[ https://issues.apache.org/jira/browse/MESOS-4823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15197757#comment-15197757 ]
Dan Osborne commented on MESOS-4823: ------------------------------------ What is the use case for requiring port forwarding? I don't believe this feature request should be implemented, as I don't believe that port forwarding fits into the larger CNI story. CNI defines a container's network as "a group of entities that are uniquely addressable". In general, CNI plugins do not make use of port forwarding because addresses in their network are *uniquely* addressable. The port which a container is running services on should be accessible on the IP address the CNI network assigned to it. I believe that forwarding a port on the agent's IP to a port on the CNI network's IP is fundamentally wrong, as it suggests that the container's CNI IP is not uniquely addressable. > Implement port forwarding in `network/cni` isolator > --------------------------------------------------- > > Key: MESOS-4823 > URL: https://issues.apache.org/jira/browse/MESOS-4823 > Project: Mesos > Issue Type: Task > Components: containerization > Environment: linux > Reporter: Avinash Sridharan > Assignee: Avinash Sridharan > Priority: Critical > Labels: mesosphere > > Most docker and appc images wish ports that micro-services are listening on, > to the outside world. When containers are running on bridged (or ptp) > networking this can be achieved by installing port forwarding rules on the > agent (using iptables). This can be done in the `network/cni` isolator. > The reason we would like this functionality to be implemented in the > `network/cni` isolator, and not a CNI plugin, is that the specifications > currently do not support specifying port forwarding rules. Further, to > install these rules the isolator needs two pieces of information, the exposed > ports and the IP address associated with the container. Bother are available > to the isolator. -- This message was sent by Atlassian JIRA (v6.3.4#6332)