[Container-tools] Why do we have "rhel-docker-eclipse"?

Rob Terzi rct at katavoltmedia.com
Mon Feb 15 16:47:02 UTC 2016 

Inline.

On 2/15/2016 8:50 AM, Scott McCarty wrote:
>
>
> ----- Original Message -----
>> From: "Pete Muir" <pmuir at redhat.com> To: "Max Rydahl Andersen"
>> <manderse at redhat.com> Cc: "container-tools"
>> <container-tools at redhat.com> Sent: Monday, February 15, 2016
>> 4:38:15 AM Subject: Re: [Container-tools] Why do we have
>> "rhel-docker-eclipse"?
>>
>> +1 have a default Vagrantfile, and then some quickstarts that
>> include others as *examples* (i.e. part of docs). This clearly
>> communicates intent and also support liability.
>
> +1, I just ran through the install this weekend and I think rhel-ose
> is the 80% right choice. If you want to learn Kubernetes: 80%, if you
> want to learn OSE: 80%, if you want to build an app: 80% (you have
> Docker and OSE).

One bit of information that I haven't seen in this discussion, but I
want to make sure is "on the table" are the differences in networking
between 'rhel-docker-eclipse' and 'rhel-ose' (as seen in the CDK beta builds):

rhel-docker-eclipse: The vagrant box (VM) has an isolated network, only specific
    ports are forwarded to enabling tooling from the host.

rhel-ose: The box's network is exposed to the host and has a fixed IP  (IIRC, 10.1.2.2)

(The network configuration for the box is in the Vagrantfile)

Following Scott's style, the rhel-ose approach of making the box's network
accessible from the host probably covers 80% of the desirable getting started
use cases. Host based tooling, browsing web consoles and web apps. should
all work if you get the IP address right, which vagrant-service-manager should
be helping with.   (So I give a +1 for the rhel-ose Vagrantfile, if anyone cares.)

I believe there are some gotchas with the fixed IP that are probably not obvious
to many developers:
- can only run a single box at a time.
- possible conflict if you are using the same RFC1918 private network numbers.
   (possible though improbable?)

Changing the box's IP can be tricky because the TLS/SSL certificates have
the IP address in them. I think the certs are generated during first provisioning
or first boot. (I haven't dug into it since trying to make docker-machine
work a few months back.)

If there are instructions on editing the Vagrantfile there may need to be
some pointers that the Vagrantfile configures the network, and if you
change the network config, you need to regenerate the certs, which might
be straightforward, but they need a clue how to do it.

I could be a bit off-base/out-of-date, but I wanted to throw this out there
to make sure it gets consideration.

--Rob

More information about the Container-tools mailing list