[ECS][Request] allow setting runtime for agent #673
Comments
|
#1072 <- a similar request which originated in ecs-agent repo |
fierlion
changed the title
fierlion
added
ECS
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
I'd like to run my ECS task containers on top of gVisor. It seems that this was possible in the past on ECS using an approach like this one:
https://aarongorka.com/blog/gvisor-on-ecs/
Notably the author had to disable the init system and ran the ecs-agent container through docker directly, and also had to manually set some volume binds and other settings. I tried to follow the same approach (updating to include new binds since the post was written, add the NET_ADMIN/SYS_ADMIN capabilities, etc), but in the end it still fails because ecs-agent added an explicit check for not being run directly:
https://github.com/aws/amazon-ecs-agent/blob/7fb101189ae57170a2cc2976d086bec5a4146b97/agent/app/agent_unix.go#L65-L73
It would be great if amazon-ecs-init allowed specifying the runtime so I could run task containers on gVisor and let ecs-agent continue to use runc
The text was updated successfully, but these errors were encountered: