[jira] [Commented] (MESOS-3836) `--executor-environment-variables` may not apply to docker containers

Tue, 15 Dec 2015 11:20:02 -0800 

    [ 
https://issues.apache.org/jira/browse/MESOS-3836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15058581#comment-15058581
 ] 

Jojy Varghese commented on MESOS-3836:
--------------------------------------

~[~jieyu]

Since we are moving in the direction of not sharing env variables between agent 
and containerizer, we should pack this ticket also along with the others that 
address this issue in a broader perspective. 

> `--executor-environment-variables` may not apply to docker containers
> ---------------------------------------------------------------------
>
>                 Key: MESOS-3836
>                 URL: https://issues.apache.org/jira/browse/MESOS-3836
>             Project: Mesos
>          Issue Type: Bug
>          Components: containerization, slave
>    Affects Versions: 0.25.0
>         Environment: Mesos 0.25.0 configured with 
> --executor-environment-variables
>            Reporter: Cody Maloney
>            Assignee: Jojy Varghese
>            Priority: Minor
>              Labels: mesosphere
>
> In our use case we set {{PATH}} as part of the 
> {{\-\-executor_environment_variables}} in order to limit what binaries all 
> tasks which are launched via Mesos have readily available to them, making it 
> much harder for people launching tasks on mesos to accidentally depend on 
> something which isn't part of the "guaranteed" environment / platform.
> Docker containers can be used as executors, and have a fully isolated 
> filesystem. For executors which run in docker containers setting {{PATH}}  to 
> our path on the host filesystem may potentially break the docker container.
> The previous code of only copying across environment variables when 
> {{includeOsEnvironment}} is set dealt with this 
> (https://github.com/apache/mesos/blob/56510afe149758a69a5a714dfaab16111dd0d9c3/src/slave/containerizer/containerizer.cpp#L267)
> if {{includeOsEnvironment}} is set than we should copy across the current 
> {{\-\-executor_environment_variables}}. If it isn't, then 
> {{\-\-executor_environment_variables}} shouldn't be used at all.
> Another option which could be useful is to make it so that there are two sets 
> of "Executor Environment Variables". One for when {{includeOsEnvironment}} is 
> set, and one for when it is not.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to