Revert "YARN-7677. Docker image cannot set HADOOP_CONF_DIR. Contributed by Jim Brennan"

This reverts commit 12eaae383a.
This commit is contained in:
Jason Lowe 2018-02-01 12:14:09 -06:00
parent ae2177d296
commit 682ea21f2b
8 changed files with 66 additions and 33 deletions

View File

@ -346,6 +346,7 @@ public abstract class ContainerExecutor implements Configurable {
public void writeLaunchEnv(OutputStream out, Map<String, String> environment, public void writeLaunchEnv(OutputStream out, Map<String, String> environment,
Map<Path, List<String>> resources, List<String> command, Path logDir, Map<Path, List<String>> resources, List<String> command, Path logDir,
String user, String outFilename) throws IOException { String user, String outFilename) throws IOException {
updateEnvForWhitelistVars(environment);
ContainerLaunch.ShellScriptBuilder sb = ContainerLaunch.ShellScriptBuilder sb =
ContainerLaunch.ShellScriptBuilder.create(); ContainerLaunch.ShellScriptBuilder.create();
@ -363,19 +364,6 @@ public abstract class ContainerExecutor implements Configurable {
for (Map.Entry<String, String> env : environment.entrySet()) { for (Map.Entry<String, String> env : environment.entrySet()) {
sb.env(env.getKey(), env.getValue()); sb.env(env.getKey(), env.getValue());
} }
// Whitelist environment variables are treated specially.
// Only add them if they are not already defined in the environment.
// Add them using special syntax to prevent them from eclipsing
// variables that may be set explicitly in the container image (e.g,
// in a docker image)
for(String var : whitelistVars) {
if (!environment.containsKey(var)) {
String val = getNMEnvVar(var);
if (val != null) {
sb.whitelistedEnv(var, val);
}
}
}
} }
if (resources != null) { if (resources != null) {
@ -675,6 +663,23 @@ public abstract class ContainerExecutor implements Configurable {
} }
} }
/**
* Propagate variables from the nodemanager's environment into the
* container's environment if unspecified by the container.
* @param env the environment to update
* @see org.apache.hadoop.yarn.conf.YarnConfiguration#NM_ENV_WHITELIST
*/
protected void updateEnvForWhitelistVars(Map<String, String> env) {
for(String var : whitelistVars) {
if (!env.containsKey(var)) {
String val = getNMEnvVar(var);
if (val != null) {
env.put(var, val);
}
}
}
}
@VisibleForTesting @VisibleForTesting
protected String getNMEnvVar(String varname) { protected String getNMEnvVar(String varname) {
return System.getenv(varname); return System.getenv(varname);

View File

@ -66,6 +66,7 @@ import java.net.InetSocketAddress;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.*; import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.*;
@ -471,6 +472,13 @@ public class LinuxContainerExecutor extends ContainerExecutor {
} }
} }
@Override
protected void updateEnvForWhitelistVars(Map<String, String> env) {
if (linuxContainerRuntime.useWhitelistEnv(env)) {
super.updateEnvForWhitelistVars(env);
}
}
@Override @Override
public int launchContainer(ContainerStartContext ctx) public int launchContainer(ContainerStartContext ctx)
throws IOException, ConfigurationException { throws IOException, ConfigurationException {

View File

@ -1135,9 +1135,6 @@ public class ContainerLaunch implements Callable<Integer> {
public abstract void env(String key, String value) throws IOException; public abstract void env(String key, String value) throws IOException;
public abstract void whitelistedEnv(String key, String value)
throws IOException;
public abstract void echo(String echoStr) throws IOException; public abstract void echo(String echoStr) throws IOException;
public final void symlink(Path src, Path dst) throws IOException { public final void symlink(Path src, Path dst) throws IOException {
@ -1257,11 +1254,6 @@ public class ContainerLaunch implements Callable<Integer> {
line("export ", key, "=\"", value, "\""); line("export ", key, "=\"", value, "\"");
} }
@Override
public void whitelistedEnv(String key, String value) throws IOException {
line("export ", key, "=${", key, ":-", "\"", value, "\"}");
}
@Override @Override
public void echo(final String echoStr) throws IOException { public void echo(final String echoStr) throws IOException {
line("echo \"" + echoStr + "\""); line("echo \"" + echoStr + "\"");
@ -1352,11 +1344,6 @@ public class ContainerLaunch implements Callable<Integer> {
errorCheck(); errorCheck();
} }
@Override
public void whitelistedEnv(String key, String value) throws IOException {
env(key, value);
}
@Override @Override
public void echo(final String echoStr) throws IOException { public void echo(final String echoStr) throws IOException {
lineWithLenCheck("@echo \"", echoStr, "\""); lineWithLenCheck("@echo \"", echoStr, "\"");
@ -1456,6 +1443,8 @@ public class ContainerLaunch implements Callable<Integer> {
environment.put(Environment.PWD.name(), pwd.toString()); environment.put(Environment.PWD.name(), pwd.toString());
putEnvIfAbsent(environment, Environment.HADOOP_CONF_DIR.name());
if (!Shell.WINDOWS) { if (!Shell.WINDOWS) {
environment.put("JVM_PID", "$$"); environment.put("JVM_PID", "$$");
} }

