[
https://issues.apache.org/jira/browse/MESOS-3740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14984562#comment-14984562
]
Cody Maloney commented on MESOS-3740:
-------------------------------------
A lot of them we don't actually want to pass down, and some will cause actual
incorrect behavior. For example, if we pass through LIBPROCESS_PORT, the
libmesos inside of the docker container will try binding to the same port as.
There is also some isoation happening here. For our use case, we explicitly
don't want software to be dependent on mesos configuration parameters we pass
in via environment variables. If it is, then by reconfiguring the underlying
mesos, we could unexpectedly break services running on top / prevent new
instances from starting up properly because some variable was unexpectedly
passed through. Opening up just the ones we want allows us to keep the
dependencies to a well known set so we can provide better guarantees and
testing that the environment stays the same.
Also, for opening up everything, look at {{--executor_environment_variables}}
in http://mesos.apache.org/documentation/latest/configuration/. That is
explicitly added in our setup to prevent random configuration / variables (such
as the PATH used to run the mesos-slave binary) from reaching the inner
containers. Things like PATH really need to not be copied across docker
container boundaries, because what is correct on the host filesystem is likely
incorrect inside a docker container.
> LIBPROCESS_IP not passed to Docker containers
> ---------------------------------------------
>
> Key: MESOS-3740
> URL: https://issues.apache.org/jira/browse/MESOS-3740
> Project: Mesos
> Issue Type: Bug
> Components: containerization, docker
> Affects Versions: 0.25.0
> Environment: Mesos 0.24.1
> Reporter: Cody Maloney
> Assignee: Michael Park
> Labels: mesosphere
>
> Docker containers aren't currently passed all the same environment variables
> that Mesos Containerizer tasks are. See:
> https://github.com/apache/mesos/blob/master/src/slave/containerizer/containerizer.cpp#L254
> for all the environment variables explicitly set for mesos containers.
> While some of them don't necessarily make sense for docker containers, when
> the docker has inside of it a libprocess process (A mesos framework
> scheduler) and is using {{--net=host}} the task needs to have LIBPROCESS_IP
> set otherwise the same sort of problems that happen because of MESOS-3553 can
> happen (libprocess will try to guess the machine's IP address with likely bad
> results in a number of operating environment).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
