Skip to main content
Version: v23.0

Understanding Tunnel Origins in Containers

Summary

DxOdyssey or DxEnterprise in containers are capable of acting as an origin node/gateway for tunnels or Vhosts/tunnel groups. For Kubernetes, these ports can be opened using a load balancer or node port service configuration. For Docker, the container must have the necessary ports mapped using the docker run command at container runtime.

Information

Kubernetes allows services to be added to deployments without restarting the pods. This means that tunnel origins can be added to running pods by creating a new Kubernetes service and adding the tunnel origin to your DxEnterprise or DxOdyssey configuration. For more information about Kubernetes services, view their documentation. For external connectivity in pods, use a load balancer or node port configuration.

As a rule of thumb, Docker containers generally cannot be modified, updated, or reconfigured after starting. Docker does not allow port mappings to be updated after the container has started. As such, ports should only be mapped using the -p flag in the docker run command when the container is first launched. If ports are not mapped at container runtime, a new container must be created.

Container port mappings can be cleanly updated if your container uses volume mounts. DH2i recommends utilizing volume mounts when restarting a container with updated port mappings. DH2i software uses the /etc/dh2i folder to store software configuration files, and these files can be used by a new container to rejoin the cluster or gateway group with its configuration intact. If no /etc/dh2i volume mount exists, the docker commit command may be used to save the entire container instead.

Additional Information