> On Nov. 2, 2015, 5:43 a.m., Timothy Chen wrote: > > src/docker/docker.cpp, line 433 > > <https://reviews.apache.org/r/39388/diff/2/?file=1100523#file1100523line433> > > > > I think there are two problems here to address: > > - --net is not always set to host, and if it's not it's causing problem > > as LIBPROCESS_IP takes precedence and also causes framework to not be able > > to connect > > - docker code here in src/docker/docker.cpp is meant to be an > > abstraction to run docker, which we use to run executors and docker tasks. > > It shouldn't really have logic like this embedded especialy when this is > > not the desire effect for all docker containers we ever launch from Mesos. > > And really this problem and setting has to be two cases 1) We run a > > executor in the docker container 2) --net is host. We need to specifically > > solve this outside of the docker abstraction.
libprocess processes running with non-host networking (--net=bridge) won't work as libprocess processes doesn't like crossing NAT boundaries (which bridge networking is). That we set it to the host IP might actually make it work better than if we don't (The libprocess inside the docker container announces the public host IP, which makes it so if it is talking to libprocess processes on other remote hosts, the remote hosts will get the IP which actually works to connect back, rather than the docker internal IP which doesn't. If you're running a bunch of things on the same host and connecting the docker networks together then that wouldn't work. The way libprocess works I think making both those work at once isn't feasible, and the --net=host working at all is generally preferrable (We launch mesos frameworks inside of docker containers, they need to talk to the Mesos Master using libmesos) - Cody ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/39388/#review104679 ----------------------------------------------------------- On Oct. 17, 2015, 11:18 p.m., Michael Park wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/39388/ > ----------------------------------------------------------- > > (Updated Oct. 17, 2015, 11:18 p.m.) > > > Review request for mesos and Niklas Nielsen. > > > Bugs: MESOS-3740 > https://issues.apache.org/jira/browse/MESOS-3740 > > > Repository: mesos > > > Description > ------- > > See summary. > > > Diffs > ----- > > src/docker/docker.cpp 56d63dc75637c9f89a239af371f476a85a570696 > src/tests/containerizer/docker_containerizer_tests.cpp > 4bb65afd0ee61cafef68e064a697fdce65d60058 > > Diff: https://reviews.apache.org/r/39388/diff/ > > > Testing > ------- > > Added `DockerContainerizerTest.ROOT_DOCKER_LaunchWithLibprocessIP` test which > fails without the changes made to `src/docker/docker.cpp`. > > > Thanks, > > Michael Park > >
