Support for mesos containeriser not available

[patrick-jumio]

We are using mesos containerisers in mesos to deploy our applications in AWS. http://mesos.apache.org/documentation/latest/containerizers/#Mesos we are in the process of switching out from docker containerisers to mesos containerisers. We have already implemeted metadataproxy with docker.

However, I'm not certain what needs to be done for mesos containerisers to work with metadataproxy. From looking over the code, and the config, it seems we can use a ip table dict in a file; https://github.com/lyft/metadataproxy/blob/master/metadataproxy/settings.py

is this the correct way? It seems that it should be possible to forward requests from the mesos containeriser to the locally running metadataproxy instance, (which is in a docker container). How is this done?

[ryan-lane]

IP table mapping is doable, but not recommended. Ideally mdp should be able to lookup the IP in mesos or docker's data to be able to map an IP address to a running container, then look into the container's data to find the environment variables, or tags to correlate the IP back to a role that should be assumed. I don't really know mesos at all, so I can't directly help with this.

[mburger]

this can be achieved by implementing a lookup path querying http://mesos.apache.org/documentation/latest/endpoints/slave/state/ and setting IAM_ROLE not as a environment variable but as a label in mesos

[ryan-lane]

Released as 1.8.0