[
https://issues.apache.org/jira/browse/MESOS-3836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14996144#comment-14996144
]
Michael Gummelt edited comment on MESOS-3836 at 11/9/15 7:15 AM:
-----------------------------------------------------------------
bq. I mean every executor should adhere to the same isolators that tasks do
Isolators are set on containers (or rather, they define containers). Thus
executors and tasks, which run in containers, adhere to the same isolators.
There are no isolators that tasks adhere to that executors don't.
was (Author: mgummelt):
bq. I mean every executor should adhere to the same isolators that tasks do
Isolators are set on containers. Thus executors and tasks, which run in
containers, adhere to the same isolators. There are no isolators that tasks
adhere to that executors don't.
> `--executor-environment-variables` may not apply to docker containers
> ---------------------------------------------------------------------
>
> Key: MESOS-3836
> URL: https://issues.apache.org/jira/browse/MESOS-3836
> Project: Mesos
> Issue Type: Bug
> Components: containerization, slave
> Affects Versions: 0.25.0
> Environment: Mesos 0.25.0 configured with
> --executor-environment-variables
> Reporter: Cody Maloney
> Assignee: Marco Massenzio
> Priority: Minor
> Labels: mesosphere
>
> In our use case we set {{PATH}} as part of the
> {{\-\-executor_environment_variables}} in order to limit what binaries all
> tasks which are launched via Mesos have readily available to them, making it
> much harder for people launching tasks on mesos to accidentally depend on
> something which isn't part of the "guaranteed" environment / platform.
> Docker containers can be used as executors, and have a fully isolated
> filesystem. For executors which run in docker containers setting {{PATH}} to
> our path on the host filesystem may potentially break the docker container.
> The previous code of only copying across environment variables when
> {{includeOsEnvironment}} is set dealt with this
> (https://github.com/apache/mesos/blob/56510afe149758a69a5a714dfaab16111dd0d9c3/src/slave/containerizer/containerizer.cpp#L267)
> if {{includeOsEnvironment}} is set than we should copy across the current
> {{\-\-executor_environment_variables}}. If it isn't, then
> {{\-\-executor_environment_variables}} shouldn't be used at all.
> Another option which could be useful is to make it so that there are two sets
> of "Executor Environment Variables". One for when {{includeOsEnvironment}} is
> set, and one for when it is not.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
