You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@mesos.apache.org by Krish <kr...@gmail.com> on 2015/09/30 14:58:45 UTC

Mesos slave in docker container

I see that we can run mesos-slave in a privileged docker container. I also
see tutorials online for guidance.
However, I am curious to know the pros & cons of such an approach.

Pros: Containerization helps, & can help in running on various server
distros.
Cons: Security is one. Any way to solve it?

Are there any others that I am unaware of?

Thanks.

--
κρισhναν
n00b on mesos

Re: Mesos slave in docker container

Posted by haosdent <ha...@gmail.com>.

I saw CoreOS integrated with SELinux to enforce fine-grained permissions
for Docker since 808.0.0 release
https://coreos.com/blog/container-security-selinux-coreos/ Hope this
helpful for your security concern.

On Wed, Sep 30, 2015 at 10:04 PM, Aaron Carey <ac...@ilm.com> wrote:

> We run both our Master and Agent processes as docker containers.. it works
> well although we don't have strict security requirements..
>
> ------------------------------
> *From:* Krish [krishnan.k.iyer@gmail.com]
> *Sent:* 30 September 2015 13:58
> *To:* user@mesos.apache.org
> *Subject:* Mesos slave in docker container
>
>
> I see that we can run mesos-slave in a privileged docker container. I also
> see tutorials online for guidance.
> However, I am curious to know the pros & cons of such an approach.
>
> Pros: Containerization helps, & can help in running on various server
> distros.
> Cons: Security is one. Any way to solve it?
>
> Are there any others that I am unaware of?
>
> Thanks.
>
> --
> κρισhναν
> n00b on mesos
>
>


-- 
Best Regards,
Haosdent Huang

RE: Mesos slave in docker container

Posted by Aaron Carey <ac...@ilm.com>.

We run both our Master and Agent processes as docker containers.. it works well although we don't have strict security requirements..

________________________________
From: Krish [krishnan.k.iyer@gmail.com]
Sent: 30 September 2015 13:58
To: user@mesos.apache.org
Subject: Mesos slave in docker container

I see that we can run mesos-slave in a privileged docker container. I also see tutorials online for guidance.
However, I am curious to know the pros & cons of such an approach.

Pros: Containerization helps, & can help in running on various server distros.
Cons: Security is one. Any way to solve it?

Are there any others that I am unaware of?

Thanks.

--
κρισhναν
n00b on mesos