Uploaded image for project: 'Aurora'
  1. Aurora
  2. AURORA-1057

Aurora should allow users to create "privileged" containers

    XMLWordPrintableJSON

Details

    • Story
    • Status: Reviewable
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Docker
    • None

    Description

      I'd like to allow users to set some configuration in their .aurora file which results in the "privileged" flag being set in ContainerInfo:
      https://github.com/apache/mesos/blob/master/include/mesos/mesos.proto#L1017

      If a user wants to, say, mount an NFS volume inside a container, "docker run" needs to be started in "priviledged" mode. See https://docs.docker.com/reference/run/#runtime-privilege-linux-capabilities-and-lxc-configuration

      Like volume mount support there are security concerns here, so perhaps there needs to be a flag that allow administrators to disable this feature.

      This requires mesos 0.21+

      Attachments

        Issue Links

          is blocked by

          Task - A task that needs to be done. AURORA-1080 Upgrade mesos dependency to 0.21.1

          • Major - Major loss of function.
          • Resolved
          Is contained by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. AURORA-1396 Aurora should allow users to set all of the options for Docker containers that Mesos exposes

          • Major - Major loss of function.
          • Reviewable

          Activity

            People

              dnorris Dan Norris
              jaybuff Jay Buffington
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: