YARN-8284. get_docker_command refactoring. Contributed by Eric Badger

(cherry picked from commit d47c09dcb1)
This commit is contained in:
Jason Lowe 2018-05-16 09:23:49 -05:00
parent 051d9cff9c
commit 79b2a508e0
2 changed files with 42 additions and 148 deletions

View File

@ -388,6 +388,18 @@ int get_docker_command(const char *command_file, const struct configuration *con
}
free(value);
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
char *command = get_configuration_value("docker-command", DOCKER_COMMAND_FILE_SECTION, &command_config);
if (strcmp(DOCKER_INSPECT_COMMAND, command) == 0) {
return get_docker_inspect_command(command_file, conf, args);
@ -440,7 +452,7 @@ static int value_permitted(const struct configuration* executor_cfg,
int get_docker_volume_command(const char *command_file, const struct configuration *conf, args *args) {
int ret = 0;
char *driver = NULL, *volume_name = NULL, *sub_command = NULL, *format = NULL, *docker = NULL;
char *driver = NULL, *volume_name = NULL, *sub_command = NULL, *format = NULL;
struct configuration command_config = {0, NULL};
ret = read_and_verify_command_file(command_file, DOCKER_VOLUME_COMMAND, &command_config);
if (ret != 0) {
@ -456,19 +468,6 @@ int get_docker_volume_command(const char *command_file, const struct configurati
goto cleanup;
}
docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
if (ret != 0) {
ret = BUFFER_TOO_SMALL;
goto cleanup;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
ret = BUFFER_TOO_SMALL;
goto cleanup;
}
ret = add_to_args(args, DOCKER_VOLUME_COMMAND);
if (ret != 0) {
goto cleanup;
@ -538,7 +537,6 @@ cleanup:
free(volume_name);
free(sub_command);
free(format);
free(docker);
return ret;
}
@ -576,19 +574,6 @@ int get_docker_inspect_command(const char *command_file, const struct configurat
return INVALID_DOCKER_INSPECT_FORMAT;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
if (ret != 0) {
goto free_and_exit;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
free(container_name);
free(format);
return BUFFER_TOO_SMALL;
}
ret = add_to_args(args, DOCKER_INSPECT_COMMAND);
if (ret != 0) {
goto free_and_exit;
@ -610,7 +595,6 @@ int get_docker_inspect_command(const char *command_file, const struct configurat
free_and_exit:
free(format);
free(container_name);
free(docker);
return BUFFER_TOO_SMALL;
}
@ -628,19 +612,6 @@ int get_docker_load_command(const char *command_file, const struct configuration
return INVALID_DOCKER_IMAGE_NAME;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
free(image_name);
return BUFFER_TOO_SMALL;
}
ret = add_to_args(args, DOCKER_LOAD_COMMAND);
if (ret == 0) {
char *tmp_buffer = make_string("--i=%s", image_name);
@ -675,17 +646,6 @@ int get_docker_pull_command(const char *command_file, const struct configuration
return INVALID_DOCKER_IMAGE_NAME;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
if (ret != 0) {
goto free_pull;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
goto free_pull;
}
ret = add_to_args(args, DOCKER_PULL_COMMAND);
if (ret == 0) {
ret = add_to_args(args, image_name);
@ -697,7 +657,6 @@ int get_docker_pull_command(const char *command_file, const struct configuration
}
free_pull:
free(image_name);
free(docker);
return BUFFER_TOO_SMALL;
}
@ -715,18 +674,6 @@ int get_docker_rm_command(const char *command_file, const struct configuration *
return INVALID_DOCKER_CONTAINER_NAME;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
ret = add_to_args(args, DOCKER_RM_COMMAND);
if (ret == 0) {
ret = add_to_args(args, container_name);
@ -757,18 +704,6 @@ int get_docker_stop_command(const char *command_file, const struct configuration
return INVALID_DOCKER_CONTAINER_NAME;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
goto free_and_exit;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
goto free_and_exit;
}
ret = add_to_args(args, DOCKER_STOP_COMMAND);
if (ret == 0) {
value = get_configuration_value("time", DOCKER_COMMAND_FILE_SECTION, &command_config);
