YARN-7814. Remove automatic mounting of the cgroups root directory into Docker containers. Contributed by Shane Kumpf.

2018-01-25 16:32:01 -08:00 · 2018-01-25 16:32:01 -08:00 · 2e5865606b
parent cc10852252
commit 2e5865606b
2 changed files with 0 additions and 26 deletions
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
@ -230,7 +230,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
  private PrivilegedOperationExecutor privilegedOperationExecutor;
  private Set<String> allowedNetworks = new HashSet<>();
  private String defaultNetwork;
-  private String cgroupsRootDirectory;
  private CGroupsHandler cGroupsHandler;
  private AccessControlList privilegedContainersAcl;
  private boolean enableUserReMapping;
@ -290,7 +289,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
      LOG.info("cGroupsHandler is null - cgroups not in use.");
    } else {
      this.cGroupsHandler = cGroupsHandler;
-      this.cgroupsRootDirectory = cGroupsHandler.getCGroupMountPath();
    }
  }

@ -796,11 +794,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
    setHostname(runCommand, containerIdStr, hostname);
    runCommand.setCapabilities(capabilities);

-    if(cgroupsRootDirectory != null) {
-      runCommand.addReadOnlyMountLocation(cgroupsRootDirectory,
-          cgroupsRootDirectory, false);
-    }
-
    List<String> allDirs = new ArrayList<>(containerLocalDirs);
    allDirs.addAll(filecacheDirs);
    allDirs.add(containerWorkDir.toString());
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
@ -37,7 +37,6 @@ import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileg
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationException;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationExecutor;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.resources.CGroupsHandler;
-import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.resources.ResourceHandlerModule;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerCommandExecutor;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerKillCommand;
 import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerRmCommand;
@ -332,24 +331,6 @@ public class TestDockerContainerRuntime {
    return expectedCapabilitiesString.toString();
  }

-  private String getExpectedCGroupsMountString() {
-    CGroupsHandler cgroupsHandler = ResourceHandlerModule.getCGroupsHandler();
-    if(cgroupsHandler == null) {
-      return "";
-    }
-
-    String cgroupMountPath = cgroupsHandler.getCGroupMountPath();
-    boolean cGroupsMountExists = new File(
-        cgroupMountPath).exists();
-
-    if(cGroupsMountExists) {
-      return "-v " + cgroupMountPath
-          + ":" + cgroupMountPath + ":ro ";
-    } else {
-      return "";
-    }
-  }
-
  @Test
  public void testDockerContainerLaunch()
      throws ContainerExecutionException, PrivilegedOperationException,