[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Condor + Docker?

On 7/11/2014 6:23 PM, Martin BukatoviÄ wrote:
On 07/10/2014 10:47 PM, Greg Thain wrote:
On 07/10/2014 03:39 PM, Branden Timm wrote:
That's great, I hadn't noticed the existing cgroup support in the

Moreover there is also support for further filesystem isolation
via bind mounts:


Similar to Docker, HTCondor already leverages a lot of Linux kernel features to provide job isolation on a machine - cgroups (limit ram, cpu), pid namespaces, cpu affinity, bind mounts (useful for giving each job its own /tmp that is cleaned up on job exit), chroot jails, ... a pithy overview of capabilities in this area are in the slides from this presentation at HTCondor Week 2013:


In v8.3.x, we are adding network namespace isolation. And also looking at ways to make it easy for folks using Docker (i.e. a Docker job universe perhaps).