Thanks for your answer,
I've watched your talk. Very interesting.
Let me check if I get everything staight :
- it is the hostports which are used to multiplex traffic into
container. My understanding is that, since each container is in it's
network namespace, it has its own full range of container ports and that
you use a direct mapping (hostport n <-> same container port n), is that
correct ?
- those ports which are divided into disjoint subsets are the ephermeral
ports. The non- ephemeral ports are in a set shared between all
containers, correct ?
- the use case you described is when you cannot afford one ip/container
and when you are using the mesos containeraizer : does it mean that
network mapping isolation makes no sense with the docker containerizer
or can it be somehow composed with it ?]
I didn't quite understand why you cannot use NAT (in the same way docker
in BRIDGE mode does) and assign as many ip addresses that you want in a
private network...
Thanks.
--
TH.