You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@mesos.apache.org by Jie Yu <yu...@gmail.com> on 2018/08/23 16:33:47 UTC

[Containerization] Mesos CNI support

Hi,

If you are not using Mesos CNI integration, please ignore this email.

Recently, we discovered a few bugs related to our CNI integration when
there are lots of containers (200+) on a single agent box. Please see the
following tickets for details.

MESOS-9125 <https://issues.apache.org/jira/browse/MESOS-9125>: Port mapper
CNI plugin might fail with "Resource temporarily unavailable
MESOS-9127 <https://issues.apache.org/jira/browse/MESOS-9127>: Port mapper
CNI plugin might deadlock iptables on the agent
MESOS-9142 <https://issues.apache.org/jira/browse/MESOS-9142>: CNI detach
might fail due to missing network config file

We fixed all of them, and backported the fixes to the currently maintained
patch releases. Please refer to the corresponding tickets for the fix
versions.

Also, if you're using any CNI plugin that depends on the host local IPAM
<https://github.com/containernetworking/plugins/tree/master/plugins/ipam/host-local>,
for example, the bridge plugin
<https://github.com/containernetworking/plugins>, please make sure the host
local IPAM's `dataDir`
<https://github.com/containernetworking/plugins/tree/master/plugins/ipam/host-local#network-configuration-reference>
points to a tmpfs which gets cleaned up when reboot happens. Otherwise, the
IP address will be leaked, and you will hit IP allocation failure if your
box has constant reboots.

Please reach out if you have any question!

- Jie