Uploaded image for project: 'DC/OS'
  1. DC/OS
  2. DCOS_OSS-1379

Make private mount a suggested setting for Docker 1.12/1.13

    Details

      Description

      Docker uses a shared mount namespace since 1.12, but sometimes it leaks the mount namespace to another process, and CORE-1149 would manifest as a result. To avoid this problem before Docker fix it, we should document that the following line is suggested to add to /etc/systemd/system/docker.service.d/execstart.conf (Docker's systemd config file) on each agent node for using Docker 1.12/1.13 with DC/OS:

      MountFlags=private
      

      The above line takes effect after running the following commands to restart Docker:

      systemctl daemon-reload
      systemctl restart docker
      

        Attachments

          Activity

            People

            • Assignee:
              joel Joel Hamill (Inactive)
              Reporter:
              chun-hunghsiao Chun-Hung Hsiao (Inactive)
              Team:
              Doc Team
              Watchers:
              Chun-Hung Hsiao (Inactive), Jie Yu (Inactive), Joel Hamill (Inactive), Senthil Kumaran (Inactive)
            • Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support

                  NextupJiraPlusStatus

                  Error rendering 'slack.nextup.jira:nextup-jira-plus-status'. Please contact your JIRA administrators.