[
https://issues.apache.org/jira/browse/AURORA-1107?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14308047#comment-14308047
]
Steve Niemitz commented on AURORA-1107:
---------------------------------------
I can think of a couple options for how to "opt in".
1) A flag on the scheduler that turns it on / off for everything
2) A way to allow only certain roles to create jobs with mounts.
#2 seems most appealing to me, since it would allow finer grained control over
who can create mount points or not.
> Add support for mounting external volumes into docker containers
> ----------------------------------------------------------------
>
> Key: AURORA-1107
> URL: https://issues.apache.org/jira/browse/AURORA-1107
> Project: Aurora
> Issue Type: Task
> Components: Docker
> Reporter: Steve Niemitz
> Assignee: Steve Niemitz
> Priority: Minor
>
> The Mesos docker API allows specifying volumes on the host to mount into the
> container when it runs. We should expose this. I propose:
> - Add a volumes() set to the Docker object in base.py
> - Add a similar set to the DockerContainer struct in api.thrift
> - Create a way for administrators to restrict the ability to use this.
> Because mounts are set up by the docker daemon, they effectively allow
> someone who can configure mounts to access anything on the machine.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