@ -812,18 +747,6 @@ int get_docker_kill_command(const char *command_file, const struct configuration
return INVALID_DOCKER_CONTAINER_NAME;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
return BUFFER_TOO_SMALL;
}
ret = add_to_args(args, DOCKER_KILL_COMMAND);
if (ret == 0) {
value = get_configuration_value("signal", DOCKER_COMMAND_FILE_SECTION, &command_config);
@ -853,7 +776,6 @@ free_and_exit:
int get_docker_start_command(const char *command_file, const struct configuration *conf, args *args) {
int ret = 0;
char *docker = NULL;
char *container_name = NULL;
struct configuration command_config = {0, NULL};
ret = read_and_verify_command_file(command_file, DOCKER_START_COMMAND, &command_config);
@ -866,20 +788,6 @@ int get_docker_start_command(const char *command_file, const struct configuratio
return INVALID_DOCKER_CONTAINER_NAME;
}
docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
ret = BUFFER_TOO_SMALL;
goto free_and_exit;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
ret = BUFFER_TOO_SMALL;
goto free_and_exit;
}
ret = add_to_args(args, DOCKER_START_COMMAND);
if (ret != 0) {
goto free_and_exit;
@ -1443,20 +1351,6 @@ int get_docker_run_command(const char *command_file, const struct configuration
return INVALID_DOCKER_IMAGE_NAME;
}
char *docker = get_docker_binary(conf);
ret = add_to_args(args, docker);
free(docker);
if (ret != 0) {
reset_args(args);
return BUFFER_TOO_SMALL;
}
ret = add_docker_config_param(&command_config, args);
if (ret != 0) {
reset_args(args);
return BUFFER_TOO_SMALL;
}
ret = add_to_args(args, DOCKER_RUN_COMMAND);
if(ret != 0) {
reset_args(args);

View File

@ -165,12 +165,12 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=inspect\n format={{.State.Status}}\n name=container_e1_12312_11111_02_000001",
"/usr/bin/docker inspect --format={{.State.Status}} container_e1_12312_11111_02_000001"));
"inspect --format={{.State.Status}} container_e1_12312_11111_02_000001"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=inspect\n"
" format={{range(.NetworkSettings.Networks)}}{{.IPAddress}},{{end}}{{.Config.Hostname}}\n"
" name=container_e1_12312_11111_02_000001",
"/usr/bin/docker inspect --format={{range(.NetworkSettings.Networks)}}{{.IPAddress}},{{end}}{{.Config.Hostname}} container_e1_12312_11111_02_000001"));
"inspect --format={{range(.NetworkSettings.Networks)}}{{.IPAddress}},{{end}}{{.Config.Hostname}} container_e1_12312_11111_02_000001"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -202,7 +202,7 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=load\n image=image-id",
"/usr/bin/docker load --i=image-id"));
"load --i=image-id"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -272,7 +272,7 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=pull\n image=image-id",
"/usr/bin/docker pull image-id"));
"pull image-id"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -292,7 +292,7 @@ namespace ContainerExecutor {
file_cmd_vec.push_back(
std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=rm\n name=container_e1_12312_11111_02_000001",
"/usr/bin/docker rm container_e1_12312_11111_02_000001"));
"rm container_e1_12312_11111_02_000001"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -312,10 +312,10 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=stop\n name=container_e1_12312_11111_02_000001",
"/usr/bin/docker stop container_e1_12312_11111_02_000001"));
"stop container_e1_12312_11111_02_000001"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=stop\n name=container_e1_12312_11111_02_000001\ntime=25",
"/usr/bin/docker stop --time=25 container_e1_12312_11111_02_000001"));
"stop --time=25 container_e1_12312_11111_02_000001"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -339,10 +339,10 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=kill\n name=container_e1_12312_11111_02_000001",
"/usr/bin/docker kill container_e1_12312_11111_02_000001"));
