Hi, I am looking at using unified containerizer. As it only support host mode, it needs cni. However, it is not really clear for me regarding "public" ports.
If I have a container that needs to expose a port (let's say port 123), can I expose it via the Mesos API only? When I use cni, as I understood, I allocate an IP per container. If IP is routable in network, are all ports reachable (from any host / other container) ? Or should it be explicitly opened ? To be simple, can I launch a container that would expose to public (any host) only port 123 and other ports reachable only but containers in same "private network" : - container 1 expose public port 123 and private port 456 (accessible by container 2 only) - container 2 connects to container 1 port 456. For the moment, I am using the Docker containerizer with bridge mode, so exposing port was simply a matter of mapping ports. Private networks are managed by user networks of Docker. Thanks Olivier
