I know that 'servicePort' is used by marathon-lb to identify an app. Is there any other user of this setting besides marathon-lb?
If the answer is no, why is it mandatory (omitting it well generate one for me)? I have many marathon apps which are not managed by marathon-lb, and they all take up service ports by default.
From the documentation: ""servicePort" is a helper port intended for doing service discovery using a well-known port per service. The assigned servicePort value is not used/interpreted by Marathon itself but supposed to be used by the load balancer infrastructure."
So service ports seem to have no other use other than for marathon-lb.
When you don't specify a servicePort, its as if you put in "servicePort": 0.
See closed issue here.
Here's a discussion about the re-architected networking API.
If you look at the Jira ticket, you will see that the new API model lets you define services without servicePorts at all.
Related
I am currently working on a multiplayer game that is meant to handle 20-50 player connections to a single game instance.
My current client connection model:
Client requests connection from server rest endpoint
Server creates 2 new sockets bound to random ports (1 tcp and 1 udp)
Client gets response and connects
I don't see anything glaringly wrong with this, but I am now questioning whether this is the general way that game server connections are done.
To explain further, I am in the process of learning how to use Kubernetes and Agones to deploy and manage app/game instances by wrapping them in Kubernetes pods. I am mostly working off of information found in the official guides (https://agones.dev/site/docs/getting-started/create-gameserver/) and associated github examples (https://github.com/googleforgames/agones/blob/release-1.15.0/examples).
For Agones, my understanding is that client connections are made via the port specified in "hostPort" in the "GameServer" yaml. I have previously deployed some instances with plain Kubernetes, using the "hostNetwork=true" option, which enables my above network model to work by allowing the game instance to bind directly to host ports and be exposed to the outside network. With Agones though, it seems that using this option is, at the very least, not encouraged (https://github.com/googleforgames/agones/issues/1389).
I'm certainly not an expert on networking, so please forgive my ignorance, but how are the client connections meant to be handled here if I'm only exposing one port? Is all the traffic multiplexed, or can I directly pass off connections somehow to other sockets/ports and have them automatically be exposed to the outside network?
Is all the traffic multiplexed, or can I directly pass off connections somehow to other sockets/ports and have them automatically be exposed to the outside network?
I would multiplex the traffic. It sounds like right now you are using the incoming port to determine "who is who". But you could also include that information in the packet flow to a shared port instead.
The standard behaviour for wildfly-17 (and 18) with microprofile-health-smallrye is, that the /health endpoints are published under the management port.
Is there a way to configure it to use a different port?
That behaviour is difficult in some situations (with docker and kubernetes) to open up the management port completely, and make it accessible, for other "machines" than localhost.
Thanks in advance,
Gabriel
Jeff Mesnil answered my thread on the wildfly-user chat -> It is not possible to run health endpoint on application port. WildFly only expose them to the managment port.
Whilst I could not find a direct answer I did have a similar issue myself and implemented a solution.
I added the flag Dswarm.port.offset=100. For my thorntail set up this shifted all the port by 100.
My solution to publish metrics within a docker swarm, where port 9990 is not exposed, was to write a Proxy-Servlet registered under /metrics that returns the contents of http://127.0.0.1:9990/metrics.
That way you don't expose the whole admin panel, but only the metrics part.
We need to set up an ejtserver instance inside an OpenShift cloud and expose it to an external network.
I have been told that a binary protocol is a big no-no in that situation, as it requires an extra, manually-set-up egress route (lots of extra work by external team), and takes up a limited resource (port number - ports numbers for binary egress routes need to be unique).
No such limitations exist for HTTP(S) traffic because the routers know enough about the protocol to differentiate connections through host name, which is an unlimited resource.
So I hope I can make the connection from install4j-maven-plugin to the ejtserver instance through HTTP(S); is this possible?
As of 1.13.1, this is not possible, please contact support#ej-technologies.com for alternative arrangements with build-only license keys.
Up to now I have never worked with bonjour. I think it is an interesting approach for using it to discover hosts which run rest services (e.g. by defining a predefined URL for devices providing a specific service).
I read that I can ping the host with Bonjour via the bonjour-name but I have not found an approach how to call a REST service with bounjour (where I usually also need the port). Is this possible or do you know some references? I am thinking on something like this: xservice.Alice.local/rest?abc=......
Thank you
I'm implementing the PASV mode in a FTP server, and I send to the client the IP address and port of the data end point. This is stupid because the IP is actually where the client is already connecting, so there ire two options:
How could I get the public IP
address from a given instance? Not
the VIP, but the public one.
How could I get the original target
IP address that the user used from
a Socket object? Considering routers and load balancers in the middle :P
An answer to any of this questions would do, although there is another way that could work... may I get the public IP address doing a DNS look up of myapp.cloudapp.net?
A fourth option would be use the Azure Management API library... but, too much trouble :P.
Cheers.
Not sure if you ever figured this out, but here's my take on it. The individual role instances are all behind the Windows Azure load balancer and have no idea what the original, outward-facing IP address is. Also, there's no Management API call that returns IP address - Get Deployment returns the URL but not the IP address. I think the only option is going to be a dns lookup.
Having said that: I don't think you can host a passive ftp server in your role instance (at least not elegantly). You may open up to 25 input endpoints on your role (up from 5 - see my recent blog post about this update), but there's manual work involved in the configuration. I don't know if your ftp application lets you limit your port range to such a small number of ports. Also:
You'd have to define each port as its own input endpoint (this is the manual labor part I mentioned) - input endpoints don't allow a port range to be specified, unlike the internal endpoints.
You'd have to specify the port number that's used internally, and the port numbers would need to be sequential
One last thing on ftp: you should be able to host an sftp server with no trouble, since all traffic comes through one port.
The hack that I'm contemplating right now is to retrieve http://www.icanhazip.com/. It isn't elegant and is subject to the availability of that service, but it gets the job done. A better solution would be appreciated!