keis
commented
6 years ago Hi @richardlundsky
This is a pretty new feature of mesos from what I can tell. The docs of the mesos primitive says 1.4 and it also seems to be limited to the mesos containeriser. https://mesos.apache.org/documentation/latest/secrets/
There is a big amount of ground work to do before we can have eremetic on the 1.X api and later the new containeriser but if all that was in adding this to the api should be straight forward. I have a WIP branch to switch to the new api @ #172 but sadly I've not had the time to finish the work on that.
When deploying a Marathon service in Mesosphere/DCOS, the deployment descriptor allows the mapping of a secret to an environment variable which can then be accessed by the service itself. This is useful for storing passwords externally from the deployment descriptors of services themselves and keeping them (relatively) secure (https://docs.mesosphere.com/1.10/security/secrets/use-secrets/).
I have been trying to do the same thing with an Eremetic task but the documentation seems to indicate that it's not possible, and all my experiments to try and get it working have failed!