aaaaalbert
commented
9 years ago Another point: Put platform-specific code into the sandbox launcher, not the nodemanager.
Open aaaaalbert opened 9 years ago
aaaaalbert
commented
9 years ago Another point: Put platform-specific code into the sandbox launcher, not the nodemanager.
aaaaalbert
commented
9 years ago Furthermore, what about sandbox types that don't use resource restriction files? Or require specific reset commands?
It's easy to add new sandbox types to the nodemanager by amending the predefined sandbox locations and the sandbox launch command.
We should modify the docstrings / comments to better explain those separate sandbox dirs, how sandbox launcher commands should be designed, how and which command-line options may be passed, etc. It's also worth pointing out security precautions, e.g. how any input from the experiment management tool must be sanitized before it can be used so that users can't inject arbitrary strings into the launch command.