Step-by-Step Guide to Building a Mesos + Marathon Cluster on macOS with Docker

After thanking readers of the VIPDOCKER WeChat account, the author announces the open‑source release of the Saturn distributed scheduling platform (based on Dangdang Elastic Job) and invites collaboration via a WeChat group.

Motivated to avoid heavyweight VM setups, the author decides to run a Mesos test cluster on macOS using Docker’s “native” mode, despite encountering numerous pitfalls.

The official Mesosphere Mesos‑slave image lacks the curl command, which is required for pulling images; therefore a custom Dockerfile is created:

FROM mesosphere/mesos-slave:1.1.0-2.0.107.ubuntu1404
MAINTAINER [email protected]
RUN apt-get update && apt-get install -y curl && apt-get clean

The image is built with:

docker build -t mesos-slave .

When using Daocloud’s domestic registry, the default HTTPS scheme caused pull failures; the workaround is to use an HTTP registry on port 80 or switch to an Alibaba Cloud registry that supports HTTPS.

macOS Docker is not truly “native” – it runs a hidden Linux VM whose disk image resides at /Users/macbook/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2 . Large builds can inflate this file, so the author advises keeping Dockerfiles in isolated directories.

To access the Docker VM, the following privileged container is used:

docker run -it --rm --privileged --pid=host --net=host -v /:/rootfs --entrypoint=/bin/sh alpine
cd /rootfs
chroot /rootfs

For remote management, socat exposes the Docker daemon over TCP, enabling Portainer to run a web UI:

socat TCP-LISTEN:2375,range=192.168.31.254/32,reuseaddr,fork UNIX-CLIENT:/var/run/docker.sock

docker run -d -p 9000:9000 --restart always portainer/portainer -H tcp://192.168.31.254:2375

Cluster components are then containerized:

Zookeeper: docker run --name zookeeper --restart always -d -p 2181:2181 -p 2888:2888 -p 3888:3888 zookeeper

Mesos master is started with a set of environment variables (e.g., MESOS_PORT=5050 , MESOS_ZK=zk://192.168.31.254:2181/mesos , MESOS_HOSTNAME set to the host IP) using the image mesosphere/mesos-master:1.1.0-2.0.107.ubuntu1404 .

Each Mesos slave runs the custom image built earlier, with numerous flags such as MESOS_CONTAINERIZERS=mesos,docker , MESOS_IMAGE_PROVIDERS=docker , MESOS_DOCKER_REGISTRY=https://r6w9c7qa.mirror.aliyuncs.com , and advertising IP/port settings. The second slave differs only in exposed ports.

Marathon is deployed with:

docker run -d -p 8080:8080 mesosphere/marathon:v1.3.6 --master zk://172.17.0.3:2181/mesos --zk zk://172.17.0.3:2181/marathon

Through Marathon’s UI or JSON mode, a simple Docker container can be launched using a JSON payload, and a Mesos (Unified) container can be launched by changing the type field to MESOS . Image names are discovered via curl commands against the Alibaba registry.

To debug containers, the author demonstrates using docker exec , locating the Mesos executor PID, and entering the container’s rootfs with chroot or the nsenter binary (obtained from the jpetazzo/nsenter image). The guide notes that without CNI configuration, Mesos containers default to host networking.

With all components running, the full Mesos + Marathon test environment is operational, and readers are invited to ask questions.