"kill container_e1_12312_11111_02_000001"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=kill\n name=container_e1_12312_11111_02_000001\nsignal=SIGQUIT",
"/usr/bin/docker kill --signal=SIGQUIT container_e1_12312_11111_02_000001"));
"kill --signal=SIGQUIT container_e1_12312_11111_02_000001"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -365,7 +365,7 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=start\n name=container_e1_12312_11111_02_000001",
"/usr/bin/docker start container_e1_12312_11111_02_000001"));
"start container_e1_12312_11111_02_000001"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
bad_file_cmd_vec.push_back(std::make_pair<std::string, int>(
@ -1151,14 +1151,14 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=run\n name=container_e1_12312_11111_02_000001\n image=hadoop/docker-image\n user=nobody",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL hadoop/docker-image"));
"run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL hadoop/docker-image"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=run\n name=container_e1_12312_11111_02_000001\n image=nothadoop/docker-image\n user=nobody",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL nothadoop/docker-image"));
"run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL nothadoop/docker-image"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=run\n name=container_e1_12312_11111_02_000001\n image=hadoop/docker-image\n user=nobody\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL hadoop/docker-image bash test_script.sh arg1 arg2"));
"run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL hadoop/docker-image bash test_script.sh arg1 arg2"));
// Test non-privileged conatiner with launch command
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
@ -1168,7 +1168,7 @@ namespace ContainerExecutor {
" network=bridge\n devices=/dev/test:/dev/test\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
" -v /usr/bin/cut:/usr/bin/cut:ro -v /tmp:/tmp --cgroup-parent=ctr-cgroup --cap-drop=ALL --cap-add=CHOWN"
" --cap-add=SETUID --hostname=host-id --device=/dev/test:/dev/test hadoop/docker-image bash "
"test_script.sh arg1 arg2"));
@ -1179,7 +1179,7 @@ namespace ContainerExecutor {
" network=bridge\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm"
" --cgroup-parent=ctr-cgroup --cap-drop=ALL --hostname=host-id nothadoop/docker-image"));
// Test non-privileged container and drop all privileges
@ -1190,7 +1190,7 @@ namespace ContainerExecutor {
" network=bridge\n devices=/dev/test:/dev/test\n net=bridge\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
" -v /usr/bin/cut:/usr/bin/cut:ro -v /tmp:/tmp --cgroup-parent=ctr-cgroup --cap-drop=ALL --cap-add=CHOWN "
"--cap-add=SETUID --hostname=host-id --device=/dev/test:/dev/test hadoop/docker-image bash"
" test_script.sh arg1 arg2"));
@ -1201,7 +1201,7 @@ namespace ContainerExecutor {
" network=bridge\n net=bridge\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge"
" --cgroup-parent=ctr-cgroup --cap-drop=ALL --hostname=host-id nothadoop/docker-image"));
// Test privileged container
@ -1212,7 +1212,7 @@ namespace ContainerExecutor {
" network=bridge\n devices=/dev/test:/dev/test\n net=bridge\n privileged=true\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
"run --name=container_e1_12312_11111_02_000001 -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
" -v /usr/bin/cut:/usr/bin/cut:ro -v /tmp:/tmp --cgroup-parent=ctr-cgroup --privileged --cap-drop=ALL "
"--cap-add=CHOWN --cap-add=SETUID --hostname=host-id --device=/dev/test:/dev/test hadoop/docker-image "
"bash test_script.sh arg1 arg2"));
@ -1224,7 +1224,7 @@ namespace ContainerExecutor {
" network=bridge\n devices=/dev/test:/dev/test\n net=bridge\n privileged=true\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n group-add=1000,1001\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
"run --name=container_e1_12312_11111_02_000001 -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
