docker run --privileged
Turns off all of the docker security.
Has anyone tried to run a container for something like mesos that execs
docker commands, to maybe look like
docker run --privileged -v /:/host -v /run:/run -ti -net=host mesos /bin/sh
This would cause all of / to be mounted in /host and then you could execute
/host/usr/bin/docker for example. Not sure why you would want
/var/lib/docker mounted into the mesos container.
On 09/23/2014 09:18 AM, Tim St Clair wrote:
Scott -
When you mentioned running in privileged mode mode, what does that
mean? Could you provide more details.
Cheers,
Tim
*From: *Tim Chen t...@mesosphere.io
*To: *u...@mesos.apache.org, Gabriel Monroy gabr...@opdemand.com
*Sent: *Tuesday, September 23, 2014 2:41:17 AM
*Subject: *Re: Running mesos-slave in Docker container
Hi Grzegorz,
To run Mesos master|slave in a docker container is not straight
forward because we utilize kernel features therefore you need to
explicitly test out the features you like to use with Mesos with
slave/master in Docker.
Gabriel during the Mesosphere hackathon has got master and slave
running in docker containers, and he can probably share his
Dockerfile and run command.
I believe one work around to get cgroups working with Docker run
is to mount /sys into the container (mount -v /sys:/sys).
Gabriel do you still have the command you used to run slave/master
with Docker?
Tim
On Tue, Sep 23, 2014 at 12:24 AM, Grzegorz Graczyk
gregor...@gmail.com mailto:gregor...@gmail.com wrote:
I'm trying to run mesos-slave inside Docker container, but it
can't start due to problem with mounting cgroups.
I'm using:
Kernel Version: 3.13.0-32-generic
Operating System: Ubuntu 14.04.1 LTS
Docker: 1.2.0(commit fa7b24f)
Mesos: 0.20.0
Following error appears:
I0923 07:11:20.92147519 main.cpp:126] Build: 2014-08-22
05:04:26 by root
I0923 07:11:20.92160819 main.cpp:128] Version: 0.20.0
I0923 07:11:20.92162019 main.cpp:131] Git tag: 0.20.0
I0923 07:11:20.92162819 main.cpp:135] Git SHA:
f421ffdf8d32a8834b3a6ee483b5b59f65956497
Failed to create a containerizer: Could not create
DockerContainerizer: Failed to find a mounted cgroups
hierarchy for the 'cpu' subsystem; you probably need to mount
cgroups manually!
I'm running docker container with command:
docker run --name mesos-slave --privileged --net=host -v
/var/run/docker.sock:/var/run/docker.sock -v
/var/lib/docker:/var/lib/docker -v
/usr/local/bin/docker:/usr/local/bin/docker
gregory90/mesos-slave --containerizers=docker,mesos
--master=zk://localhost:2181/mesos --ip=127.0.0.1
Everything is running on single machine.
Everything works as expected when mesos-slave is run outside
docker container.
I'd appreciate some help.
--
Cheers,
Timothy St. Clair
Red Hat Inc.
___
cloud mailing list
cloud@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/cloud
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
___
cloud mailing list
cloud@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/cloud
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
