Return-Path: X-Original-To: apmail-mesos-dev-archive@www.apache.org Delivered-To: apmail-mesos-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AA13C18F8E for ; Tue, 2 Feb 2016 07:35:36 +0000 (UTC) Received: (qmail 78740 invoked by uid 500); 2 Feb 2016 07:35:36 -0000 Delivered-To: apmail-mesos-dev-archive@mesos.apache.org Received: (qmail 78653 invoked by uid 500); 2 Feb 2016 07:35:36 -0000 Mailing-List: contact dev-help@mesos.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@mesos.apache.org Delivered-To: mailing list dev@mesos.apache.org Received: (qmail 78640 invoked by uid 99); 2 Feb 2016 07:35:35 -0000 Received: from Unknown (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Feb 2016 07:35:35 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 89C5DC0873 for ; Tue, 2 Feb 2016 07:35:35 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.401 X-Spam-Level: ** X-Spam-Status: No, score=2.401 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2.5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, WEIRD_PORT=0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-us-east.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id eJnkUAyQlbvw for ; Tue, 2 Feb 2016 07:35:29 +0000 (UTC) Received: from mail-lb0-f173.google.com (mail-lb0-f173.google.com [209.85.217.173]) by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with ESMTPS id 8B11942A20 for ; Tue, 2 Feb 2016 07:35:28 +0000 (UTC) Received: by mail-lb0-f173.google.com with SMTP id e9so1087378lbp.1 for ; Mon, 01 Feb 2016 23:35:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-type; bh=Ivvsm+moWrk5FsBbUlieeR5R6+H2ErnKFQFeC9jGeAQ=; b=Z4zt9zfpmL9/07jBsx5IsslehA+apCRkIquNxAiN5ZZSurxmaPSjV1iYb52ram14FA ziCUCtBedqvGzx8nBfnZ90Ajh9+V7rTcrQZ19OfR0N5S3Ia1o3PnmpK8Q4B+4vpgJC0C Tu0QigITs7QgNx38lEvmp8Ob2mi5nUyDJ5j9Wovb1wrNe4OYqUxa76KUw64rRa89ifKJ 1ousEbDfdKP6i5ByITtuaXJwrY3YFlQOaDuS6Stx9S1vt6maWKrVvj9MikcYWZfD5va7 au+tKQiwA1Bq5/eNpWlzdqJzxCoTvD2Ol+WhF/uy6QF0V9lDGfBESmpF5/TkRAfGPBHi tEfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-type; bh=Ivvsm+moWrk5FsBbUlieeR5R6+H2ErnKFQFeC9jGeAQ=; b=IvASjdDI16O8Ai9fT/qiow9ckflGZOpuODaTfTnpC/D+NugPM8u6nWN7NgSrM07+DU 4j/wQULKa8Ux8FITcS0zBtCQffy10lNXF876opqwaZZQ9OjqbiMluIZKkzpr4eHWsKuJ 9FClexJmrlmpLgt2TlIKfvPi55S9HFN7gf2DNZGXq7mEEajyD51A9WpvFsj/nYenhNXb 9MvAtMQq+f5ouQGZMYf1XPC4jVMURN51JBZs6pOvRjYpV8sts2AidBhSbuN9jk5XHRPv fdlilTT2pzSnI2xjfevBiqtozElOLDSNz4AellhiNwhy4kkS5nI3da6IXqSOpS3faunZ domQ== X-Gm-Message-State: AG10YOSn0agNLldkBOn1D6phsE5rok7otUIpGkNi3HBf6IHyqPj0Z44BnL7fXWhFLtZffNTjENup+7lN7AsuFQ== X-Received: by 10.112.78.33 with SMTP id y1mr9936300lbw.62.1454398527440; Mon, 01 Feb 2016 23:35:27 -0800 (PST) MIME-Version: 1.0 References: <56AE6DF0.9090600@yandex-team.ru> In-Reply-To: <56AE6DF0.9090600@yandex-team.ru> From: Vetoshkin Nikita Date: Tue, 02 Feb 2016 07:35:17 +0000 Message-ID: Subject: Re: Some initial thoughts on IPv6 To: dev@mesos.apache.org Content-Type: multipart/alternative; boundary=001a11c3ec10970e8f052ac48be4 --001a11c3ec10970e8f052ac48be4 Content-Type: text/plain; charset=UTF-8 All thumbs up for (1). I think supporting several IP addresses (and thus sockets) can be tricky to implement in libprocess and will require some machinery for setting things up and tearing down (what if only one bind() of N will succeed, etc.). It may also make debugging stuff harder (e.g. firewalls, routes, etc can result in user complains like "I can successfully connect from this host, but not this one"). Not sure though if we need to support (set) IPV6_V6ONLY flag (man 7 ipv6). I'm a bit worried about MasterInfo.ip attribute. How "deprecated" it is. Did currently existing frameworks/language bindings already abandon it? On Mon, Feb 1, 2016 at 1:27 AM Evers Benno wrote: > Hi all, > > after looking through the mesos source code for a while, here are > some of my initial thoughts. > > There seem to be at least two issues that can be tackled separately: > - Communication between mesos daemons over the network > - Communication in and out of containers when using network isolation > > Having the first one would already be valuable for installations that > don't use network isolation, so I'll focus on this for now. > > If a mesos master daemon runs on say mesos-master.example.org:5050, and > this host has both A and AAAA addresses configured it seems to be > desirable that slaves can communicate with this node over both IPv4 and > IPv6, depending on their own capabilities. > > From the client perspective, the problem is solved by the "Happy > Eyeballs" algorithm, i.e. trying both possibilities and using > the one where it is possible to connect. The only complication is that > address resolution should probably be delayed until we actually want to > connect, to avoid spurious failures. > > On the server side it is a bit more subtle, since the server has to > decide which address it should bind its listening socket to. Some > possibilities would be: > > 1) Do nothing special, just bind to the address that was specified > 2) Allow specifying multiple listen IP's > 3) Allow to specify a network interface and port and open two separate > listening sockets for IPv4 and IPv6 > > These are not mutually exclusive. > > It seems that (2) and (3) would be desirable anyways, since they would > also enable running on hosts with multiple network interfaces. > > It is however worth noting that (1) already gets us quite far without > changing the assumption that there is a single IP associated to a mesos > daemon: If an IPv4 address is specified, things will work the same as > before, and if there is an IPv6 address specified it will by default > accept connections from both IPv4 and IPv6 sources. This behaviour can > even be changed at system-level, if not desired. (via > /proc/sys/net/ipv6/bindv6only, or the mac/windows equivalent). > > So, tl;dr: I believe a lot of of useful progress could already be > achieved by a relatively small patch series, that: > > - Fills in the blanks in stout's net:IP, and gives all functions > which take an explicit "family"-argument a default value of > AF_UNSPEC > - Updates the IPv4-specific parts in libprocess (in particular, the > parsing of IP literals in URL strings and the constructor > Socket::create(Kind, Option fd), which should probably be split > into e.g. Socket::make(sa_family_t, Kind) and > Socket::wrap(int fd, Kind)) > - Changes all calling sites to use the new functions > > The protobuf IPC format doesn't seem to require any changes, since the > only IPv4-dependent field (MasterInfo.ip) was already deprecated in 0.24.0. > > After this, the next step would then be to look at network isolation and > enabling communication in and out of containers. > > Thoughts? Comments? Am I missing something? > > Best regards, > Benno > --001a11c3ec10970e8f052ac48be4--