> allowedNetworks = new HashSet<>();
  private String defaultNetwork;
  private String cgroupsRootDirectory;
  private CGroupsHandler cGroupsHandler;
  private AccessControlList privilegedContainersAcl;
  private boolean enableUserReMapping;
@ -290,7 +289,6 @@ public DockerLinuxContainerRuntime(
      LOG.info("cGroupsHandler is null - cgroups not in use.");
    } else {
      this.cGroupsHandler = cGroupsHandler;
      this.cgroupsRootDirectory = cGroupsHandler.getCGroupMountPath();
    }
  }
@ -796,11 +794,6 @@ public void launchContainer(ContainerRuntimeContext ctx)
    setHostname(runCommand, containerIdStr, hostname);
    runCommand.setCapabilities(capabilities);
    if(cgroupsRootDirectory != null) {
      runCommand.addReadOnlyMountLocation(cgroupsRootDirectory,
          cgroupsRootDirectory, false);
    }
    List<String> allDirs = new ArrayList<>(containerLocalDirs);
    allDirs.addAll(filecacheDirs);
    allDirs.add(containerWorkDir.toString());
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
@ -37,7 +37,6 @@
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationException;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationExecutor;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.resources.CGroupsHandler;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.resources.ResourceHandlerModule;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerCommandExecutor;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerKillCommand;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerRmCommand;
@ -332,24 +331,6 @@ private String getExpectedTestCapabilitiesArgumentString()  {
    return expectedCapabilitiesString.toString();
  }
  private String getExpectedCGroupsMountString() {
    CGroupsHandler cgroupsHandler = ResourceHandlerModule.getCGroupsHandler();
    if(cgroupsHandler == null) {
      return "";
    }
    String cgroupMountPath = cgroupsHandler.getCGroupMountPath();
    boolean cGroupsMountExists = new File(
        cgroupMountPath).exists();
    if(cGroupsMountExists) {
      return "-v " + cgroupMountPath
          + ":" + cgroupMountPath + ":ro ";
    } else {
      return "";
    }
  }
  @Test
  public void testDockerContainerLaunch()
      throws ContainerExecutionException, PrivilegedOperationException,