You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@mesos.apache.org by Tim St Clair <ts...@redhat.com> on 2015/01/19 20:18:10 UTC

*namespaces now in Docker for Mesos slave in a container parity.

Greetings folks - 

All of the namespace work "should" be in the next release of Docker(1.5?).  This would enable ~feature parity to bare metal on the slave, but it may require some command line magic to enable super privileged containers to behave as expected.    

This means you should be able to enable *namespace features when running mesos-slave from a container. 

1 open question I still haven't figured out, is if there is kernel namespace api compatibility across major release versions.  I know it's stable going forwards, but I haven't compared EL6 vs. EL7 kernel api to see if there are changes in namespaces.    

-- 
Cheers,
Timothy St. Clair
Red Hat Inc.

Re: *namespaces now in Docker for Mesos slave in a container parity.

Posted by Tim St Clair <ts...@redhat.com>.

inline below.. 

----- Original Message -----
> From: "James DeFelice" <ja...@gmail.com>
> To: dev@mesos.apache.org
> Sent: Monday, January 19, 2015 2:01:50 PM
> Subject: Re: *namespaces now in Docker for Mesos slave in a container parity.
> 
> I found this on gh. Is there more?
> 
> https://github.com/docker/docker/pull/10080

Yup, that's the one.  

You'll probably want to read *this - http://developerblog.redhat.com/2014/11/06/introducing-a-super-privileged-container-concept/ for the gory details prior to the PR. 



> 
> --sent from my phone
> On Jan 19, 2015 2:52 PM, "Timothy Chen" <tn...@gmail.com> wrote:
> 
> This definitely sounds exciting.
> 
> Do you happen to have link to more information about this?
> 
> Tim
> 
> Sent from my iPhone
> 
> > On Jan 19, 2015, at 11:18 AM, Tim St Clair <ts...@redhat.com> wrote:
> >
> > Greetings folks -
> >
> > All of the namespace work "should" be in the next release of
> Docker(1.5?).  This would enable ~feature parity to bare metal on the
> slave, but it may require some command line magic to enable super
> privileged containers to behave as expected.
> >
> > This means you should be able to enable *namespace features when running
> mesos-slave from a container.
> >
> > 1 open question I still haven't figured out, is if there is kernel
> namespace api compatibility across major release versions.  I know it's
> stable going forwards, but I haven't compared EL6 vs. EL7 kernel api to see
> if there are changes in namespaces.
> >
> > --
> > Cheers,
> > Timothy St. Clair
> > Red Hat Inc.
> 

-- 
Cheers,
Timothy St. Clair
Red Hat Inc.

Re: *namespaces now in Docker for Mesos slave in a container parity.

Posted by James DeFelice <ja...@gmail.com>.

I found this on gh. Is there more?

https://github.com/docker/docker/pull/10080

--sent from my phone
On Jan 19, 2015 2:52 PM, "Timothy Chen" <tn...@gmail.com> wrote:

This definitely sounds exciting.

Do you happen to have link to more information about this?

Tim

Sent from my iPhone

> On Jan 19, 2015, at 11:18 AM, Tim St Clair <ts...@redhat.com> wrote:
>
> Greetings folks -
>
> All of the namespace work "should" be in the next release of
Docker(1.5?).  This would enable ~feature parity to bare metal on the
slave, but it may require some command line magic to enable super
privileged containers to behave as expected.
>
> This means you should be able to enable *namespace features when running
mesos-slave from a container.
>
> 1 open question I still haven't figured out, is if there is kernel
namespace api compatibility across major release versions.  I know it's
stable going forwards, but I haven't compared EL6 vs. EL7 kernel api to see
if there are changes in namespaces.
>
> --
> Cheers,
> Timothy St. Clair
> Red Hat Inc.

Re: *namespaces now in Docker for Mesos slave in a container parity.

Posted by Timothy Chen <tn...@gmail.com>.

This definitely sounds exciting.

Do you happen to have link to more information about this?

Tim

Sent from my iPhone

> On Jan 19, 2015, at 11:18 AM, Tim St Clair <ts...@redhat.com> wrote:
> 
> Greetings folks - 
> 
> All of the namespace work "should" be in the next release of Docker(1.5?).  This would enable ~feature parity to bare metal on the slave, but it may require some command line magic to enable super privileged containers to behave as expected.    
> 
> This means you should be able to enable *namespace features when running mesos-slave from a container. 
> 
> 1 open question I still haven't figured out, is if there is kernel namespace api compatibility across major release versions.  I know it's stable going forwards, but I haven't compared EL6 vs. EL7 kernel api to see if there are changes in namespaces.    
> 
> -- 
> Cheers,
> Timothy St. Clair
> Red Hat Inc.

Re: *namespaces now in Docker for Mesos slave in a container parity.

Posted by Timothy Chen <tn...@gmail.com>.

This definitely sounds exciting.

Do you happen to have link to more information about this?

Tim

Sent from my iPhone

> On Jan 19, 2015, at 11:18 AM, Tim St Clair <ts...@redhat.com> wrote:
> 
> Greetings folks - 
> 
> All of the namespace work "should" be in the next release of Docker(1.5?).  This would enable ~feature parity to bare metal on the slave, but it may require some command line magic to enable super privileged containers to behave as expected.    
> 
> This means you should be able to enable *namespace features when running mesos-slave from a container. 
> 
> 1 open question I still haven't figured out, is if there is kernel namespace api compatibility across major release versions.  I know it's stable going forwards, but I haven't compared EL6 vs. EL7 kernel api to see if there are changes in namespaces.    
> 
> -- 
> Cheers,
> Timothy St. Clair
> Red Hat Inc.