Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] condor_rm & the docker universe

Date: Thu, 30 Jul 2015 11:40:20 -0500
From: Dimitri Maziuk <dmaziuk@xxxxxxxxxxxxx>
Subject: Re: [HTCondor-users] condor_rm & the docker universe

On 07/30/2015 10:01 AM, andrew.lahiff@xxxxxxxxxx wrote:
> Hi Greg,
> 
> Ok, I didn't realized it worked like this - I had assumed HTCondor
would do something like "docker stop", rather than send a signal to the
actual executable running inside the container. Isn't this rather
unsafe? It makes it very easy for people to run jobs which escape
HTCondor's control - according to HTCondor the job has been killed but
the Docker container continues running for as long as it wants.

I'd've thought sending sigterm to pid 1 would be rather unsafe... 'cause
there's no possible way it could ever get routed to a wrong pid
namespace or something...

-- 
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu

Attachment: signature.asc
Description: OpenPGP digital signature

Follow-Ups:
- Re: [HTCondor-users] condor_rm & the docker universe
  - From: Brian Bockelman

References:
- [HTCondor-users] condor_rm & the docker universe
  - From: andrew . lahiff
- Re: [HTCondor-users] condor_rm & the docker universe
  - From: Greg Thain
- Re: [HTCondor-users] condor_rm & the docker universe
  - From: andrew . lahiff

Prev by Date: Re: [HTCondor-users] condor_rm & the docker universe
Next by Date: [HTCondor-users] Avoiding combinatorial explosion in dependencies between spliced DAGS
Previous by thread: Re: [HTCondor-users] condor_rm & the docker universe
Next by thread: Re: [HTCondor-users] condor_rm & the docker universe
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [HTCondor-users] condor_rm & the docker universe