Kubernetes Cluster Networking and Pod Networking
🗼Cluster Networing
In a Kubernetes (K8s) cluster, the architecture is built around a master node and several worker nodes. Each of these nodes must have at least one network interface connected and an address configured. Here’s an example configuration:
Master Node
IP: 192.168.1.10
Hostname: master-01
Interface: eth0
Worker Nodes
Worker-01
IP: 192.168.1.11
Hostname: worker-01
Interface: eth0
Worker-02
IP: 192.168.1.12
Hostname: worker-02
Interface: eth0
Finding Network Interfaces and MAC Addresses
To identify the network interface associated with a specific IP address, use the following command:
ip a | grep -B2 <node ip>
To view the MAC address of a specific interface (e.g., eth0), use:
ip link show eth0
🗼Pod Networking
Currently, Kubernetes does not provide a built-in solution for pod addressing and communication. Therefore, it is essential to implement a networking solution that meets the following requirements:
Unique IP Address: Every pod should have its own unique IP address.
Pod-to-Pod Communication: Every pod should be able to communicate with other pods on the same node and across different nodes.
Service Accessibility: Services running on pods should be accessible both internally within the cluster and externally.
🗼Setting Up Pod Networking
To attach a container to the network, we need to create a virtual network interface using the ip link add
command and assign it an IP address. Here’s a step-by-step guide:
Create a Virtual Network Cable:
ip link add veth0 type veth peer name veth1
Attach One End to the Container and the Other End to the Bridge:
ip link set veth0 netns <container-id> ip link set veth1 master <bridge-name>
Assign IP Addresses:
ip -n <namespace> addr add <ip-address> dev veth0 ip -n <namespace> route add <route> dev veth0
Bring Up the Network Interface:
ip -n <namespace> link set veth0 up
Automating with Scripts
To simplify the process, you can automate these commands in a script and run it for each container. This approach ensures:
Each pod gets a unique IP address.
Pods within the same node can communicate with each other.
Inter-Node Communication
To enable communication between containers on different nodes, add routes for the container IPs of other nodes:
ip route add <2nd-node-container-ip> via <2nd-node-ip>
However, manually managing IP assignments and network configurations can be complex and error-prone. This is where the Container Network Interface (CNI) comes in.
🗼Container Network Interface (CNI)
CNI is a framework that provides a standardized way to configure network interfaces in Linux containers. It helps Kubernetes by defining how scripts should be called as soon as a container is created and specifies the structure of these scripts. Here's how it works:
The container runtime looks at the CNI configuration.
It finds the appropriate script in the
/bin
directory.It executes the script with the
add
command.
By using CNI, Kubernetes can automate the network setup process, ensuring that each pod gets its own unique IP address and can communicate with other pods, both within the same node and across different nodes. This greatly simplifies the network configuration and management within a Kubernetes cluster.
🗼Conclusion
Effective networking is a cornerstone of any Kubernetes cluster, ensuring seamless communication between nodes and pods. By understanding the essentials of cluster networking and implementing robust pod networking solutions, you can create a highly efficient and scalable environment.