[jira] [Comment Edited] (AURORA-1107) Add support for mounting external volumes into docker containers

Mon, 04 Apr 2016 07:05:11 -0700 

    [ 
https://issues.apache.org/jira/browse/AURORA-1107?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15224181#comment-15224181
 ] 

Steve Niemitz edited comment on AURORA-1107 at 4/4/16 2:03 PM:
---------------------------------------------------------------

Kind of, but the use case is different (I'm the one who added 
global_container_mounts too :) ).

The use case for GCM is for say, mounting a directory with keys into every 
container that launches.  The use case for per-job mounts is more generic, and 
I see it mostly being used for dedicated roles.

That said, we also have the option to pass docker parameters now, which kind of 
side-steps this entire issue, since I can just pass flags to mount whatever 
volumes I want in that case.


was (Author: steveniemitz):
Kind of, but the use case is different (I'm the one who added 
global_container_mounts :) ).

The use case for GCM is for say, mounting a directory with keys into every 
container that launches.  The use case for per-job mounts is more generic, and 
I see it mostly being used for dedicated roles.

That said, we also have the option to pass docker parameters now, which kind of 
side-steps this entire issue, since I can just pass flags to mount whatever 
volumes I want in that case.

> Add support for mounting external volumes into docker containers
> ----------------------------------------------------------------
>
>                 Key: AURORA-1107
>                 URL: https://issues.apache.org/jira/browse/AURORA-1107
>             Project: Aurora
>          Issue Type: Task
>          Components: Docker
>            Reporter: Steve Niemitz
>            Assignee: Steve Niemitz
>            Priority: Minor
>
> The Mesos docker API allows specifying volumes on the host to mount into the 
> container when it runs.  We should expose this.  I propose:
>  - Add a volumes() set to the Docker object in base.py
>  - Add a similar set to the DockerContainer struct in api.thrift 
>  - Create a way for administrators to restrict the ability to use this.  
> Because mounts are set up by the docker daemon, they effectively allow 
> someone who can configure mounts to access anything on the machine.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to