In specific, I wanted the process control capabilities of a mesos framework with custom schedulers and executors, but wanted to run my tasks in a framework definable environment (like running my tasks on a copy of Ubuntu 14 with certain libs installed). Using mixed-mode containerization worked with some fiddling, but it was painful in certain ways. The sandbox mounted in a mixed-mode container wasn't accessible from within the container thanks to selinux unless I ran the container in privileged mode and the cou limits per executor were no longer enforced unlike a mesos task with cfs isolation enabled. Further, setting up the default working directory and user was a pain.
Unified mode (also called mesos containerizer for some reason) solves a lot of these issues, though using it with private image repositories was not as straightforward as the docker containerizer. I eventually had to use an image directory to get that working, cause curl kept throwing vague ssl errors(I'm fairly certain this is due to my private image repository not having https set up since it's a test environment). Once I get things set up and cleaned up I'll post a more involved guide on how to get this particular use case setup and running, especially a part on preparing your container image for use with mesos. Mark Edgar Hammons II - Research Engineer at BioEmergences 0603695656 > On 14 Aug 2016, at 18:11, Erik Weathers <eweath...@groupon.com> wrote: > > What was the problem and how did you overcome it? (i.e. This would be a sad > resolution to this thread for someone faced with this same problem in the > future.) > >> On Sunday, August 14, 2016, Mark Hammons <mark.hamm...@inaf.cnrs-gif.fr> >> wrote: >> I finally got this working after fiddling with it all night. It works great >> so far! >> >> Mark Edgar Hammons II - Research Engineer at BioEmergences >> 0603695656 >> >>> On 14 Aug 2016, at 04:50, Joseph Wu <jos...@mesosphere.io> wrote: >>> >>> If you're not against running Docker containers without the Docker daemon, >>> try using the Unified containerizer. >>> See the latter half of this document: >>> http://mesos.apache.org/documentation/latest/mesos-containerizer/ >>> >>>> On Sat, Aug 13, 2016 at 7:02 PM, Mark Hammons >>>> <mark.hamm...@inaf.cnrs-gif.fr> wrote: >>>> Hi All, >>>> >>>> I was having a lot of success having mesos force sandboxed programs to >>>> work within cpu and memory constraints, but when I added docker into the >>>> mix, the cpu limitations go out the window (not sure about the memory >>>> limitations. Is there any way to mix these two methods of isolation? I'd >>>> like my executor/algorithm to run inside a docker container, but have that >>>> container's memory and cpu usage controlled by systemd/mesos. >>>> >>>> Thanks, >>>> Mark >>>> -- >>>> Mark Hammons - +33 06 03 69 56 56 >>>> Research Engineer @ BioEmergences >>>> Lab Phone: 01 69 82 34 19
