[OpenSIPS-Users] Dockerize OpenSIPS
H Yavari
hyavari at rocketmail.com
Sat May 2 12:28:55 EST 2020
Thank you David,Interested to know, you are running a cluster/group of FS with centralized DB, with same functionality?
Regards,HYavari
On Saturday, May 2, 2020, 4:54:01 PM GMT+4:30, David Villasmil <david.villasmil.work at gmail.com> wrote:
Hello,
I have never run into those problems. The people I’ve seen running into them are doing thousands upon thousands of packets por seconds. Hardware is cheap nowadays, I just spread the load.
I wouldn’t dockerize rtpengine, although I know people who do.
In a normal setup probably you won’t run into them, we run freeswitch on containers for production without a hitch (I must stress I was very reluctant to do that a few years ago, but docker has come a long way since then).
David
On Sat, 2 May 2020 at 12:42, H Yavari <hyavari at rocketmail.com> wrote:
Thank you David.
What do you think about networking concerns? you mentioned to them but I didn't get your point.RTP restrictions, port proxy, iptables, fail2ban are top ones.
PS: No matter which telephony platform (Asterisk/FS/OpenSIPS/Kamailio), these concerns are in general.PS: We have more challenges with projects like Freepbx.
Regards,HY
On Saturday, May 2, 2020, 3:48:11 PM GMT+4:30, David Villasmil <david.villasmil.work at gmail.com> wrote:
Not sure about OpenSIPS specifically, but I would assume it has been implemented in docker just as much as kamailio and freeSWITCH/Asterisk.
This is done all over the world. Docker is not an emulator or a virtual machine host. When you run something on docker, its speed is (almost) exactly the same as running it on the host itself, since there’s no OS overhead, it works by separating processes via Cgroups, no by virtualizing or emulating hardware.
Quote:
The Docker technology uses the Linux kernel and features of the kernel, like Cgroups and namespaces, to segregate processes so they can run independently. This independence is the intention of containers‐the ability to run multiple processes and apps separately from one another to make better use of your infrastructure while retaining the securityyou would have with separate systems.
So in simple terms, docker simply separates processes.
There ARE, nonetheless, some problems with dockerizing everything. I have read issues like If the network traffic is way way way too high, you may encounter issues like dropped packets, etc. but this is a problem on the networking side, I.e: the iptables rules. Also the natting related to using docker can be cumbersome, but once you’re over that, it’s home free.
So, as long as you manage your infrastructure well, you shouldn’t have problems.
In terms of troubleshooting a failing container. All logging should be sent to some log server, and you can do your troubleshooting there. Also, don’t kill a failing container so you can access it (via ssh or attach or exec) and troubleshoot it.
The pros of using docker/k8s greatly outweighs the cons, in my opinion.
Hope this help.
David
On Sat, 2 May 2020 at 11:33, H Yavari via Users <users at lists.opensips.org> wrote:
Thank you Johan,
When your infrastructure goes to run with k8s or other same platforms, it's hard to make some exceptions.Also softwares like opensips that are working just with DB, can run very smoothly.
Although I haven't seen any problem yet after moving it to containers, but I am interested in hearing from others and developers team.
Regards,HY
--------
On Saturday, May 2, 2020, 12:51:51 PM GMT+4:30, johan <johan at democon.be> wrote:
First of all, I am not aware of a production kubernetes cluster.
Using containers has advantages : fast install, easy to move. The annoying thing is that if it goes wrong, it is not easy to troubleshoot. Secondly, you add an extra abstraction layer, abstraction (most of the time) reduces speed and decreases capacity.
In short : it all depends on the size of your system. In ip4 I don't see the advantage. What could be a nice scalable system, is to deploy on ip6 with anycast.
Just my thoughts ...
On 2/05/2020 07:49, H Yavari via Users wrote:
Hi to all,
As you know docker and K8s, are growing quickly. So we dockerized Asterisk and OpenSIPS also.
But I see some community members are against it. They have some reasons like NAT, RTP ports and performance.
Do you agree with them ?
Is there any successful large scale OpenSIPS cluster based on K8s ?
Thanks for sharing your experiences.
Regards, HY
_______________________________________________
Users mailing list
Users at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
--
Regards,
David Villasmilemail: david.villasmil.work at gmail.comphone: +34669448337
--
Regards,
David Villasmilemail: david.villasmil.work at gmail.comphone: +34669448337
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20200502/9e2c3533/attachment-0001.html>
More information about the Users
mailing list