You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Jay Buffington (JIRA)" <ji...@apache.org> on 2015/01/29 01:10:34 UTC
[jira] [Comment Edited] (MESOS-2183) docker containerizer doesn't
work when mesos-slave is running in a container
[ https://issues.apache.org/jira/browse/MESOS-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14296106#comment-14296106 ]
Jay Buffington edited comment on MESOS-2183 at 1/29/15 12:10 AM:
-----------------------------------------------------------------
Hey [~tnachen], I read your doc at https://docs.google.com/document/d/1_1oLHXg_aHj_fYCzsjYwox9xvIYNAKIeVjO5BFxsUGI/edit# and it's not clear you address the issue I encountered. In my mesos-slave running in coreos I have it:
* running inside a pid namespace
* using the mounted /var/run/docker.sock to start a sibling container
* running docker inspect to get the pid it just launched
* it sees that the pid docker inspect reports
* it tries to determine the libprocess port based on that pid
* it doesn't see that pid since the pid docker inspect returns is only visible in the root namespace
* it does docker stop/kill because it incorrectly thinks the executor failed to start since it couldn't see the pid
I don't understand how your patch addresses that issue. Can you give me a summary of how it fixes this problem I've described?
was (Author: jaybuff):
Hey [~tnachen], I read your doc at https://docs.google.com/document/d/1_1oLHXg_aHj_fYCzsjYwox9xvIYNAKIeVjO5BFxsUGI/edit# and it's not clear you address the issue I encountered. In my mesos-slave running in coreos I have it:
* running inside a pid namespace
* useing the mounted /var/run/docker.sock to start a sibling container
* running docker inspect to get the pid it just launched
* it sees that the pid docker inspect reports
* it tries to determine the libprocess port based on that pid
* it does see that pid since the pid docker inspect returns is only visible in the root namespace
* it does docker stop/kill because it incorrectly thinks the executor failed to start since it couldn't see the pid
I don't understand how your patch addresses that issue. Can you give me a summary of how it fixes this problem I've described?
> docker containerizer doesn't work when mesos-slave is running in a container
> ----------------------------------------------------------------------------
>
> Key: MESOS-2183
> URL: https://issues.apache.org/jira/browse/MESOS-2183
> Project: Mesos
> Issue Type: Bug
> Components: containerization, docker
> Reporter: Jay Buffington
> Assignee: Timothy Chen
>
> I've started running the mesos-slave process itself inside a docker container. I bind mount in the dockerd socket, so there is only one docker daemon running on the system.
> The mesos-slave process uses "docker run" to start an executor in another, sibling, container. It asks "docker inspect" what the pid of the executor running in the container is. Since the mesos-slave process is in its own pid namespace, it cannot see the pid for the executor in /proc. Therefore, it thinks the executor died and it does a docker kill.
> It looks like the executor pid is also used to determine what port the executor is listening on.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)