Kubernetes Cluster Networking and Pod Networking

🗼Cluster Networing

In a Kubernetes (K8s) cluster, the architecture is built around a master node and several worker nodes. Each of these nodes must have at least one network interface connected and an address configured. Here’s an example configuration:

  • Master Node

    • IP: 192.168.1.10

    • Hostname: master-01

    • Interface: eth0

  • Worker Nodes

    • Worker-01

      • IP: 192.168.1.11

      • Hostname: worker-01

      • Interface: eth0

    • Worker-02

      • IP: 192.168.1.12

      • Hostname: worker-02

      • Interface: eth0

Finding Network Interfaces and MAC Addresses

To identify the network interface associated with a specific IP address, use the following command:

ip a | grep -B2 <node ip>

To view the MAC address of a specific interface (e.g., eth0), use:

ip link show eth0

🗼Pod Networking

Currently, Kubernetes does not provide a built-in solution for pod addressing and communication. Therefore, it is essential to implement a networking solution that meets the following requirements:

  1. Unique IP Address: Every pod should have its own unique IP address.

  2. Pod-to-Pod Communication: Every pod should be able to communicate with other pods on the same node and across different nodes.

  3. Service Accessibility: Services running on pods should be accessible both internally within the cluster and externally.

🗼Setting Up Pod Networking

To attach a container to the network, we need to create a virtual network interface using the ip link add command and assign it an IP address. Here’s a step-by-step guide:

  1. Create a Virtual Network Cable:

     ip link add veth0 type veth peer name veth1
    
  2. Attach One End to the Container and the Other End to the Bridge:

     ip link set veth0 netns <container-id>
     ip link set veth1 master <bridge-name>
    
  3. Assign IP Addresses:

     ip -n <namespace> addr add <ip-address> dev veth0
     ip -n <namespace> route add <route> dev veth0
    
  4. Bring Up the Network Interface:

     ip -n <namespace> link set veth0 up
    

Automating with Scripts

To simplify the process, you can automate these commands in a script and run it for each container. This approach ensures:

  • Each pod gets a unique IP address.

  • Pods within the same node can communicate with each other.

Inter-Node Communication

To enable communication between containers on different nodes, add routes for the container IPs of other nodes:

ip route add <2nd-node-container-ip> via <2nd-node-ip>

However, manually managing IP assignments and network configurations can be complex and error-prone. This is where the Container Network Interface (CNI) comes in.

🗼Container Network Interface (CNI)

CNI is a framework that provides a standardized way to configure network interfaces in Linux containers. It helps Kubernetes by defining how scripts should be called as soon as a container is created and specifies the structure of these scripts. Here's how it works:

  1. The container runtime looks at the CNI configuration.

  2. It finds the appropriate script in the /bin directory.

  3. It executes the script with the add command.

By using CNI, Kubernetes can automate the network setup process, ensuring that each pod gets its own unique IP address and can communicate with other pods, both within the same node and across different nodes. This greatly simplifies the network configuration and management within a Kubernetes cluster.

🗼Conclusion

Effective networking is a cornerstone of any Kubernetes cluster, ensuring seamless communication between nodes and pods. By understanding the essentials of cluster networking and implementing robust pod networking solutions, you can create a highly efficient and scalable environment.

Did you find this article valuable?

Support Ashutosh Mahajan's blog by becoming a sponsor. Any amount is appreciated!