[OpenSIPS-Users] Dockerize OpenSIPS

David Villasmil david.villasmil.work at gmail.com
Sat May 2 12:23:47 EST 2020


Hello,

I have never run into those problems. The people I’ve seen running into
them are doing thousands upon thousands of packets por seconds. Hardware is
cheap nowadays, I just spread the load.

I wouldn’t dockerize rtpengine, although I know people who do.

In a normal setup probably you won’t run into them, we run freeswitch on
containers for production without a hitch (I must stress I was very
reluctant to do that a few years ago, but docker has come a long way since
then).

David

On Sat, 2 May 2020 at 12:42, H Yavari <hyavari at rocketmail.com> wrote:

> Thank you David.
>
> What do you think about networking concerns? you mentioned to them but I
> didn't get your point.
> RTP restrictions, port proxy, iptables, fail2ban are top ones.
>
> PS: No matter which telephony platform (Asterisk/FS/OpenSIPS/Kamailio),
> these concerns are in general.
> PS: We have more challenges with projects like Freepbx.
>
>
> Regards,
> HY
>
>
>
> On Saturday, May 2, 2020, 3:48:11 PM GMT+4:30, David Villasmil <
> david.villasmil.work at gmail.com> wrote:
>
>
> Not sure about OpenSIPS specifically, but I would assume it has been
> implemented in docker just as much as kamailio and freeSWITCH/Asterisk.
>
> This is done all over the world. Docker is not an emulator or a virtual
> machine host. When you run something on docker, its speed is (almost)
> exactly the same as running it on the host itself, since there’s no OS
> overhead, it works by separating processes via Cgroups, no by virtualizing
> or emulating hardware.
>
> Quote:
>
> The Docker technology uses the Linux kernel
> <https://www.redhat.com/en/topics/linux/what-is-the-linux-kernel> and
> features of the kernel, like Cgroups
> <https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Resource_Management_Guide/ch01.html>
>  and namespaces <https://lwn.net/Articles/528078/>, to segregate
> processes so they can run independently. This independence is the intention
> of containers‐the ability to run multiple processes and apps separately
> from one another to make better use of your infrastructure while retaining
> the security <https://www.redhat.com/en/topics/security>you would have
> with separate systems.
>
> So in simple terms, docker simply separates processes.
>
> There ARE, nonetheless, some problems with dockerizing everything. I have
> read issues like If the network traffic is way way way too high, you may
> encounter issues like dropped packets, etc. but this is a problem on the
> networking side, I.e: the iptables rules. Also the natting related to using
> docker can be cumbersome, but once you’re over that, it’s home free.
>
> So, as long as you manage your infrastructure well, you shouldn’t have
> problems.
>
> In terms of troubleshooting a failing container. All logging should be
> sent to some log server, and you can do your troubleshooting there. Also,
> don’t kill a failing container so you can access it (via ssh or attach or
> exec) and troubleshoot it.
>
> The pros of using docker/k8s greatly outweighs the cons, in my opinion.
>
> Hope this help.
>
> David
>
> On Sat, 2 May 2020 at 11:33, H Yavari via Users <users at lists.opensips.org>
> wrote:
>
> Thank you Johan,
>
> When your infrastructure goes to run with k8s or other same platforms,
> it's hard to make some exceptions.
> Also softwares like opensips that are working just with DB, can run very
> smoothly.
>
> Although I haven't seen any problem yet after moving it to containers, but
> I am interested in hearing from others and developers team.
>
>
> Regards,
> HY
>
>
> --------
> On Saturday, May 2, 2020, 12:51:51 PM GMT+4:30, johan <johan at democon.be>
> wrote:
>
>
> First of all, I am not aware of a production kubernetes cluster.
>
> Using containers has advantages : fast install, easy to move.  The
> annoying thing is that if it goes wrong, it is not easy to troubleshoot.
> Secondly, you add an extra abstraction layer, abstraction (most of the
> time) reduces speed and decreases capacity.
>
> In short : it all depends on the size of your system. In ip4 I don't see
> the advantage.  What could be a nice scalable system, is to deploy on ip6
> with anycast.
>
> Just my thoughts ...
> On 2/05/2020 07:49, H Yavari via Users wrote:
>
> Hi to all,
>
> As you know docker and K8s, are growing quickly. So we dockerized Asterisk
> and OpenSIPS also.
> But I see some community members are against it. They have some reasons
> like NAT, RTP ports and performance.
>
> Do you agree with them ?
> Is there any successful large scale OpenSIPS cluster based on K8s ?
>
>
> Thanks for sharing your experiences.
>
>
> Regards,
> HY
>
> _______________________________________________
> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> --
> Regards,
>
> David Villasmil
> email: david.villasmil.work at gmail.com
> phone: +34669448337
>
-- 
Regards,

David Villasmil
email: david.villasmil.work at gmail.com
phone: +34669448337
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20200502/8a7d8589/attachment-0001.html>


More information about the Users mailing list