You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Jie Yu (JIRA)" <ji...@apache.org> on 2015/06/18 02:21:03 UTC

[jira] [Updated] (MESOS-1585) Container level network isolation

     [ https://issues.apache.org/jira/browse/MESOS-1585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jie Yu updated MESOS-1585:
--------------------------
    Assignee:     (was: Jie Yu)

> Container level network isolation
> ---------------------------------
>
>                 Key: MESOS-1585
>                 URL: https://issues.apache.org/jira/browse/MESOS-1585
>             Project: Mesos
>          Issue Type: Epic
>          Components: isolation
>            Reporter: Jie Yu
>
> The goal here is to provide network isolation between containers so that one container cannot saturate the entire network, affecting the performance of other containers.
> There are many options here. With the current network monitoring code (MESOS-1228, already committed), one option is to add a "tc police action" on the 'veth' of each container to drop packets when the traffic exceeds a certain limit.
> Other options include advanced shape control using tc classes (e.g., HTB, CBQ, etc.). We're gonna need to extend the current routing library to support that.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)