You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Kevin Klues (JIRA)" <ji...@apache.org> on 2017/01/28 02:52:24 UTC

[jira] [Created] (MESOS-7027) CommandExecutor ENV overwritten by Docker Image ENV in Unified Containerizer

Kevin Klues created MESOS-7027:
----------------------------------

             Summary: CommandExecutor ENV overwritten by Docker Image ENV in Unified Containerizer
                 Key: MESOS-7027
                 URL: https://issues.apache.org/jira/browse/MESOS-7027
             Project: Mesos
          Issue Type: Bug
            Reporter: Kevin Klues
            Priority: Blocker


Using the unified containerizer, if a docker image is provisioned and has environment variables set via the ENV directive, those environment variables will be inherited by the {{mesos-executor}} process and overwrite similarly named environment variables that otherwise would have been inherited from the agent.

This causes problems (for example) in DC/OS when trying to launch tasks based off the {{nvidia/cuda}} image. The {{nvidia/cuda}} image explicitly sets {{LD_LIBRARY_PATH}} to its own value so that the proper nvidia libraries will be available to whatever command is launched inside the container.

However, DC/OS relies on {{LD_LIBRARY_PATH}} to contain a path to {{/opt/mesosphere/lib}} so that all of the mesosphere libraries are available to the mesos binaries launched by the agent ({{mesos-containerizer}}, {{mesos-execute}}, etc.). This is necessary to make sure that any external dependencies they might have (e.g. libssl.so) can be resolved at runtime.
By overwriting the executor's environment with the Docker Image environment, {{LD_LIBRARY_PATH}} will not be set properly and {{mesos-execute}} will fail.

It seems to me, the Docker Image environment should *only* actually overwrite the environment of the user process (not its executor). However, this can get complicated, because the executor actually is the user process in the case of launching a custom executor.

We need to rethink how the environment is inherited/overwritten through all the various processes that get spawned while launching a container as well as how to make it work for tasks launched by arbitrary executors.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)