You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Jie Yu (JIRA)" <ji...@apache.org> on 2016/03/14 18:18:33 UTC

[jira] [Updated] (MESOS-4937) Investigate container security options for Mesos containerizer

     [ https://issues.apache.org/jira/browse/MESOS-4937?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jie Yu updated MESOS-4937:
--------------------------
    Component/s: containerization

> Investigate container security options for Mesos containerizer
> --------------------------------------------------------------
>
>                 Key: MESOS-4937
>                 URL: https://issues.apache.org/jira/browse/MESOS-4937
>             Project: Mesos
>          Issue Type: Task
>          Components: containerization
>            Reporter: Jie Yu
>              Labels: mesosphere
>
> We should investigate the following to improve the container security for Mesos containerizer and come up with a list of features that we want to support in MVP.
> 1) Capabilities
> 2) User namespace
> 3) Seccomp
> 4) SELinux
> 5) AppArmor
> We should investigate what other container systems are doing regarding security:
> 1) [k8s| https://github.com/kubernetes/kubernetes/blob/master/pkg/api/v1/types.go#L2905]
> 2) [docker|https://docs.docker.com/engine/security/security/]
> 3) [oci|https://github.com/opencontainers/specs/blob/master/config.md]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)