" -v /usr/bin/cut:/usr/bin/cut:ro -v /tmp:/tmp --cgroup-parent=ctr-cgroup --privileged --cap-drop=ALL "
"--cap-add=CHOWN --cap-add=SETUID --hostname=host-id "
"--device=/dev/test:/dev/test hadoop/docker-image bash test_script.sh arg1 arg2"));
@ -1235,7 +1235,7 @@ namespace ContainerExecutor {
" network=bridge\n net=bridge\n"
" detach=true\n rm=true\n group-add=1000,1001\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge --cap-drop=ALL "
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge --cap-drop=ALL "
"--hostname=host-id --group-add 1000 --group-add 1001 "
"docker-image"));
@ -1339,7 +1339,7 @@ namespace ContainerExecutor {
" user=nobody\n"
" use-entry-point=true\n"
" environ=/tmp/test.env\n",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL "
"run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL "
"--env-file /tmp/test.env hadoop/docker-image"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
@ -1382,11 +1382,11 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=run\n name=container_e1_12312_11111_02_000001\n image=docker-image\n user=nobody",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL docker-image"));
"run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL docker-image"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=run\n name=container_e1_12312_11111_02_000001\n image=docker-image\n"
" user=nobody\n launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL docker-image"));
"run --name=container_e1_12312_11111_02_000001 --user=nobody --cap-drop=ALL docker-image"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n"
@ -1395,7 +1395,7 @@ namespace ContainerExecutor {
" network=bridge\n devices=/dev/test:/dev/test\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
" -v /usr/bin/cut:/usr/bin/cut:ro -v /tmp:/tmp --cgroup-parent=ctr-cgroup --cap-drop=ALL --cap-add=CHOWN"
" --cap-add=SETUID --hostname=host-id --device=/dev/test:/dev/test hadoop/docker-image bash "
"test_script.sh arg1 arg2"));
@ -1406,7 +1406,7 @@ namespace ContainerExecutor {
" network=bridge\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm"
" --cgroup-parent=ctr-cgroup --cap-drop=ALL --hostname=host-id nothadoop/docker-image"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
@ -1416,7 +1416,7 @@ namespace ContainerExecutor {
" network=bridge\n devices=/dev/test:/dev/test\n net=bridge\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge -v /var/log:/var/log:ro -v /var/lib:/lib:ro"
" -v /usr/bin/cut:/usr/bin/cut:ro -v /tmp:/tmp --cgroup-parent=ctr-cgroup --cap-drop=ALL --cap-add=CHOWN "
"--cap-add=SETUID --hostname=host-id --device=/dev/test:/dev/test hadoop/docker-image bash"
" test_script.sh arg1 arg2"));
@ -1427,7 +1427,7 @@ namespace ContainerExecutor {
" network=bridge\n net=bridge\n"
" cap-add=CHOWN,SETUID\n cgroup-parent=ctr-cgroup\n detach=true\n rm=true\n"
" launch-command=bash,test_script.sh,arg1,arg2",
"/usr/bin/docker run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge"
"run --name=container_e1_12312_11111_02_000001 --user=nobody -d --rm --net=bridge"
" --cgroup-parent=ctr-cgroup --cap-drop=ALL --hostname=host-id nothadoop/docker-image"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;
@ -1511,10 +1511,10 @@ namespace ContainerExecutor {
std::vector<std::pair<std::string, std::string> > file_cmd_vec;
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=volume\n sub-command=create\n volume=volume1 \n driver=driver1",
"/usr/bin/docker volume create --name=volume1 --driver=driver1"));
"volume create --name=volume1 --driver=driver1"));
file_cmd_vec.push_back(std::make_pair<std::string, std::string>(
"[docker-command-execution]\n docker-command=volume\n format={{.Name}},{{.Driver}}\n sub-command=ls",
"/usr/bin/docker volume ls --format={{.Name}},{{.Driver}}"));
"volume ls --format={{.Name}},{{.Driver}}"));
std::vector<std::pair<std::string, int> > bad_file_cmd_vec;