aurora-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Farner (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AURORA-1107) Add support for mounting external volumes into docker containers
Date Wed, 18 Feb 2015 22:30:11 GMT

    [ https://issues.apache.org/jira/browse/AURORA-1107?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14326651#comment-14326651
] 

Bill Farner commented on AURORA-1107:
-------------------------------------

A slice of this ticket could be considered for the purposes of distributing secrets (e.g.
credentials) to tasks.  This could mean a read-only mount applied globally by the cluster
administrator, which sidesteps the more complicated strategy of authorizing specific mounts
requested by users.

> Add support for mounting external volumes into docker containers
> ----------------------------------------------------------------
>
>                 Key: AURORA-1107
>                 URL: https://issues.apache.org/jira/browse/AURORA-1107
>             Project: Aurora
>          Issue Type: Task
>          Components: Docker
>            Reporter: Steve Niemitz
>            Assignee: Steve Niemitz
>            Priority: Minor
>
> The Mesos docker API allows specifying volumes on the host to mount into the container
when it runs.  We should expose this.  I propose:
>  - Add a volumes() set to the Docker object in base.py
>  - Add a similar set to the DockerContainer struct in api.thrift 
>  - Create a way for administrators to restrict the ability to use this.  Because mounts
are set up by the docker daemon, they effectively allow someone who can configure mounts to
access anything on the machine.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message