[redhat-lspp] Re: LSPP Development Telecon 06/19/2006 Minutes
Eric W. Biederman
ebiederm at xmission.com
Mon Jun 26 14:24:28 UTC 2006
Daniel Lezcano <dlezcano at fr.ibm.com> writes:
>>>By the way, having the same IP address for several containers, how will be
>>>possible to do container migration ?
>> It depends on the circumstances. In general having several containers with
> the
>> same IP address is a bad idea. But if you have a setup where you can
>> do it safely there is nothing preventing that setup from working between
>> machines, so it is neither a positive or a negative from a migration
> standpoint.
>
> What about the clients connected to the different containers ? For example, you
> have 100 containers, all are configured with 192.168.1.100 and have an
> application binded to INADDR_ANY:80.
> In front of that, you have 100 clients. Each of them are connected to the
> application running in each container.
> One container is migrated to another machine on the network, it is not possible
> to keep the same address, so the address is changed to 192.168.1.200. The
> clients connected to 192.168.1.100 will lose the communication.
So don't set your network up so that if you move a machine it's IP address must
change. Either that or you require everyone with 192.168.1.100 to migrate
at once. You might need a tunnel over the network to make the configuration
you describe work.
This is a policy issue on top of a basic mechanism.
I do not encourage anyone to reuse the same IP address on multiple containers
and setting up the routing is a tricky proposition. But it is exactly the
same problem as using the same IP address on multiple machines. So weather
you use real network devices or logical ones does really matter.
I think the polyinstantiated bind that people were discussing earlier is
suspicious for exactly the same reasons. Multiple uses of the same IP
address relies on network magic to make it work. Network magic with
out a lot of care is fragile.
At the same time there are legitimate uses of hosts with the same IP address
such as host failover, in a high reliability configuration.
Eric
More information about the redhat-lspp
mailing list