RE: Is chained cni networks supported in mesos 1.7
Hmm, I guess I should not get my hopes up this will be there soon?
[0]
https://issues.apache.org/jira/browse/MESOS-7178
-Original Message-
From: Jie Yu [mailto:yujie@gmail.com]
Sent: woensdag 24 juli 2019 21:35
To: user
Subject: Re: Is chained cni networks supported in mesos 1.7
No, not yet
On Wed, Jul 24, 2019 at 12:27 PM Marc Roos
wrote:
This error message of course
E0724 21:19:17.852210 1160 cni.cpp:330] Failed to parse CNI
network
configuration file '/etc/mesos-cni/93-chain.conflist': Protobuf
parse
failed: Missing required fields: typ
-Original Message-
Subject: Is chained cni networks supported in mesos 1.7
I am getting this error, while I don not have problems using it
with
cnitool.
cni.cpp:330] Failed to parse CNI network configuration file
'/etc/mesos-cni/93-chain-routing-overwrite.conflist.bak': Protobuf
parse
failed: Missing required fields: type
[@ mesos-cni]# cat 93-chain.conflist
{
"name": "test-chain",
"plugins": [{
"type": "bridge",
"bridge": "test-chain0",
"isGateway": false,
"isDefaultGateway": false,
"ipMasq": false,
"ipam": {
"type": "host-local",
"subnet": "10.15.15.0/24"
}
},
{
"type": "portmap",
"capabilities": {"portMappings": true},
"snat": false
}]
}
[@ mesos-cni]# CNI_PATH="/usr/libexec/cni/"
NETCONFPATH="/etc/mesos-cni" cnitool-0.5.2 add test-chain
/var/run/netns/testing {
"ip4": {
"ip": "10.15.15.2/24",
"gateway": "10.15.15.1"
},
"dns": {}
Re: Is chained cni networks supported in mesos 1.7
No, not yet
On Wed, Jul 24, 2019 at 12:27 PM Marc Roos wrote:
>
>
>
>
>
> This error message of course
> E0724 21:19:17.852210 1160 cni.cpp:330] Failed to parse CNI network
> configuration file '/etc/mesos-cni/93-chain.conflist': Protobuf parse
> failed: Missing required fields: typ
>
>
> -Original Message-
> Subject: Is chained cni networks supported in mesos 1.7
>
>
> I am getting this error, while I don not have problems using it with
> cnitool.
>
> cni.cpp:330] Failed to parse CNI network configuration file
> '/etc/mesos-cni/93-chain-routing-overwrite.conflist.bak': Protobuf parse
> failed: Missing required fields: type
>
> [@ mesos-cni]# cat 93-chain.conflist
> {
> "name": "test-chain",
> "plugins": [{
> "type": "bridge",
> "bridge": "test-chain0",
> "isGateway": false,
> "isDefaultGateway": false,
> "ipMasq": false,
> "ipam": {
> "type": "host-local",
> "subnet": "10.15.15.0/24"
> }
> },
> {
> "type": "portmap",
> "capabilities": {"portMappings": true},
> "snat": false
> }]
> }
>
>
> [@ mesos-cni]# CNI_PATH="/usr/libexec/cni/"
> NETCONFPATH="/etc/mesos-cni" cnitool-0.5.2 add test-chain
> /var/run/netns/testing {
> "ip4": {
> "ip": "10.15.15.2/24",
> "gateway": "10.15.15.1"
> },
> "dns": {}
>
>
>
RE: Is chained cni networks supported in mesos 1.7
This error message of course
E0724 21:19:17.852210 1160 cni.cpp:330] Failed to parse CNI network
configuration file '/etc/mesos-cni/93-chain.conflist': Protobuf parse
failed: Missing required fields: typ
-Original Message-
Subject: Is chained cni networks supported in mesos 1.7
I am getting this error, while I don not have problems using it with
cnitool.
cni.cpp:330] Failed to parse CNI network configuration file
'/etc/mesos-cni/93-chain-routing-overwrite.conflist.bak': Protobuf parse
failed: Missing required fields: type
[@ mesos-cni]# cat 93-chain.conflist
{
"name": "test-chain",
"plugins": [{
"type": "bridge",
"bridge": "test-chain0",
"isGateway": false,
"isDefaultGateway": false,
"ipMasq": false,
"ipam": {
"type": "host-local",
"subnet": "10.15.15.0/24"
}
},
{
"type": "portmap",
"capabilities": {"portMappings": true},
"snat": false
}]
}
[@ mesos-cni]# CNI_PATH="/usr/libexec/cni/"
NETCONFPATH="/etc/mesos-cni" cnitool-0.5.2 add test-chain
/var/run/netns/testing {
"ip4": {
"ip": "10.15.15.2/24",
"gateway": "10.15.15.1"
},
"dns": {}
Is chained cni networks supported in mesos 1.7
I am getting this error, while I don not have problems using it with
cnitool.
cni.cpp:330] Failed to parse CNI network configuration file
'/etc/mesos-cni/93-chain-routing-overwrite.conflist.bak': Protobuf parse
failed: Missing required fields: type
[@ mesos-cni]# cat 93-chain.conflist
{
"name": "test-chain",
"plugins": [{
"type": "bridge",
"bridge": "test-chain0",
"isGateway": false,
"isDefaultGateway": false,
"ipMasq": false,
"ipam": {
"type": "host-local",
"subnet": "10.15.15.0/24"
}
},
{
"type": "portmap",
"capabilities": {"portMappings": true},
"snat": false
}]
}
[@ mesos-cni]# CNI_PATH="/usr/libexec/cni/"
NETCONFPATH="/etc/mesos-cni" cnitool-0.5.2 add test-chain
/var/run/netns/testing
{
"ip4": {
"ip": "10.15.15.2/24",
"gateway": "10.15.15.1"
},
"dns": {}
Re: Firewall options
Use Calico as a CNI network, you can then use Calico to apply network policies. On Wed, 24 Jul 2019, 15:52 Marc Roos, wrote: > > > I am having a test setup with mesos and marathon, and playing now a bit > with haproxy. On vm's I am using iptables to throttle brute force rdp > connections for instance. > What would be the advised way to apply this to the haproxy app? > > > > > > >
Firewall options
I am having a test setup with mesos and marathon, and playing now a bit with haproxy. On vm's I am using iptables to throttle brute force rdp connections for instance. What would be the advised way to apply this to the haproxy app?
