Differences between revisions 1 and 2
Revision 1 as of 2021-10-24 10:09:52
Size: 578
Editor: PieterSmit
Comment:
Revision 2 as of 2021-10-25 02:34:45
Size: 1270
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 17: Line 17:

 * Services - across cluster pod access
   * Virtual object created by kube-proxy, IP from pre-assigned range, iptables fwd to pod ip.
     * Service ip range kube-api-server --service-cluster-ip-range= ipNet )Default:10.0.0.0/24)
       * service ip range can't overlap with pod ip range
     * View {{{ iptables -L -t nat | grep <service> }}}
     * kube-proxy --proxy-mode ["userspace", "'''iptables'''", "ipvs"]
       * view {{{ cat /var/log/kube-proxy.log }}}
   * Types
     1. ClusterIP - only available in cluster
     1. NodePort - Just like ClusterIP, but also exposes to fixed external port on all nodes
     1.
   * How
     * kube-proxy watches kube-apiserver,

k8s/StudyNotes/k8sNetworking

  • CNI - specifies that kubelet should call CNI plugin on container create(ADD) and destroy(DEL)

    • Config 

       /usr/bin/kubelet --cni-bin-dir=/opt/cni/bin --cni-conf-dir=/etc/cni/net.d/ --network-plugin=cni
  • Docker uses default bridge docker0
    • Docker creates network namespace (ip netns ) for each container. $ docker inspect abcd

  • CNI - plugins e.g. bridge 

    bridge add <containerid> /var/run/netns/2e34dc
    • JSON Network config, ADD and DEL between runtime and plugin.
  • k8s ports in documentation
  • Services - across cluster pod access
    • Virtual object created by kube-proxy, IP from pre-assigned range, iptables fwd to pod ip.

      • Service ip range kube-api-server --service-cluster-ip-range= ipNet )Default:10.0.0.0/24)

        • service ip range can't overlap with pod ip range

      • View  iptables -L -t nat | grep <service> 

      • kube-proxy --proxy-mode ["userspace", "iptables", "ipvs"]

        • view  cat /var/log/kube-proxy.log 

    • Types
      1. ClusterIP - only available in cluster

      2. NodePort - Just like ClusterIP, but also exposes to fixed external port on all nodes

    • How
      • kube-proxy watches kube-apiserver,

k8s/StudyNotes/k8sNetworking (last edited 2021-10-25 02:34:45 by PieterSmit)