[jira] [Commented] (MESOS-3836) `--executor-environment-variables` may not apply to docker containers

Thu, 05 Nov 2015 20:54:07 -0800 

    [ 
https://issues.apache.org/jira/browse/MESOS-3836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14993114#comment-14993114
 ] 

Timothy Chen commented on MESOS-3836:
-------------------------------------

See my proposal here: 
https://issues.apache.org/jira/browse/MESOS-3740?focusedCommentId=14993111&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14993111

> `--executor-environment-variables` may not apply to docker containers
> ---------------------------------------------------------------------
>
>                 Key: MESOS-3836
>                 URL: https://issues.apache.org/jira/browse/MESOS-3836
>             Project: Mesos
>          Issue Type: Bug
>          Components: containerization, slave
>    Affects Versions: 0.25.0
>         Environment: Mesos 0.25.0 configured with 
> --executor-environment-variables
>            Reporter: Cody Maloney
>            Priority: Minor
>              Labels: mesosphere
>
> In our use case we set {{PATH}} as part of the 
> {{\-\-executor_environment_variables}} in order to limit what binaries all 
> tasks which are launched via Mesos have readily available to them, making it 
> much harder for people launching tasks on mesos to accidentally depend on 
> something which isn't part of the "guaranteed" environment / platform.
> Docker containers can be used as executors, and have a fully isolated 
> filesystem. For executors which run in docker containers setting {{PATH}}  to 
> our path on the host filesystem may potentially break the docker container.
> The previous code of only copying across environment variables when 
> {{includeOsEnvironment}} is set dealt with this 
> (https://github.com/apache/mesos/blob/56510afe149758a69a5a714dfaab16111dd0d9c3/src/slave/containerizer/containerizer.cpp#L267)
> if {{includeOsEnvironment}} is set than we should copy across the current 
> {{\-\-executor_environment_variables}}. If it isn't, then 
> {{\-\-executor_environment_variables}} shouldn't be used at all.
> Another option which could be useful is to make it so that there are two sets 
> of "Executor Environment Variables". One for when {{includeOsEnvironment}} is 
> set, and one for when it is not.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to