[jira] [Commented] (FLINK-29572) Flink Task Manager skip loopback interface for resource manager registration

Sun, 16 Oct 2022 22:51:05 -0700 


    [ 
https://issues.apache.org/jira/browse/FLINK-29572?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17618658#comment-17618658
 ] 

Xintong Song commented on FLINK-29572:
--------------------------------------

[~gzkevinl],

I probably haven't understand this service mesh completely, so correct me if 
I'm wrong.

Say you have a task manager with pod ip address 1.2.3.4, and a proxy located in 
the same pod as a sidecar. Can the proxy capture all the traffics sent from the 
interface 1.2.3.4 while block traffics from 127.0.0.1? IIUC, if the proxy can 
only capture the 127.0.0.1 traffics, then the task manager skipping the 
loopback interface will also skip the proxy anyway.

Moreover, the taskmanager does not have to bind to a fixed port. If you leave 
`taskmanager.rpc.port` to un-configured, it will use a random port. 

Currently, Flink does support proxied networks, but would require the external 
address (the one JM can use to access TM/proxy) to be explicitly configured for 
each TM. IIUC, you are suggesting a proxy that the external address is the same 
as internal address (the one that TM itself sees) so that it needs not to be 
explicitly configured. I think I'm not convinced that this is a general / 
common requirement.

> Flink Task Manager skip loopback interface for resource manager registration
> ----------------------------------------------------------------------------
>
>                 Key: FLINK-29572
>                 URL: https://issues.apache.org/jira/browse/FLINK-29572
>             Project: Flink
>          Issue Type: Bug
>          Components: API / Core
>    Affects Versions: 1.15.2
>         Environment: Flink 1.15.2
> Kubernetes with Istio Proxy
>            Reporter: Kevin Li
>            Priority: Major
>
> Currently Flink Task Manager use different local interface to bind to connect 
> to Resource Manager. First one is Loopback interface. Normally if Job Manager 
> is running on remote host/container, using loopback interface to connect will 
> fail and it will pick up correct IP address.
> However, if Task Manager is running with some proxy, loopback interface can 
> connect to remote host as well. This will result 127.0.0.1 reported to 
> Resource Manager during registration, even Job Manager/Resource Manager runs 
> on remote host, and problem will happen. For us, only one Task Manager can 
> register in this case.
> I suggest adding configuration to skip Loopback interface check if we know 
> Job/Resource Manager is running on remote host/container.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to