Newbie Questions

Hi all,

This is the first time I am looking at rancher, so sorry if these questions have been answered before.

  1. Is the rancher management server a single point of failure?
  2. Will rancher make use of private networks between hosts? E.g. if I have a few digitalocean hosts within the one region. Is there a location that has more in depth details around rancher’s networking than
  3. Is github used for anything else then authentication? Is there any reason other methods could not be supported?
  4. Can it currently support or is there plans to support automatically deploying new hosts on cloud providers if there is no space for a container?
  5. Does rancher do anything around bandwidth usage?


  1. In the basic run as a single container mode, yes, but “failure” here means not being able to use the API or UI to start new containers. Hosts themselves, the containers on them, and native docker run commands continue to work while the rancher/server is down. You can do multi-node setup, it is currently somewhat involved but will become simpler (namely not requiring ZooKeeper) in an upcoming release.

  2. If all of the the hosts in the environment are in the same private network then you could register the host using the internal (10.x.y.z) IP address with -e CATTLE_AGENT_IP=.... There is not currently logic to keep track of multiple IP addresses and decide when to use one vs another to communicate across hosts so this will not work across multiple clouds or private networks. The overlay network is basically the Network Agent containers running AES-encrypted point-to-point IPSec between the hosts on the IP the host is registered with.

  3. GitHub is used for authentication (who are you) and authorization (what environments should you have access to). LDAP/ActiveDirectory support is in development right now, others may follow based on demand (there are github issues requesting BitBucket and GitLab).

  4. There is not currently anything built-in for this; There is not really a clear definition of what “no space” left means with containers.

  • There are various stats like load average and memory usage updated periodically on each host in the API, so if you know exactly what “full” means to you it and enough info is available it would be fairly straightforward to script detecting that situation and using the API to spin up another machine.
  • Or if you are on e.g. AWS you could create hosts in an autoscaling group and use their logic to decide when to add hosts.
  • Services can have a “global” scale, which will make them automatically spin up a new container when a new eligible host appears. So this can work together with the decision to start a new host to automatically start running services on it.
  1. No; cAdvisor runs on each host and it may collect bandwidth info, but we do not currently do anything with it if it does.
  1. I look forward to such release, ZooKeeper is pain sometimes
  2. a. So if there are 5 hosts, will host X be making a point-to-point connection to 4 other hosts?
    b. If each host had its own network, then you could use a routing protocol to support more than one interface. That way a local private NIC, would just need a better metric than the public NIC.
  3. Is there anything around the balancing of services on hosts based on these usages?
  4. Are there any plans to add other cloud providers such as linode? (or something like deltacloud or jclouds)
  1. We don’t have any current plans on adding automatic deployment of new hosts on cloud providers as we want the users to control the resources that they pay for. As for distribution of services, there is no balancing of containers on hosts based on their usage.
  2. The UI is just a front-end for docker-machine. Linode or someone else would need to add a driver for it to be supported. This would apply to any other cloud providers that are not supported by docker-machine.

2a) UDP IPSec packets are sent point-to-point directly to the appropriate host, as needed. So if a container on host X needs to talk to something on the other 4 hosts yes, but there is not anything like a fully-connected graph of (n*(n-1))/2 persistent TCP connections open.

2b) Yes, support for multiple networks is possible, but not today.

  1. I believe the scheduler currently figures out the eligible hosts (based on exposed port availability and scheduling rules) and then picks the host with the least number of containers (@sonchang?)

  2. The Add Host screen is basically docker-machine as @denise said. There will be a “generic” option added to the UI eventually that will let you use any of the drivers in machine that we do not have a friendlier UI for eventually (basically the equivalent of running it from the command line, without integration into the provider’s API to know the names of offerings, configure security groups, etc).

  1. @vincent Yes. That is correct.