Fwd: Running mesos-slave in Docker container (Atomic Discussion)

Daniel J Walsh dwalsh at redhat.com
Tue Sep 23 14:26:45 UTC 2014 

docker run --privileged

Turns off all of the docker security.

Has anyone tried to run a container for something like mesos that execs
docker commands, to maybe look like

docker run --privileged -v /:/host -v /run:/run -ti -net=host mesos /bin/sh

This would cause all of / to be mounted in /host and then you could execute

/host/usr/bin/docker for example.  Not sure why you would want
/var/lib/docker mounted into the mesos container.



On 09/23/2014 09:18 AM, Tim St Clair wrote:
> Scott - 
>
> When you mentioned running in "privileged mode" mode, what does that
> mean?  Could you provide more details.
>
> Cheers,
> Tim
>
> ------------------------------------------------------------------------
>
>     *From: *"Tim Chen" <tim at mesosphere.io>
>     *To: *user at mesos.apache.org, "Gabriel Monroy" <gabriel at opdemand.com>
>     *Sent: *Tuesday, September 23, 2014 2:41:17 AM
>     *Subject: *Re: Running mesos-slave in Docker container
>
>     Hi Grzegorz,
>
>     To run Mesos master|slave in a docker container is not straight
>     forward because we utilize kernel features therefore you need to
>     explicitly test out the features you like to use with Mesos with
>     slave/master in Docker.
>
>     Gabriel during the Mesosphere hackathon has got master and slave
>     running in docker containers, and he can probably share his
>     Dockerfile and run command.
>
>     I believe one work around to get cgroups working with Docker run
>     is to mount /sys into the container (mount -v /sys:/sys).
>
>     Gabriel do you still have the command you used to run slave/master
>     with Docker?
>
>     Tim
>
>
>
>     On Tue, Sep 23, 2014 at 12:24 AM, Grzegorz Graczyk
>     <gregory90 at gmail.com <mailto:gregory90 at gmail.com>> wrote:
>
>         I'm trying to run mesos-slave inside Docker container, but it
>         can't start due to problem with mounting cgroups.
>
>         I'm using:
>         Kernel Version: 3.13.0-32-generic
>         Operating System: Ubuntu 14.04.1 LTS
>         Docker: 1.2.0(commit fa7b24f)
>         Mesos: 0.20.0
>
>         Following error appears:
>         I0923 07:11:20.921475    19 main.cpp:126] Build: 2014-08-22
>         05:04:26 by root
>         I0923 07:11:20.921608    19 main.cpp:128] Version: 0.20.0
>         I0923 07:11:20.921620    19 main.cpp:131] Git tag: 0.20.0
>         I0923 07:11:20.921628    19 main.cpp:135] Git SHA:
>         f421ffdf8d32a8834b3a6ee483b5b59f65956497
>         Failed to create a containerizer: Could not create
>         DockerContainerizer: Failed to find a mounted cgroups
>         hierarchy for the 'cpu' subsystem; you probably need to mount
>         cgroups manually!
>
>         I'm running docker container with command:
>         docker run --name mesos-slave --privileged --net=host -v
>         /var/run/docker.sock:/var/run/docker.sock -v
>         /var/lib/docker:/var/lib/docker -v
>         /usr/local/bin/docker:/usr/local/bin/docker
>         gregory90/mesos-slave --containerizers=docker,mesos
>         --master=zk://localhost:2181/mesos --ip=127.0.0.1
>
>         Everything is running on single machine.
>         Everything works as expected when mesos-slave is run outside
>         docker container.
>
>         I'd appreciate some help.
>
>
>
>
>
> -- 
> Cheers,
> Timothy St. Clair
> Red Hat Inc.
>
>
> _______________________________________________
> cloud mailing list
> cloud at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/cloud
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/cloud/attachments/20140923/9a535c23/attachment.html>

More information about the cloud mailing list