Configuration for inbound ports on an Instance

FlowFuse / flowfuse

Connect, collect, transform, visualise, and interact with your Industrial Data in a single platform. Use FlowFuse to manage, scale and secure your Node-RED solutions.

https://flowfuse.com

Other

277 stars 63 forks source link

Configuration for inbound ports on an Instance #2286

Open joepavitt opened 1 year ago

joepavitt commented 1 year ago

Description

From UX feedback call with @biancode

Request to have a "Network" tab at the Instance-level that enables the control/configuration of which ports are available on each Instance. Important/useful for modbus and opc-ua usage in FlowForge.

Not sure on estimate, as I suspect there are some complexities with this I'm not going to be aware of.

Have you provided an initial effort estimate for this issue?

I can not provide an initial effort estimate

hardillb commented 1 year ago

This is not possible.

To be clear for both docker and K8s all instances are hosted behind a single http reverse proxy, there is no direct access to the underlying container that hosts the project/instance.

If ports were exposed they would probably be on a totally different IP address to the one mapped to the instance hostname and any given port number could only be used once and would probably be mapped to a different port number than the original Node-RED instance is listening to inside the container.

biancode commented 1 year ago

I think it is possible if I'm on a self-hosted server. Means maybe that feature is just available on self-hosted servers.

A Node-RED instance is just a running docker container at the end and that container can open a port and could join a special network inside Docker on my server via Docker settings. If I open ports inside the firewall for my OPC UA servers, then it works all well. That is what we do now on Node-RED instances manual thru Portainer and it works fine.

FlowForge is needed to help here to manage the settings, because it starts and stops the instances (Container) and that removes our manual settings via Docker commands from FlowForge. I see FlowForge as a Node-RED Docker Management Tool in that case and from that perspective it needs to be managed by FlowForge to get a chance to configure network settings for the Node-RED Containers.

What do you think, is it really not possible in that case?

hardillb commented 1 year ago

Understand that we have to balance development across all use case and all environments, doing this just for docker is a none starter.

I do not think it is possible to build this in a way that is scalable and easy for a user to understand.

biancode commented 1 year ago

That means it still a Node-RED without TCP, UDP, Modbus and OPC UA servers if I use FlowForge in the industry, doesn't it? Means on the other hand - client only for industry protocols.

The idea was just to configure a list of port settings as Docker needs like "1880:1880" for the Node-RED Container and that FlowForge just gives those ports via "-p" parameter to the container. I know that you have Kube in mind, but for the industry I think Docker or Podman is much more in use at the moment, isn't it?