[
https://issues.apache.org/jira/browse/MESOS-1621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14122500#comment-14122500
]
Timothy Chen commented on MESOS-1621:
-------------------------------------
Want to give a update after discussion with different folks about the design of
port mapping.
Currently with bridge networking mode we must allow the user to expose ports
from the container to the host otherwise it's not reachable. Docker has two
options to do so: 1) Expose all ports specified in the image (-P) 2) Explicit
mapping host port to container port. Technically there is a third option which
is to expose just some container ports and let Docker choose what host port to
map to.
The conflicting factor here is that we cannot simply let the users map ports
that is not part of the ports resource offer, so -P is not a viable option in
this case as we cannot choose what ports are end up being assigned.
Therefore I'm going for the explicit mapping ports option, and also verify that
each host port specified is in range of the ports resource used.
The cons of doing this is that for users that just submits a docker image
through a framework, if the framework doesn't expose information about the
ports resource offer it got then the user will not be able to know what ports
to explicitly map to.
This can be mitigated at least by framework developers to help either expose
this information, or choose to randomly choose ports for the users within the
resource offer range for each port the image exposes.
The only information that the user will need to know is that ports within the
container that it needs to be exposed.
> Docker run networking should be configurable and support bridge network
> -----------------------------------------------------------------------
>
> Key: MESOS-1621
> URL: https://issues.apache.org/jira/browse/MESOS-1621
> Project: Mesos
> Issue Type: Improvement
> Reporter: Timothy Chen
> Assignee: Timothy Chen
> Labels: Docker
>
> Currently to easily support running executors in Docker image, we hardcode
> --net=host into Docker run so slave and executor and reuse the same mechanism
> to communicate, which is to pass the slave IP/PORT for the framework to
> respond with it's own hostname and port information back to setup the tunnel.
> We want to see how to abstract this or even get rid of host networking
> altogether if we have a good way to not rely on it.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
