Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 4E8FC200BBC for ; Sun, 13 Nov 2016 16:12:43 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 4D2A6160AF8; Sun, 13 Nov 2016 15:12:43 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 95A53160AF2 for ; Sun, 13 Nov 2016 16:12:42 +0100 (CET) Received: (qmail 27508 invoked by uid 500); 13 Nov 2016 15:12:41 -0000 Mailing-List: contact user-help@mesos.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@mesos.apache.org Delivered-To: mailing list user@mesos.apache.org Received: (qmail 27498 invoked by uid 99); 13 Nov 2016 15:12:41 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 13 Nov 2016 15:12:41 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 286F2C1208 for ; Sun, 13 Nov 2016 15:12:41 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.101 X-Spam-Level: X-Spam-Status: No, score=-0.101 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd1-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=frankscholten.nl Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id 8jKk4kfy_CQL for ; Sun, 13 Nov 2016 15:12:39 +0000 (UTC) Received: from smtp29.bhosted.nl (smtp29.bhosted.nl [94.124.121.41]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id BA1555FC52 for ; Sun, 13 Nov 2016 15:12:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=frankscholten.nl; s=201510; h=from:subject:date:message-id:to:mime-version:content-type; bh=y1aPlV1jZLtdMzwqkXm+wL2dWqCeDRr5HVFne7QA6xI=; b=RPq2Bw1ldc0ptqPot79HX620JDRtvPH9MJkEolnbHBn/Msdkn6s2tyNHHJjdCE58g3tjEjTc3REtv nPsbmNLMNVTqoCwusIc3yHIjmMhfSCsGLPMekDIFwNJ56sQ8Iz6uaZMHNmyPN3bdr4QZCQX3t1OZMN 4YCX2jgjtr2gf2m+NAxAtsjDNssFKNYa41amHogsg6o51MP5O5UtDMsUEwXBw/3taf2ru72FLU0oTY MkZDgkKbwOUJvV/oxe5AOTEoSpJ6z93svTgpeSUKupPZHDMkN4Lgn7KiYE6hJ1oVPsh4ezCSkoPTAR 1NzmYAQXEQARJNzACwsFD18ulcz9gHg== X-Spam-ID: 90ae2e02-a9b3-11e6-a9bc-001a4a633b07 X-Gm-Message-State: ABUngvdStFK+4VCkHugFGT5ctPmjZIJCFIdc4dOmJny8oJbpG77viQM5Hh1DgjfnBcJBDy9DG6xz4Jgc2kHKzA== X-Received: by 10.157.15.176 with SMTP id d45mr5269209otd.169.1479049936819; Sun, 13 Nov 2016 07:12:16 -0800 (PST) MIME-Version: 1.0 From: Frank Scholten Date: Sun, 13 Nov 2016 16:12:16 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: [CNI] Proxying connections from outside the cluster to tasks with IP from host-local IPAM To: user Content-Type: text/plain; charset=UTF-8 archived-at: Sun, 13 Nov 2016 15:12:43 -0000 Hi, What is a simple way to proxy connections from outside the Mesos cluster to tasks on the Mesos Agents that have gotten their IP via the host-local IPAM? Let's say I use HaProxy on each Mesos Agent on port 80 then the tasks can be proxied since HaProxy can reach the internal network on that particular agent. For instance I can set up config so that proxies test.agent1.cluster.example.com to the IP of task 'test' However, don't I also need load balancing across the HaProxies on the different Mesos agents? Perhaps Mesos DNS can be used for this? So a lookup for test.cluster.example.com returns test.agent1.example.com, test.agent2.example.com et cetera. Curious to know how some of you solve this problem. I know there are many ways to solve this problem. I am looking for something simple first with as few moving parts as possible, so the host-local plugin + Cheers, Frank