View File

@ -37,6 +37,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import java.util.List; import java.util.List;
import java.util.Map;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.*; import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.*;
@ -72,6 +73,11 @@ public class DefaultLinuxContainerRuntime implements LinuxContainerRuntime {
this.conf = conf; this.conf = conf;
} }
@Override
public boolean useWhitelistEnv(Map<String, String> env) {
return true;
}
@Override @Override
public void prepareContainer(ContainerRuntimeContext ctx) public void prepareContainer(ContainerRuntimeContext ctx)
throws ContainerExecutionException { throws ContainerExecutionException {

View File

@ -94,6 +94,17 @@ public class DelegatingLinuxContainerRuntime implements LinuxContainerRuntime {
} }
} }
@Override
public boolean useWhitelistEnv(Map<String, String> env) {
try {
LinuxContainerRuntime runtime = pickContainerRuntime(env);
return runtime.useWhitelistEnv(env);
} catch (ContainerExecutionException e) {
LOG.debug("Unable to determine runtime");
return false;
}
}
@VisibleForTesting @VisibleForTesting
LinuxContainerRuntime pickContainerRuntime( LinuxContainerRuntime pickContainerRuntime(
Map<String, String> environment) throws ContainerExecutionException { Map<String, String> environment) throws ContainerExecutionException {

View File

@ -366,6 +366,13 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
return capabilities; return capabilities;
} }
@Override
public boolean useWhitelistEnv(Map<String, String> env) {
// Avoid propagating nodemanager environment variables into the container
// so those variables can be picked up from the Docker image instead.
return false;
}
private String runDockerVolumeCommand(DockerVolumeCommand dockerVolumeCommand, private String runDockerVolumeCommand(DockerVolumeCommand dockerVolumeCommand,
Container container) throws ContainerExecutionException { Container container) throws ContainerExecutionException {
try { try {

View File

@ -24,6 +24,8 @@ import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability; import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.container.Container; import org.apache.hadoop.yarn.server.nodemanager.containermanager.container.Container;
import java.util.Map;
/** /**
* An abstraction for various container runtime implementations. Examples * An abstraction for various container runtime implementations. Examples
* include Process Tree, Docker, Appc runtimes etc. These implementations * include Process Tree, Docker, Appc runtimes etc. These implementations
@ -83,4 +85,13 @@ public interface ContainerRuntime {
* and hostname * and hostname
*/ */
String[] getIpAndHost(Container container) throws ContainerExecutionException; String[] getIpAndHost(Container container) throws ContainerExecutionException;
/**
* Whether to propagate the whitelist of environment variables from the
* nodemanager environment into the container environment.
* @param env the container's environment variables
* @return true if whitelist variables should be propagated, false otherwise
* @see org.apache.hadoop.yarn.conf.YarnConfiguration#NM_ENV_WHITELIST
*/
boolean useWhitelistEnv(Map<String, String> env);
} }

View File

@ -337,8 +337,7 @@ public class TestContainerLaunch extends BaseContainerManagerTest {
Assert.assertFalse(shellContent.contains("HADOOP_HDFS_HOME")); Assert.assertFalse(shellContent.contains("HADOOP_HDFS_HOME"));
// Available in env and in whitelist // Available in env and in whitelist
Assert.assertTrue(shellContent.contains( Assert.assertTrue(shellContent.contains(
"export HADOOP_YARN_HOME=${HADOOP_YARN_HOME:-\"nodemanager_yarn_home\"}" "export HADOOP_YARN_HOME=\"nodemanager_yarn_home\""));
));
fos.flush(); fos.flush();
fos.close(); fos.close();
} }
@ -383,12 +382,9 @@ public class TestContainerLaunch extends BaseContainerManagerTest {
// Whitelisted variable overridden by container // Whitelisted variable overridden by container
Assert.assertTrue(shellContent.contains( Assert.assertTrue(shellContent.contains(
"export HADOOP_MAPRED_HOME=\"/opt/hadoopbuild\"")); "export HADOOP_MAPRED_HOME=\"/opt/hadoopbuild\""));
// Available in env but not in whitelist // Verify no whitelisted variables inherited from NM env
Assert.assertFalse(shellContent.contains("HADOOP_HDFS_HOME")); Assert.assertFalse(shellContent.contains("HADOOP_HDFS_HOME"));
// Available in env and in whitelist Assert.assertFalse(shellContent.contains("HADOOP_YARN_HOME"));
Assert.assertTrue(shellContent.contains(
"export HADOOP_YARN_HOME=${HADOOP_YARN_HOME:-\"nodemanager_yarn_home\"}"
));
fos.flush(); fos.flush();
fos.close(); fos.close();
} }