Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cncf k8s_network_part1

356 views

Published on

說明Kubernetes網路層架構與設計, 包括Kubernetes在不同節點上容器和容器之間的溝通。
老實說,Kubernetes網路介面的概念都是很抽象的。甚至對很多不清楚網路架構的人來說也很難快速就搞的懂。
對大多數的開發者而言,並不需要自己去實作這些虛擬網路技術,但是理解kubernets的overlay網路概念是必須的。
因為pod網絡地址會顯示在很多Kubernetes的日誌中。因此在做調試或解決問題時,在某些情況下,我們會需要明確定義網路由(network route)或是追縱路由。

這個時候,對Kubernetes “pod網路”的理解將會讓我們從混沌不明中得到解決問題的曙光。

Youtube: https://youtu.be/8DH_oB6D3vc

Published in: Technology
  • Be the first to comment

Cncf k8s_network_part1

  1. 1. Cloud Native: Kubernetes Network Kubernetes Part#1 1
  2. 2. • 5 / • 3 MES/SFC • 3 ERP (SAP-MM )/EAI Leader • 2 End-To-End Business Integration Analyst • 1 OEM Sales Team Leader • 4 / • 6 / • IT – • 4.0 / - erhwenkuo@gmail.com 2
  3. 3. • ”James” medium • https://medium.com/@tao_66792/how-does-the-kubernetes- networking-work-part-1-5e2da2696701
  4. 4. • , Kubernetes : • Part#1 - Kubernetes • Part#2 - Kubernetes Service Deployment Pod • Part#3 - Kubernetes Ingress I
  5. 5. • kubectl D SDK • T b O tT Provision r RBAC Quota PSP NetworkPolicy • e f s DNS g • Kubernetes h t K API i t n • t O Tt • Kubernetes u CI CD Workflow FaaS OTS ChatOps • Kubernetes CRI CNI CVI Cloud Provider t
  6. 6. Agenda 1. The basic knowledge of Kubernetes Pod network stack 2. How Kubernetes Pod network works? 3. Conclusion 6
  7. 7. Kubernetes “Pod” 7
  8. 8. • Pod Kubernetes • Pod • T PPod P (network stack) • (volume)
  9. 9. • Kubernetes Pod#1 2 • #1 nodejs REST API (port: 80) • #2 mysql nodejs • Kubernetes , #1 #2 •
  10. 10. • P Docker • eth0 docker0 bridge • docker0 T veth0
  11. 11. • docker0 veth0P • 172.17.0.0/24 • IP docker0 172.17.0.1 veth0 172.17.0.2 • #1 veth0 docker0 eth0
  12. 12. • #2 #1 : • docker0 veth1 • 172.17.0.0/24 • IP docker0 172.17.0.1 veth1 172.17.0.3 • #1 #2 (bridge) • T P (bridge) P
  13. 13. • T (bridge) • P IP •
  14. 14. • Docker • • P IP 172.17.0.2 • d • d e T
  15. 15. • Kubernetes • Kubernetes pod (pause container) • : pod P P
  16. 16. • pod , .. P • P T
  17. 17. Kubernetes “Pod” 17
  18. 18. • Kubernetes pod P OT • KubernetesO Pod Pod • N pod A AO WP O
  19. 19. • Kubernetes • hA TO N (A OVM k ) • d Pg i Odocker • Kubernetes • f d W e
  20. 20. • Kubernetes
  21. 21. • Kubernetes : • A (private network segment) 10.100.0.0/24 • (router gateway) 10.100.0.1 • IP 10.100.0.2 10.100.0.3 • NPeth0 T O
  22. 22. • Kubernetes pod P • Kubernetes pod Oveth0, Ndocker0 A P eth0
  23. 23. • eth0 10.100.0.2 N (router/gateway) 10.100.0.1 • docker0 ( 172.17.0.1) eth0 pod A veth0 ( 172.17.0.2)
  24. 24. • P (pause container) ? • pause container veth0 A • veth0 A N W(pause, container1, container2) • T O(shared network stack) d
  25. 25. • (Routing) T • N(network bridge) W • AO eth0 P 172.17.0.2T Ndocker0 veth0 1 2 3 4
  26. 26. • N d fP g T : • N pod, nIP 172.17.0.2 • W Kubernetes O pod docker0g e routing • routing eth0 (10.100.0.2) veth0 (172.17.0.2) g Aik docker0 h veth0 1 2 3 4
  27. 27. e T d • AW e O eth0 (ipN10.100.0.3) W 10.100.0.1 • eth0 e Wdocker0 P 172.17.0.1 … ! !!!!!!!
  28. 28. • docker0 k ngip 172.17.0.1? ? • gip Ng ? • Kubernetes hwo k g Nroutingg ? • e k hw k g gPd i ! • T o k ng podo f W O A k gpodg r t?
  29. 29. Kubernetes T N • h k e P k e f • d O10.100.0.1 g e f W A i
  30. 30. • o fT n n i , (overlay network) • NKubernetesdk, h pod n • pod WO pod t g • r o A docker0” h cbr P e custom bridge
  31. 31. • Kubernetes P Pod-to-Pod N W • (CNI) O 3rd partyN A • CNI N A N W N T
  32. 32. • ACNI : • Calico • Canal (Flannel for network + Calico for firewalling) • Cilium • Flannel • Kube-router • Romana • WeaveNet
  33. 33. • ACNI : • Calico • Canal (Flannel for network + Calico for firewalling) • Cilium • Flannel • Kube-router • Romana • WeaveNet
  34. 34. • n c • kubernets overlay • lpod u s Kubernetes i C o (network route) o • Kubernetes “pod ”
  35. 35. • How Does The Kubernetes Networking Work? : Part 1 • https://medium.com/@tao_66792/how-does-the-kubernetes-networking-work- part-1-5e2da2696701 • Kubernetes - • https://kubernetes.feisky.xyz/cha-jian-kuo-zhan/network • Benchmark results of Kubernetes network plugins (CNI) over 10Gbit/s network • https://itnext.io/benchmark-results-of-kubernetes-network-plugins-cni-over- 10gbit-s-network-36475925a560
  36. 36. 36 https://www.facebook.com/groups/dataengineering.tw/

×