Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
apache
/
hadoop
zrkadlo https://github.com/apache/hadoop.git
2
0
Fork 1
Súbory Issues 0 Wiki
Prechádzať zdrojové kódy

YARN-5042. Mount /sys/fs/cgroup into Docker containers as read only mount. Contributed by luhuichun.

(cherry picked from commit 42d9876471ff0bf0ea240cd48fe483cda8aa1ec7)
Varun Vasudev 8 rokov pred
rodič
42feab2436
commit
952c309dd9
3 zmenil súbory, kde vykonal 14 pridanie a 4 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 4 3
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
  2. 6 1
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/docker/DockerRunCommand.java
  3. 4 0
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java

+ 4 - 3
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
Zobraziť súbor 

@@ -447,7 +447,8 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
 
         .detachOnRun()
 
         .setContainerWorkDir(containerWorkDir.toString())
 
         .setNetworkType(network)
 
-        .setCapabilities(capabilities);
 
+        .setCapabilities(capabilities)
 
+        .addMountLocation("/sys/fs/cgroup", "/sys/fs/cgroup:ro", false);
 
     List<String> allDirs = new ArrayList<>(containerLocalDirs);
 
 
     allDirs.addAll(filecacheDirs);
 
@@ -455,7 +456,7 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
 
     allDirs.addAll(containerLogDirs);
 
     allDirs.addAll(userLocalDirs);
 
     for (String dir: allDirs) {
 
-      runCommand.addMountLocation(dir, dir);
 
+      runCommand.addMountLocation(dir, dir, true);
 
     }
 
 
     if (environment.containsKey(ENV_DOCKER_CONTAINER_LOCAL_RESOURCE_MOUNTS)) {
 
@@ -470,7 +471,7 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
 
           }
 
           String src = validateMount(dir[0], localizedResources);
 
           String dst = dir[1];
 
-          runCommand.addMountLocation(src, dst + ":ro");
 
+          runCommand.addMountLocation(src, dst + ":ro", true);
 
         }
 
       }
 
     }

+ 6 - 1
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/docker/DockerRunCommand.java
Zobraziť súbor 

@@ -22,6 +22,7 @@ package org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime
 
 
 import org.apache.hadoop.util.StringUtils;
 
 
+import java.io.File;
 
 import java.util.ArrayList;
 
 import java.util.List;
 
 import java.util.Set;
 
@@ -59,7 +60,11 @@ public class DockerRunCommand extends DockerCommand {
 
   }
 
 
   public DockerRunCommand addMountLocation(String sourcePath, String
 
-      destinationPath) {
 
+      destinationPath, boolean createSource) {
 
+    boolean sourceExists = new File(sourcePath).exists();
 
+    if (!sourceExists && !createSource) {
 
+      return this;
 
+    }
 
     super.addCommandArguments("-v", sourcePath + ":" + destinationPath);
 
     return this;
 
   }

+ 4 - 0
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
Zobraziť súbor 

@@ -276,6 +276,7 @@ public class TestDockerContainerRuntime {
 
         .append("--workdir=%3$s ")
 
         .append("--net=host ")
 
         .append(getExpectedTestCapabilitiesArgumentString())
 
+        .append("-v /sys/fs/cgroup:/sys/fs/cgroup:ro ")
 
         .append("-v %4$s:%4$s ")
 
         .append("-v %5$s:%5$s ")
 
         .append("-v %6$s:%6$s ")
 
@@ -381,6 +382,7 @@ public class TestDockerContainerRuntime {
 
             .append("--workdir=%3$s ")
 
             .append("--net=" + allowedNetwork + " ")
 
             .append(getExpectedTestCapabilitiesArgumentString())
 
+            .append("-v /sys/fs/cgroup:/sys/fs/cgroup:ro ")
 
             .append("-v %4$s:%4$s ").append("-v %5$s:%5$s ")
 
             .append("-v %6$s:%6$s ").append("-v %7$s:%7$s ")
 
             .append("-v %8$s:%8$s ").append("%9$s ")
 
@@ -435,6 +437,7 @@ public class TestDockerContainerRuntime {
 
             .append("--workdir=%3$s ")
 
             .append("--net=" + customNetwork1 + " ")
 
             .append(getExpectedTestCapabilitiesArgumentString())
 
+            .append("-v /sys/fs/cgroup:/sys/fs/cgroup:ro ")
 
             .append("-v %4$s:%4$s ").append("-v %5$s:%5$s ")
 
             .append("-v %6$s:%6$s ").append("-v %7$s:%7$s ")
 
             .append("-v %8$s:%8$s ").append("%9$s ")
 
@@ -471,6 +474,7 @@ public class TestDockerContainerRuntime {
 
             .append("--workdir=%3$s ")
 
             .append("--net=" + customNetwork2 + " ")
 
             .append(getExpectedTestCapabilitiesArgumentString())
 
+            .append("-v /sys/fs/cgroup:/sys/fs/cgroup:ro ")
 
             .append("-v %4$s:%4$s ").append("-v %5$s:%5$s ")
 
             .append("-v %6$s:%6$s ").append("-v %7$s:%7$s ")
 
             .append("-v %8$s:%8$s ").append("%9$s ")