YARN-7814. Remove automatic mounting of the cgroups root directory into Docker containers. Contributed by Shane Kumpf.

This commit is contained in:
Miklos Szegedi 2018-01-25 16:32:01 -08:00
parent cc10852252
commit 2e5865606b
2 changed files with 0 additions and 26 deletions

View File

@ -230,7 +230,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
private PrivilegedOperationExecutor privilegedOperationExecutor;
private Set<String> allowedNetworks = new HashSet<>();
private String defaultNetwork;
private String cgroupsRootDirectory;
private CGroupsHandler cGroupsHandler;
private AccessControlList privilegedContainersAcl;
private boolean enableUserReMapping;
@ -290,7 +289,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
LOG.info("cGroupsHandler is null - cgroups not in use.");
} else {
this.cGroupsHandler = cGroupsHandler;
this.cgroupsRootDirectory = cGroupsHandler.getCGroupMountPath();
}
}
@ -796,11 +794,6 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
setHostname(runCommand, containerIdStr, hostname);
runCommand.setCapabilities(capabilities);
if(cgroupsRootDirectory != null) {
runCommand.addReadOnlyMountLocation(cgroupsRootDirectory,
cgroupsRootDirectory, false);
}
List<String> allDirs = new ArrayList<>(containerLocalDirs);
allDirs.addAll(filecacheDirs);
allDirs.add(containerWorkDir.toString());

View File

@ -37,7 +37,6 @@ import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileg
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationException;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationExecutor;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.resources.CGroupsHandler;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.resources.ResourceHandlerModule;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerCommandExecutor;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerKillCommand;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerRmCommand;
@ -332,24 +331,6 @@ public class TestDockerContainerRuntime {
return expectedCapabilitiesString.toString();
}
private String getExpectedCGroupsMountString() {
CGroupsHandler cgroupsHandler = ResourceHandlerModule.getCGroupsHandler();
if(cgroupsHandler == null) {
return "";
}
String cgroupMountPath = cgroupsHandler.getCGroupMountPath();
boolean cGroupsMountExists = new File(
cgroupMountPath).exists();
if(cGroupsMountExists) {
return "-v " + cgroupMountPath
+ ":" + cgroupMountPath + ":ro ";
} else {
return "";
}
}
@Test
public void testDockerContainerLaunch()
throws ContainerExecutionException, PrivilegedOperationException,