aurora-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jay Buffington" ...@jaybuff.com>
Subject Re: Review Request 28920: Add support for docker containers to aurora
Date Sat, 13 Dec 2014 04:25:24 GMT


> On Dec. 13, 2014, 1:59 a.m., Jay Buffington wrote:
> > I haven't had time to complete this review, but I wanted to give you what I have
so far.  This is all fantastic and I really appreciate you doing this!  I'm excited to start
using this implementation.
> > 
> > You should update configuration-reference.md and deploying-aurora-scheduler.md in
the docs dir to explain these changes.  You should state minimum mesos slave version as well
explain minimum docker version required on the slaves.
> > 
> > You've made a bunch of changes to the executor and the runner to make them docker
aware. I'd like those two components to not know about docker and I think we could really
simplify this patch if we remove all that.  I think these changes are wholly unnecessary.
 We should chat on IRC or Facetime about this.
> > 
> > I don't understand how users are managed in this world.  Docker images have their
own /etc/passwd, so it seems to me that the unix user the mesos task runs as (same as aurora
role) needs to exist inside that /etc/passwd.  If that's not the case I'm confused and want
to understand what user (username and id) the task does run as inside and outside the container.
> > 
> > Allowing the aurora user to set volumes is a security nightmare.  before docker
we're using unix permissions to control security.  We basically said: your aurora role is
your unix user and that's all the permissions you get on a host.  The docker daemon runs as
a priviledged user, so now you can tell docker to bind mount in files from all over the system
that your unix user didn't previously have permissions to read.   So at a minimum, we should
have a flag to disable the volumes feature with a big red warning flag in docs telling people
what security issues they're signing up for whenever they enable it.

Oh, I forgot to mention the docs need to explain what requirements are on the docker image
to run the docker executor in it.  Perhaps that's just python 2.7.  If that's the case, we
should consider bind mounting (aka docker volumes) in (statically compiled?) py2.7 executable.


- Jay


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/28920/#review65000
-----------------------------------------------------------


On Dec. 11, 2014, 6:16 a.m., Steve Niemitz wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/28920/
> -----------------------------------------------------------
> 
> (Updated Dec. 11, 2014, 6:16 a.m.)
> 
> 
> Review request for Aurora, Jay Buffington, Kevin Sweeney, and Bill Farner.
> 
> 
> Bugs: AURORA-633
>     https://issues.apache.org/jira/browse/AURORA-633
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> This change adds support for launching docker containers through aurora.  These changes
are based off of the discussion in https://issues.apache.org/jira/browse/AURORA-633
> 
> As of now, a special thermos_executor.sh script is needed to launch the executor inside
docker containers.  A sample script is in examples/jobs/docker, as well as an example aurora
file.
> 
> In addition, mesos-slave must be run with `--containerizers=docker,mesos`, the example
upstart config in examples/vagrant/upstart has been updated to reflect this.
> 
> The thermos root path defaults to /var/run/thermos, however if a different path is used,
it must be passed to the scheduler via `--thermos_observer_root=<some path>`
> 
> 
> Diffs
> -----
> 
>   Vagrantfile f8b7db8eebdc6a10989de3bc9a2c3e89ce17f5fc 
>   api/src/main/thrift/org/apache/aurora/gen/api.thrift 5665c69cd7b49c3fd7345074c9f16a3b224496ab

>   api/src/main/thrift/org/apache/thermos/thermos_internal.thrift 2c449a491bc5a8ac858ea6487e4cef0591f36f66

>   examples/jobs/docker/Dockerfile PRE-CREATION 
>   examples/jobs/docker/hello_docker.aurora PRE-CREATION 
>   examples/jobs/docker/hello_docker.py PRE-CREATION 
>   examples/jobs/docker/thermos_executor.sh PRE-CREATION 
>   examples/vagrant/aurorabuild.sh 69983d0140b76c6869cd04e55d760f3e3a1e4262 
>   examples/vagrant/upstart/mesos-slave.conf 512ce7ecf34042ed68dda55efb2dd0415f8469db

>   src/main/java/org/apache/aurora/scheduler/app/SchedulerMain.java 72c7545e7f16549f6a9ccb5fb74a06f154a7ea94

>   src/main/java/org/apache/aurora/scheduler/async/TaskScheduler.java ead9d28100673440168a32d114ecaa15874978a6

>   src/main/java/org/apache/aurora/scheduler/base/CommandUtil.java d885b224ec5a1d529347d84e03ba98ab6734a126

>   src/main/java/org/apache/aurora/scheduler/mesos/MesosTaskFactory.java 5bf283062c9d119ff91ed45da8b236e36d0fc9aa

>   src/main/python/apache/aurora/config/thrift.py ba94ac3c0cbaf3c91eb1a1d86a244ed6fa3b649c

>   src/main/python/apache/aurora/executor/aurora_executor.py 636b23d30a897b557eb8c3f8733c90b23cb807ef

>   src/main/python/apache/aurora/executor/bin/thermos_executor_main.py 9df9b4b79c0c7d29c5088409bf15c0d32a621df0

>   src/main/python/apache/aurora/executor/common/sandbox.py f47a32b3fefb4a89940b1ddc473b8316ac00df12

>   src/main/python/apache/aurora/executor/thermos_task_runner.py 5e4bd65537d186459003c0b9434f1b769e04f448

>   src/main/python/apache/thermos/bin/thermos_runner.py 647de2771f301b17de33d8b45198c211d2e84367

>   src/main/python/apache/thermos/config/schema_base.py f9143cc1b83143d6147f59d90c79435d055d0518

>   src/main/python/apache/thermos/core/runner.py 8aac6b50c66080abbb5308b367e9f74c487f42e3

>   src/main/python/apache/thermos/observer/task_observer.py cd528dcca3f5a330359cf38005f3a1a0329a4886

>   src/test/java/org/apache/aurora/scheduler/app/SchedulerIT.java 5e54364a49a208bd5f19b9649633dc8feca591e9

>   src/test/java/org/apache/aurora/scheduler/mesos/MesosTaskFactoryImplTest.java ddcb511d108220ab5e4efcf3496458f7ab4a20c2

>   src/test/python/apache/aurora/executor/test_thermos_executor.py 503e62f4cac872b14f6985b5bccc3e4dfcf81789

> 
> Diff: https://reviews.apache.org/r/28920/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Steve Niemitz
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message