mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cody Maloney" <c...@mesosphere.io>
Subject Re: Review Request 39388: Explicitly set the `LIBPROCESS_IP` env variable for docker containers.
Date Thu, 05 Nov 2015 21:30:52 GMT


> On Nov. 2, 2015, 5:43 a.m., Timothy Chen wrote:
> > src/docker/docker.cpp, line 433
> > <https://reviews.apache.org/r/39388/diff/2/?file=1100523#file1100523line433>
> >
> >     I think there are two problems here to address:
> >     - --net is not always set to host, and if it's not it's causing problem as LIBPROCESS_IP
takes precedence and also causes framework to not be able to connect
> >     - docker code here in src/docker/docker.cpp is meant to be an abstraction to
run docker, which we use to run executors and docker tasks. It shouldn't really have logic
like this embedded especialy when this is not the desire effect for all docker containers
we ever launch from Mesos. And really this problem and setting has to be two cases 1) We run
a executor in the docker container 2) --net is host. We need to specifically solve this outside
of the docker abstraction.

libprocess processes running with non-host networking (--net=bridge) won't work as libprocess
processes doesn't like crossing NAT boundaries (which bridge networking is).

That we set it to the host IP might actually make it work better than if we don't (The libprocess
inside the docker container announces the public host IP, which makes it so if it is talking
to libprocess processes on other remote hosts, the remote hosts will get the IP which actually
works to connect back, rather than the docker internal IP which doesn't. If you're running
a bunch of things on the same host and connecting the docker networks together then that wouldn't
work. The way libprocess works I think making both those work at once isn't feasible, and
the --net=host working at all is generally preferrable (We launch mesos frameworks inside
of docker containers, they need to talk to the Mesos Master using libmesos)


- Cody


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/39388/#review104679
-----------------------------------------------------------


On Oct. 17, 2015, 11:18 p.m., Michael Park wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/39388/
> -----------------------------------------------------------
> 
> (Updated Oct. 17, 2015, 11:18 p.m.)
> 
> 
> Review request for mesos and Niklas Nielsen.
> 
> 
> Bugs: MESOS-3740
>     https://issues.apache.org/jira/browse/MESOS-3740
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> See summary.
> 
> 
> Diffs
> -----
> 
>   src/docker/docker.cpp 56d63dc75637c9f89a239af371f476a85a570696 
>   src/tests/containerizer/docker_containerizer_tests.cpp 4bb65afd0ee61cafef68e064a697fdce65d60058

> 
> Diff: https://reviews.apache.org/r/39388/diff/
> 
> 
> Testing
> -------
> 
> Added `DockerContainerizerTest.ROOT_DOCKER_LaunchWithLibprocessIP` test which fails without
the changes made to `src/docker/docker.cpp`.
> 
> 
> Thanks,
> 
> Michael Park
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message