Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Currently, the overlayfs upperdir is not included in any disk quota accounting. This means that a task can write arbitrary amounts of data to /tmp and will escape the sandbox disk quota.
Propose that we propagate the overlayfs upperdir directory to the disk isolators so that they can manage this storage, and include it in the total sandbox usage quota. This would need to be supported by both disk/du and disk/xfs isolators. We should be able to propagate the additional information out of the provisioner in ProvisionInfo and then into ContainerConfig.
The proposed semantics would be that both the sandbox and overlayfs upperdir usage would count towards the ephemeral disk quota.
Attachments
Issue Links
- is related to
-
MESOS-7580 Use root fs as lower RO layer and container fs as upper layer
- Open