[
https://issues.apache.org/jira/browse/MESOS-3836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14996101#comment-14996101
]
Michael Gummelt commented on MESOS-3836:
----------------------------------------
It looks like the original goal of MESOS-2832, where
{{--executor-environment-variables}} was introduced, was to replace the
inherited host environment with a different environment, which would only apply
to non-docker containers, since they're the only ones that inherit the host
environment. However, as implemented, it's set on all executors.
So the central question is whether we want to keep the functionality of setting
env vars on all executors, or do we want to revert to the original goal of
replacing the inherited host environnment, which would only apply to non-docker
containers (mesos and external).
[~tnachen]: I don't see how your proposal for a
{{-docker-task-environment-variables}} flag solves the {{PATH}} problem.
Adding more docker env vars doesn't prevent us from setting the existing
{{--executor-environment-variables}} on docker executors.
[~cmaloney]:
bq. The -executor-environment-variables is given directly to executors, and
then gets inherited from the executor by all tasks the executors launch
currently.
Not really. Custom executors can launch tasks however they want. It's up to
them whether or not they pass their env vars. And the docker command executors
(mesos-docker-executor) doesn't pass env vars through. So this is really only
true for the mesos command executor.
> `--executor-environment-variables` may not apply to docker containers
> ---------------------------------------------------------------------
>
> Key: MESOS-3836
> URL: https://issues.apache.org/jira/browse/MESOS-3836
> Project: Mesos
> Issue Type: Bug
> Components: containerization, slave
> Affects Versions: 0.25.0
> Environment: Mesos 0.25.0 configured with
> --executor-environment-variables
> Reporter: Cody Maloney
> Assignee: Marco Massenzio
> Priority: Minor
> Labels: mesosphere
>
> In our use case we set {{PATH}} as part of the
> {{\-\-executor_environment_variables}} in order to limit what binaries all
> tasks which are launched via Mesos have readily available to them, making it
> much harder for people launching tasks on mesos to accidentally depend on
> something which isn't part of the "guaranteed" environment / platform.
> Docker containers can be used as executors, and have a fully isolated
> filesystem. For executors which run in docker containers setting {{PATH}} to
> our path on the host filesystem may potentially break the docker container.
> The previous code of only copying across environment variables when
> {{includeOsEnvironment}} is set dealt with this
> (https://github.com/apache/mesos/blob/56510afe149758a69a5a714dfaab16111dd0d9c3/src/slave/containerizer/containerizer.cpp#L267)
> if {{includeOsEnvironment}} is set than we should copy across the current
> {{\-\-executor_environment_variables}}. If it isn't, then
> {{\-\-executor_environment_variables}} shouldn't be used at all.
> Another option which could be useful is to make it so that there are two sets
> of "Executor Environment Variables". One for when {{includeOsEnvironment}} is
> set, and one for when it is not.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
