aurora-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Niemitz <st...@tellapart.com>
Subject Re: Getting secure data into Docker containers
Date Wed, 18 Feb 2015 22:33:31 GMT
I was planning on starting both mount and network mode support either next
week or the week after.  (Probably network mode support first).

However, based on the feedback from Bill, I think I might start with his
suggestion in the ticket, and allow static mounts specified to the
scheduler.  This would also lay the framework for per-job mounts, but with
less of a security concern.

On Wed, Feb 18, 2015 at 5:06 PM, Bill Farner <wfarner@apache.org> wrote:

> Mounts is the most lo fi approach that comes to mind.  I'd be in support of
> patches to satisfy (part of) AURORA-1107 to fulfill this need (which would
> hopefully be distinct from another perspective on AURORA-1107 in which
> end-users of Aurora can request arbitrary mounts).
>
> -=Bill
>
> On Wed, Feb 18, 2015 at 1:19 PM, Hussein Elgridly <
> hussein@broadinstitute.org> wrote:
>
> > Aurorans,
> >
> > We have some secure data (think login credentials) that we need to access
> > from inside a Docker container launched by Aurora. I'm trying to figure
> out
> > the best approach for getting them inside the container, since baking
> them
> > into the image is a can of worms I don't want to open.
> >
> > The ideal solution would be to put the creds on the Mesos slaves and then
> > mount them on the container, but Aurora doesn't have the means to do this
> > yet. If the answer is "wait a week and AURORA-1107 will be done", then
> > great; but if not, anyone have any ideas?
> >
> > Thanks,
> > Hussein Elgridly
> > Senior Software Engineer, DSDE
> > The Broad Institute of MIT and Harvard
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message