Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9019

Validate that container paths are unique in `ContainerInfo.volumes`.

    XMLWordPrintableJSON

    Details

    • Target Version/s:
    • Story Points:
      2

      Description

      Currently we allow two volumes to have the same container_path. The bind-mount of a later volume would overwrite that of an earlier one.

      However, if the two volumes are file-based secrets, the containerizer will generate pre-exec commands similar to the following:

      mv -f secret1 source
      mount -n --rbind source container_path
      mv -f secret2 source
      mount -n --rbind source container_path
      

      The second mv would rename secret2 to source, but target remains bounded to the gone secret1, and this would make the last mount result in an ENOENT.

      In general, allowing multiple with the same container_path is not useful, so we should disallow it and validate that in advance instead of getting a failure during container launch.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              chhsia0 Chun-Hung Hsiao
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: