Olivier, Sorry for the late response. I think in that case, you'll have to wait a little bit. We'll likely provide native CNI bridge support in Mesos (i.e., Mesos distribution will include the corresponding bridge plugin and port mapping plugin) so that operators does not have to explicitly setup CNI to use bridge/port mapping. cc @avinash.
- Jie On Fri, Jul 29, 2016 at 12:44 AM, Olivier Sallou <[email protected]> wrote: > > > ----- Mail original ----- > > De: "Jie Yu" <[email protected]> > > À: "dev" <[email protected]> > > Cc: "Qian AZ Zhang" <[email protected]>, "Avinash Sridharan" < > [email protected]> > > Envoyé: Jeudi 28 Juillet 2016 18:41:33 > > Objet: Re: cni / public port questions > > > > you can still use bridge with CNI (you'll need to use the built-in bridge > > plugin of CNI). > > > > Port mapping is still under development. Expecting this coming soon. > > Yes, I had seen that feature ni JIRA, but was wondering if there were > other solutions in the meanwhile. As my containers need to expose some > ports to public, port mapping is needed for bridge. So either I keep my > existing docker containerizer with Docker bridge, either I switch to > unified with CNI and port management (more complex to setup and more > complex to manage by framework). > > I would have like not to force my framework users to use a CNI tool while > switching my code to unified containerizer. This would complexify code > upgrades (impacts mesos install, even for simple bridge CNI). > > This means that frameworks willing to switch to unifed cont. need to > continue to provide docker cont. for existing installations (we can't force > a mesos admin to switch to CNI just for a framework). > > Thanks > > Olivier > > > > > - Jie > > > > On Thu, Jul 28, 2016 at 2:44 AM, haosdent <[email protected]> wrote: > > > > > Hi, @Olivier. The port forwarding of mesos is still under > implementing. You > > > could subscribe https://issues.apache.org/jira/browse/MESOS-4823 to > track > > > the progress. > > > > > > On Thu, Jul 28, 2016 at 4:42 PM, Olivier Sallou < > [email protected]> > > > wrote: > > > > > > > Hi, > > > > I am looking at using unified containerizer. As it only support host > > > mode, > > > > it needs cni. > > > > However, it is not really clear for me regarding "public" ports. > > > > > > > > If I have a container that needs to expose a port (let's say port > 123), > > > > can I expose it via the Mesos API only? > > > > > > > > When I use cni, as I understood, I allocate an IP per container. If > IP is > > > > routable in network, are all ports reachable (from any host / other > > > > container) ? Or should it be explicitly opened ? > > > > > > > > To be simple, can I launch a container that would expose to public > (any > > > > host) only port 123 and other ports reachable only but containers in > same > > > > "private network" : > > > > > > > > - container 1 expose public port 123 and private port 456 > (accessible by > > > > container 2 only) > > > > - container 2 connects to container 1 port 456. > > > > > > > > For the moment, I am using the Docker containerizer with bridge > mode, so > > > > exposing port was simply a matter of mapping ports. Private networks > are > > > > managed by user networks of Docker. > > > > > > > > > > > > Thanks > > > > > > > > Olivier > > > > > > > > > > > > > > > > > -- > > > Best Regards, > > > Haosdent Huang > > > > > >
