[OpenSIPS-Users] Dockerize OpenSIPS

Saint Michael venefax at gmail.com
Sat May 2 13:03:14 EST 2020 

The ideal platform to run opensips, asterisk, etc. is  LXC containers, not
docker. Unless I misunderstand docker, you may only dockerize applications,
while in LXC you conteinarize the equivalent of full virtual machines, all
apps together as a unit. Performance is identical to docker, for both use
the same technology at the kernel level.
Please correct me if I am wrong.

On Sat, May 2, 2020 at 8:34 AM David Villasmil <
david.villasmil.work at gmail.com> wrote:

> They all get their dialplan/config from an API backend. They’re DB
> agnostic.
>
> On Sat, 2 May 2020 at 13:28, H Yavari <hyavari at rocketmail.com> wrote:
>
>> Thank you David,
>> Interested to know, you are running a cluster/group of FS with
>> centralized DB, with same functionality?
>>
>>
>> Regards,
>> HYavari
>>
>>
>> On Saturday, May 2, 2020, 4:54:01 PM GMT+4:30, David Villasmil <
>> david.villasmil.work at gmail.com> wrote:
>>
>>
>> Hello,
>>
>> I have never run into those problems. The people I’ve seen running into
>> them are doing thousands upon thousands of packets por seconds. Hardware is
>> cheap nowadays, I just spread the load.
>>
>> I wouldn’t dockerize rtpengine, although I know people who do.
>>
>> In a normal setup probably you won’t run into them, we run freeswitch on
>> containers for production without a hitch (I must stress I was very
>> reluctant to do that a few years ago, but docker has come a long way since
>> then).
>>
>> David
>>
>> On Sat, 2 May 2020 at 12:42, H Yavari <hyavari at rocketmail.com> wrote:
>>
>> Thank you David.
>>
>> What do you think about networking concerns? you mentioned to them but I
>> didn't get your point.
>> RTP restrictions, port proxy, iptables, fail2ban are top ones.
>>
>> PS: No matter which telephony platform (Asterisk/FS/OpenSIPS/Kamailio),
>> these concerns are in general.
>> PS: We have more challenges with projects like Freepbx.
>>
>>
>> Regards,
>> HY
>>
>>
>>
>> On Saturday, May 2, 2020, 3:48:11 PM GMT+4:30, David Villasmil <
>> david.villasmil.work at gmail.com> wrote:
>>
>>
>> Not sure about OpenSIPS specifically, but I would assume it has been
>> implemented in docker just as much as kamailio and freeSWITCH/Asterisk.
>>
>> This is done all over the world. Docker is not an emulator or a virtual
>> machine host. When you run something on docker, its speed is (almost)
>> exactly the same as running it on the host itself, since there’s no OS
>> overhead, it works by separating processes via Cgroups, no by virtualizing
>> or emulating hardware.
>>
>> Quote:
>>
>> The Docker technology uses the Linux kernel
>> <https://www.redhat.com/en/topics/linux/what-is-the-linux-kernel> and
>> features of the kernel, like Cgroups
>> <https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Resource_Management_Guide/ch01.html>
>>  and namespaces <https://lwn.net/Articles/528078/>, to segregate
>> processes so they can run independently. This independence is the intention
>> of containers‐the ability to run multiple processes and apps separately
>> from one another to make better use of your infrastructure while retaining
>> the security <https://www.redhat.com/en/topics/security>you would have
>> with separate systems.
>>
>> So in simple terms, docker simply separates processes.
>>
>> There ARE, nonetheless, some problems with dockerizing everything. I have
>> read issues like If the network traffic is way way way too high, you may
>> encounter issues like dropped packets, etc. but this is a problem on the
>> networking side, I.e: the iptables rules. Also the natting related to using
>> docker can be cumbersome, but once you’re over that, it’s home free.
>>
>> So, as long as you manage your infrastructure well, you shouldn’t have
>> problems.
>>
>> In terms of troubleshooting a failing container. All logging should be
>> sent to some log server, and you can do your troubleshooting there. Also,
>> don’t kill a failing container so you can access it (via ssh or attach or
>> exec) and troubleshoot it.
>>
>> The pros of using docker/k8s greatly outweighs the cons, in my opinion.
>>
>> Hope this help.
>>
>> David
>>
>> On Sat, 2 May 2020 at 11:33, H Yavari via Users <users at lists.opensips.org>
>> wrote:
>>
>> Thank you Johan,
>>
>> When your infrastructure goes to run with k8s or other same platforms,
>> it's hard to make some exceptions.
>> Also softwares like opensips that are working just with DB, can run very
>> smoothly.
>>
>> Although I haven't seen any problem yet after moving it to containers,
>> but I am interested in hearing from others and developers team.
>>
>>
>> Regards,
>> HY
>>
>>
>> --------
>> On Saturday, May 2, 2020, 12:51:51 PM GMT+4:30, johan <johan at democon.be>
>> wrote:
>>
>>
>> First of all, I am not aware of a production kubernetes cluster.
>>
>> Using containers has advantages : fast install, easy to move.  The
>> annoying thing is that if it goes wrong, it is not easy to troubleshoot.
>> Secondly, you add an extra abstraction layer, abstraction (most of the
>> time) reduces speed and decreases capacity.
>>
>> In short : it all depends on the size of your system. In ip4 I don't see
>> the advantage.  What could be a nice scalable system, is to deploy on ip6
>> with anycast.
>>
>> Just my thoughts ...
>> On 2/05/2020 07:49, H Yavari via Users wrote:
>>
>> Hi to all,
>>
>> As you know docker and K8s, are growing quickly. So we dockerized
>> Asterisk and OpenSIPS also.
>> But I see some community members are against it. They have some reasons
>> like NAT, RTP ports and performance.
>>
>> Do you agree with them ?
>> Is there any successful large scale OpenSIPS cluster based on K8s ?
>>
>>
>> Thanks for sharing your experiences.
>>
>>
>> Regards,
>> HY
>>
>> _______________________________________________
>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>> --
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.work at gmail.com
>> phone: +34669448337
>>
>> --
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.work at gmail.com
>> phone: +34669448337
>>
> --
> Regards,
>
> David Villasmil
> email: david.villasmil.work at gmail.com
> phone: +34669448337
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20200502/a4fdcdee/attachment-0001.html>

More information about the Users mailing list