[
https://issues.apache.org/jira/browse/MESOS-2802?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14636930#comment-14636930
]
Peter Kolloch commented on MESOS-2802:
--------------------------------------
Hi [~bmahler], for some reason I missed the update notification, sorry.
A grace period can be made secure. If you refresh your load balancer
configuration every 30s (or by listening to update events) and your grace
period is 2min, it is very unlikely that you connect to an old application by
accident. If you want to be certain, you could adjust your load balancer such
that it refuses requests if its configuration is older than 100s. For this
solution, you only have to adjust one software component, the load balancer.
Nothing else has to be adjusted.
An alternative would be to set a HTTP header in the load balancer (e.g.
X-App-Id: my-app) and modify _ALL_ applications accepting HTTP requests in your
mesos cluster to reject requests that do not have the correct X-App-Id field.
While theoretically possible, this is hard to achieve and, even worse, it is
easy to forget adjusting one of your applications which was never meant to be
available to the outside world.
Can you think of a more practical solution than I for solving this problem on
an application-level?
> Prevent immediate reuse of network ports for different tasks
> ------------------------------------------------------------
>
> Key: MESOS-2802
> URL: https://issues.apache.org/jira/browse/MESOS-2802
> Project: Mesos
> Issue Type: Improvement
> Reporter: Peter Kolloch
> Labels: mesosphere
>
> Currently, if a task finishes or dies, another task might reuse the same port
> immediately afterwards. If another task or a load balancer connects to this
> port, still expecting the old task, there might be unpleasant surprises.
> For example, imagine that a visitor of your Mesos hosted web page sees your
> internal reporting tool instead of your company market material when hitting
> your page during an update.
> To make this less likely, Marathon contains code which tries to randomize
> dynamically assigned ports. This is a workaround at best and we would like to
> get rid of this code. I imagine that other frameworks might include similar
> code.
> As a solution, I propose a grace period for ports. If a task dies, the
> associated ports resources should not immediately go back into the resource
> pool. Instead, Mesos should wait for a configurable time and only then offer
> them for new tasks again.
> If you then specify a grace period of 2 minutes and update your service
> discovery load balancer every 30 seconds, you can be reasonably sure that no
> improper port reuse occurs.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
