Mesos cannot deploy container from private Docker registry

时间:2015-06-25 18:22:12

标签: docker mesos docker-registry mesosphere marathon

I have a private Docker registry that is accessible at https://docker.somedomain.com (over standard port 443 not 5000). My infrastructure includes a set up of Mesosphere, which have docker containerizer enabled. I'm am trying to deploy a specific container to a Mesos slave via Marathon; however, this always fails with Mesos failing the task almost immediately with no data in stderr and stdout of that sandbox.

I tried deploying from an image from the standard Docker Registry and it appears to work fine. I'm having trouble figuring out what is wrong. My private Docker registry does not require password authentication (turned off for debugging this), AND if I shell into the Meso's slave instance, and sudo su as root, I can run a 'docker pull docker.somedomain.com/services/myapp' successfully every time.

Here is my Marathon post data for starting the task:

{
  "id": "myapp",
  "cpus": 0.5,
  "mem": 64.0,
  "instances": 1,
  "container": {
    "type": "DOCKER",
    "docker": {
      "image": "docker.somedomain.com/services/myapp:2",
      "network": "BRIDGE",
      "portMappings": [
        { "containerPort": 7000, "hostPort": 0, "servicePort": 0, "protocol": "tcp" }
      ]
    },
    "volumes": [
      {
        "containerPath": "application.yml",
        "hostPath": "/var/myapp/application.yml",
        "mode": "RO"
      }
    ]
  },
  "healthChecks": [
    {
      "protocol": "HTTP",
      "portIndex": 0,
      "path": "/",
      "gracePeriodSeconds": 5,
      "intervalSeconds": 20,
      "maxConsecutiveFailures": 3
    }
  ]
}

I've been stuck on this for almost a day now, everything I've tried seems to be yielding the same result. Any insights on this would be much appreciated.

My versions: Mesos: 0.22.1 Marathon: 0.8.2 Docker: 1.6.2

3 个答案:

答案 0 :(得分:2)

所以这就是卷的问题

"volumes": [
      {
        "containerPath": "/application.yml",
        "hostPath": "/var/myapp/application.yml",
        "mode": "RO"
      }
    ]

使用根路径容器的根路径在docker中可能是合法的,但Mesos似乎不会处理此行为。将containerPath修改为非根路径可以解决这个问题,即

"volumes": [
      {
        "containerPath": "/var",
        "hostPath": "/var/myapp",
        "mode": "RW"
      }
    ]

答案 1 :(得分:0)

如果Marathon和注册表之间存在问题,答案应该在注册表的http日志中。如果马拉松连接,将有一个条目。 Mesos主日志也应包含线索。

尽管如此,它并不像Marathon和Registry之间的问题。你确定你有#docker,mesos'在/ etc / mesos-slave / containerizers?

答案 2 :(得分:0)

你是否 - 尽管没有认证 - 试着关注Using a Private Docker Repository

  

要提供从私有存储库提取的凭据,请将.dockercfg添加到应用程序的uris字段。然后将$ HOME环境变量设置为与$ MESOS_SANDBOX相同的值,以便Docker可以自动获取配置文件。

相关问题
最新问题