[
https://issues.apache.org/jira/browse/MESOS-1585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14590924#comment-14590924
]
Jie Yu edited comment on MESOS-1585 at 6/18/15 12:38 AM:
---------------------------------------------------------
If you guys want to support network isolation for docker containers, please
create a new epic and link to this one. Thanks.
was (Author: jieyu):
If you guys want to support network isolation for docker containers, please
create a new ticket. Thanks.
> Container level network isolation
> ---------------------------------
>
> Key: MESOS-1585
> URL: https://issues.apache.org/jira/browse/MESOS-1585
> Project: Mesos
> Issue Type: Epic
> Components: isolation
> Reporter: Jie Yu
> Assignee: Jie Yu
> Fix For: 0.23.0
>
>
> The goal here is to provide network isolation between containers so that one
> container cannot saturate the entire network, affecting the performance of
> other containers.
> There are many options here. With the current network monitoring code
> (MESOS-1228, already committed), one option is to add a "tc police action" on
> the 'veth' of each container to drop packets when the traffic exceeds a
> certain limit.
> Other options include advanced shape control using tc classes (e.g., HTB,
> CBQ, etc.). We're gonna need to extend the current routing library to support
> that.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
