[jira] [Commented] (MESOS-5544) Support running Mesos agent in a Docker container.

Fri, 28 Oct 2016 15:54:07 -0700 

    [ 
https://issues.apache.org/jira/browse/MESOS-5544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15616858#comment-15616858
 ] 

Jason Lai commented on MESOS-5544:
----------------------------------

I was able to get Mesos agent running inside of a Docker container with similar 
setup, it also works without network isolation:

```
docker run \
--name=mesos-agent \
--pid=host \
--privileged \
-dit \
-v /usr/bin/docker:/usr/bin/docker \
-v /var/lib/docker:/var/lib/docker \
-v /var/lib/mesos:/var/lib/mesos \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /var/run/mesos:/var/run/mesos \
-v /sys:/sys \
mesos \
agent \
--work_dir=/var/lib/mesos/agent \
--master=172.17.8.101:5050 \
--isolation=cgroups/cpu,cgroups/mem,docker/runtime,filesystem/linux,namespaces/pid
 \
--image_providers=docker \
--docker_store_dir=/var/lib/mesos/store \
--systemd_enable_support=false
```

+1 for the task. This would be helpful when we need to run Mesos agent on 
immutable OSes like CoreOS.

> Support running Mesos agent in a Docker container.
> --------------------------------------------------
>
>                 Key: MESOS-5544
>                 URL: https://issues.apache.org/jira/browse/MESOS-5544
>             Project: Mesos
>          Issue Type: Improvement
>            Reporter: Jie Yu
>
> Currently, this does not work if one tries to use Mesos containerizer.
> The main problem is that we want to make sure the executor is not killed when 
> agent crashes. So we have to use --pid=host so that the agent is in the host 
> pid namespace.
> But that is not sufficient, Docker daemon will put agent into all cgroups 
> available on the host. We need to make sure we migrate the executor pid out 
> of those cgroups so that when agent crashes, executors are not killed.
> Also, when start the agent container, volumes need to be setup properly so 
> that any mounts under agent's work_dir will be propagate back to the host 
> mount table. This is to make sure we can recover those mounts after agent 
> restarts. This is also true for those mounts that are needed by some isolator 
> (e.g., network/cni isolator).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to