[ClusterLabs Developers] bundle/rkt: port-mapping numbers/names

Valentin Vidic Valentin.Vidic at CARNet.hr
Wed Jul 19 18:32:29 UTC 2017 

On Wed, Jul 19, 2017 at 06:53:44PM +0200, Jan Pokorný wrote:
> I don't think that alone would suffice, I'd expect at least (port,transport)
> pair to be reasonably unique as long as you can remap TCP/UDP independently
> (I am not sure, but would be no surprise) -- but hey, we have just hit
> another limitation of the current schema (transport layer not being
> taken into account -- is TCP silently assumed, then?).

In the rkt case the protocol is taken from the container definition (port
xport element from the previous mail), so the iptables rule is assembled
like this:

	{ // nat the destination
		chainDNAT,
		[]string{
			"-d", dstIPHost,
			"-p", fp.PodPort.Protocol,
			"--dport", dstPortHost,
			"-j", "DNAT",
			"--to-destination", socketPod,
		},
	},

> Valentin, is rkt able so serve containers from one image/location
> in multiple instances in parallel?

Not sure if this is what you ment, but the overlay for both running
instances uses the same lowerdir:

overlay /srv/container/rkt/pods/run/b04804fc-bcbb-412e-ab00-03e85d6ad7d6/stage1/rootfs/opt/stage2/httpd-bundle-a-rkt-0/rootfs overlay rw,relatime,lowerdir=/srv/container/rkt/cas/tree/deps-sha512-a6412f2e7504bbb441ddb115465a414d9749dd24e362e4c2ec8319a314ae0927/rootfs,upperdir=/srv/container/rkt/pods/run/b04804fc-bcbb-412e-ab00-03e85d6ad7d6/overlay/deps-sha512-a6412f2e7504bbb441ddb115465a414d9749dd24e362e4c2ec8319a314ae0927/upper/httpd-bundle-a-rkt-0,workdir=/srv/container/rkt/pods/run/b04804fc-bcbb-412e-ab00-03e85d6ad7d6/overlay/deps-sha512-a6412f2e7504bbb441ddb115465a414d9749dd24e362e4c2ec8319a314ae0927/work/httpd-bundle-a-rkt-0 0 0
overlay /srv/container/rkt/pods/run/16d1bcbd-f554-4cab-b955-05a62c3c1118/stage1/rootfs/opt/stage2/httpd-bundle-a-rkt-1/rootfs overlay rw,relatime,lowerdir=/srv/container/rkt/cas/tree/deps-sha512-a6412f2e7504bbb441ddb115465a414d9749dd24e362e4c2ec8319a314ae0927/rootfs,upperdir=/srv/container/rkt/pods/run/16d1bcbd-f554-4cab-b955-05a62c3c1118/overlay/deps-sha512-a6412f2e7504bbb441ddb115465a414d9749dd24e362e4c2ec8319a314ae0927/upper/httpd-bundle-a-rkt-1,workdir=/srv/container/rkt/pods/run/16d1bcbd-f554-4cab-b955-05a62c3c1118/overlay/deps-sha512-a6412f2e7504bbb441ddb115465a414d9749dd24e362e4c2ec8319a314ae0927/work/httpd-bundle-a-rkt-1 0 0

-- 
Valentin

More information about the Developers mailing list