Skip to content
This repository has been archived by the owner on Oct 23, 2024. It is now read-only.

Remove "netinfo" from IPSources #369

Open
sargun opened this issue Nov 24, 2015 · 3 comments
Open

Remove "netinfo" from IPSources #369

sargun opened this issue Nov 24, 2015 · 3 comments
Labels
techdebt

Comments

@sargun
Copy link
Contributor

sargun commented Nov 24, 2015

We added NetInfo to IPSources in 0.4, which allows Mesos-DNS to pull A record information from the "NetworkInfo" field in state.json. In our understanding this was only to be used by the modules which were using this for customizing the IPs per container.

Unfortunately, this was not the case! The docker containerizer uses NetworkInfo as well, and can set the inside container of the IP in NetworkInfo. This means that this becomes the A record in Mesos-DNS, rendering the container inaccessible.

There are a couple things here:

  • Remove NetInfo from the default list of IPSources in Mesos-DNS

  • Add it back in, but with a reachability-checker, that does an ICMP ping before allowing an address to be marked as valid.

    This would require that people either run Mesos-DNS as root, or we configure: net.ipv4.ping_group_range
@sargun
Copy link
Contributor Author

sargun commented Nov 24, 2015

@jdef As a stop-gap, I think rather than removing "netinfo" as a source in config.go, we add the "sources" field to config.json.sample, and set it to ["mesos", "host"]. That way, it doesn't break old installations relying on the behaviour, but everyone who starts from the config.json.sample is in good shape.

#370

@jdef
Copy link
Contributor

jdef commented Nov 24, 2015

Some thoughts:

  • if we're not removing it from the coded defaults, then it needs to be
    very clear from the documentation that - by default - users can expect
    to encounter problems w/ mesos-dns and a docker-based cluster unless they
    remove netinfo from config.ipsources. though i'm more inclined to make
    the change to the coded defaults for ipsources since docker, by default,
    breaks mesos-dns for people (given our current defaults list).
  • ideally we'd have a labels or source field associated with each
    IPAddress so that we could apply some better filtering, otherwise we have
    no idea which IP's come from the docker containerizer, or some random mesos
    networking module.
  • reachability checks: i'd rather see this written up as a separate
    proposal so that we can flesh out requirements and any potential concerns
    (e.g. scalability of pinging for reachability in cluster w/ 1 million
    tasks).

On Tue, Nov 24, 2015 at 12:13 PM, Sargun Dhillon [email protected]
wrote:

@jdef https://github.com/jdef As a stop-gap, I think rather than
removing "netinfo" as a source in config.go, we add the "sources" field to
config.json.sample, and set it to ["mesos", "host"]. That way, it doesn't
break old installations relying on the behaviour, but everyone who starts
from the config.json.sample is in good shape.


Reply to this email directly or view it on GitHub
#369 (comment)
.

@jdef jdef added the techdebt label Jul 12, 2017
@jdef
Copy link
Contributor

jdef commented Jul 12, 2017

#477

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
techdebt
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sargun @jdef