YARN (Hadoop 2.0) + Docker containers - Integration and Privilege Isolation

Agenda

1. Privilege Isolation in Docker Containers

2. Privilege Isolation Q&A

Company: Altiscale

Altiscale has taken experiences at Yahoo, Google, and LinkedIn to rethink and develop a purpose-built, petabyte-scale infrastructure to deliver Hadoop as a cloud service.

Privilege Isolation

Docker containerization represents next generation of virtualization. Docker could represent an enormous step forward in flexibility, performance and economies of scale in a cloud infrastructure, or working with Hadoop/YARN.

One of the shortcomings of current Docker container is that the root user in a virtualized environment automatically acquires root privileges on host system. Altiscale has developed a new feature in Docker called “user namespaces,” which solves this security issue.

More technical details on this feature can be found at

https://www.altiscale.com/making-docker-work-yarn/

Speaker: Raymie Stata CEO/Founder

Raymie comes to Altiscale from Yahoo!, where he was Chief Technical Officer. At Yahoo, he played an instrumental role in algorithmic search, display advertising, and cloud computing. He also helped set Yahoo’s Open Source strategy and initiated its participation in the Apache Hadoop project. Prior to joining Yahoo!, Raymie founded Stata Laboratories, maker of the Bloomba search-based e-mail client, which Yahoo! acquired in 2004. He has also worked for Digital Equipment’s Systems Research Center, where he contributed to the AltaVista search engine. Raymie received his PhD in Computer Science from MIT in 1996.