I was planning on starting both mount and network mode support either next week or the week after. (Probably network mode support first).
However, based on the feedback from Bill, I think I might start with his suggestion in the ticket, and allow static mounts specified to the scheduler. This would also lay the framework for per-job mounts, but with less of a security concern. On Wed, Feb 18, 2015 at 5:06 PM, Bill Farner <wfar...@apache.org> wrote: > Mounts is the most lo fi approach that comes to mind. I'd be in support of > patches to satisfy (part of) AURORA-1107 to fulfill this need (which would > hopefully be distinct from another perspective on AURORA-1107 in which > end-users of Aurora can request arbitrary mounts). > > -=Bill > > On Wed, Feb 18, 2015 at 1:19 PM, Hussein Elgridly < > huss...@broadinstitute.org> wrote: > > > Aurorans, > > > > We have some secure data (think login credentials) that we need to access > > from inside a Docker container launched by Aurora. I'm trying to figure > out > > the best approach for getting them inside the container, since baking > them > > into the image is a can of worms I don't want to open. > > > > The ideal solution would be to put the creds on the Mesos slaves and then > > mount them on the container, but Aurora doesn't have the means to do this > > yet. If the answer is "wait a week and AURORA-1107 will be done", then > > great; but if not, anyone have any ideas? > > > > Thanks, > > Hussein Elgridly > > Senior Software Engineer, DSDE > > The Broad Institute of MIT and Harvard > > >
