Difference between revisions of "Kubernetes/Networking"

From Ever changing code
Jump to navigation Jump to search
(Created page with "Networking in Kubernetes is using Linux Network namespace. Each Pod has IP address assosiated with it. It recives this IP from Virtual Ethernet interface pair. <source lang=b...")
 
Line 1: Line 1:
= Verify Pod IP address, container IP and namespace =
Networking in Kubernetes is using Linux Network namespace. Each Pod has IP address assosiated with it. It recives this IP from Virtual Ethernet interface pair.
Networking in Kubernetes is using Linux Network namespace. Each Pod has IP address assosiated with it. It recives this IP from Virtual Ethernet interface pair.


Line 6: Line 7:
NAME                    READY  STATUS    RESTARTS  AGE  IP          NODE                NOMINATED NODE  READINESS GATES
NAME                    READY  STATUS    RESTARTS  AGE  IP          NODE                NOMINATED NODE  READINESS GATES
nginx-7cdbd8cdc9-89zcf  1/1    Running  1          8d    10.100.2.7  worker-2.acme.com  <none>          <none>
nginx-7cdbd8cdc9-89zcf  1/1    Running  1          8d    10.100.2.7  worker-2.acme.com  <none>          <none>
</source>


# Ssh to worker-2.acme.com
 
Ssh to worker-2.acme.com
<source lang=bash>
user@worker-2:~$ ifconfig  
user@worker-2:~$ ifconfig  
cni0      Link encap:Ethernet  HWaddr fe:70:ee:29:26:ca  
cni0      Link encap:Ethernet  HWaddr 86:5d:c7:93:72:d2  
           inet addr:10.100.2.1  Bcast:0.0.0.0  Mask:255.255.255.0
           inet addr:10.100.2.1  Bcast:0.0.0.0  Mask:255.255.255.0
           inet6 addr: fe80::fc70:eeff:fe29:26ca/64 Scope:Link
           inet6 addr: fe80::845d:c7ff:fe93:72d2/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           RX packets:2 errors:0 dropped:0 overruns:0 frame:0
           RX packets:29 errors:0 dropped:0 overruns:0 frame:0
           TX packets:56 errors:0 dropped:0 overruns:0 carrier:0
           TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000  
           collisions:0 txqueuelen:1000  
           RX bytes:56 (56.0 B)  TX bytes:6576 (6.5 KB)
           RX bytes:1900 (1.9 KB)  TX bytes:7165 (7.1 KB)


docker0  Link encap:Ethernet  HWaddr 02:42:11:a1:59:d3  
docker0  Link encap:Ethernet  HWaddr 02:42:c7:1c:b8:23  
           inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
           inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
           UP BROADCAST MULTICAST  MTU:1500  Metric:1
           UP BROADCAST MULTICAST  MTU:1500  Metric:1
Line 31: Line 35:
           inet6 addr: fe80::20:2eff:fe90:a866/64 Scope:Link
           inet6 addr: fe80::20:2eff:fe90:a866/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
           UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
           RX packets:44256 errors:0 dropped:0 overruns:0 frame:0
           RX packets:20293 errors:0 dropped:0 overruns:0 frame:0
           TX packets:5078 errors:0 dropped:0 overruns:0 carrier:0
           TX packets:15985 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000  
           collisions:0 txqueuelen:1000  
           RX bytes:62103701 (62.1 MB)  TX bytes:750750 (750.7 KB)
           RX bytes:15733611 (15.7 MB)  TX bytes:2550893 (2.5 MB)


flannel.1 Link encap:Ethernet  HWaddr 8a:de:67:53:07:08  
flannel.1 Link encap:Ethernet  HWaddr b2:3a:21:03:ec:13  
           inet addr:10.100.2.0  Bcast:0.0.0.0  Mask:255.255.255.255
           inet addr:10.100.2.0  Bcast:0.0.0.0  Mask:255.255.255.255
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
           TX packets:0 errors:0 dropped:18 overruns:0 carrier:0
           TX packets:0 errors:0 dropped:20 overruns:0 carrier:0
           collisions:0 txqueuelen:0  
           collisions:0 txqueuelen:0  
           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
Line 48: Line 52:
           inet6 addr: ::1/128 Scope:Host
           inet6 addr: ::1/128 Scope:Host
           UP LOOPBACK RUNNING  MTU:65536  Metric:1
           UP LOOPBACK RUNNING  MTU:65536  Metric:1
           RX packets:231 errors:0 dropped:0 overruns:0 frame:0
           RX packets:4741 errors:0 dropped:0 overruns:0 frame:0
           TX packets:231 errors:0 dropped:0 overruns:0 carrier:0
           TX packets:4741 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1  
           collisions:0 txqueuelen:1  
           RX bytes:19110 (19.1 KB)  TX bytes:19110 (19.1 KB)
           RX bytes:543426 (543.4 KB)  TX bytes:543426 (543.4 KB)


veth553fdc8b Link encap:Ethernet  HWaddr 12:00:5e:51:c8:92 
vethc3428d55 Link encap:Ethernet  HWaddr 52:1e:12:8c:0d:34        #<- 6th interface
           inet6 addr: fe80::1000:5eff:fe51:c892/64 Scope:Link
           inet6 addr: fe80::501e:12ff:fe8c:d34/64 Scope:Link     #its a pipe to the running pod
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           RX packets:1 errors:0 dropped:0 overruns:0 frame:0
           RX packets:28 errors:0 dropped:0 overruns:0 frame:0
           TX packets:82 errors:0 dropped:0 overruns:0 carrier:0
           TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0  
           collisions:0 txqueuelen:0  
           RX bytes:42 (42.0 B)  TX bytes:9671 (9.6 KB)
           RX bytes:2264 (2.2 KB)  TX bytes:10623 (10.6 KB)


vethef801ebe Link encap:Ethernet  HWaddr 92:a8:e7:0e:14:67  
vethe10ac769 Link encap:Ethernet  HWaddr 56:b5:d4:48:33:cc  
           inet6 addr: fe80::90a8:e7ff:fe0e:1467/64 Scope:Link
           inet6 addr: fe80::54b5:d4ff:fe48:33cc/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
           RX packets:1 errors:0 dropped:0 overruns:0 frame:0
           RX packets:1 errors:0 dropped:0 overruns:0 frame:0
           TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
           TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0  
           collisions:0 txqueuelen:0  
           RX bytes:42 (42.0 B)  TX bytes:9216 (9.2 KB)
           RX bytes:42 (42.0 B)  TX bytes:9190 (9.1 KB)
</source>


# See containers running on this node
 
sudo docker ps
See containers running on this node. The <tt>"/pause"</tt> container which pertains to nGinx container for the purpose of holding on to the pods network namespace.
<source lang=bash>
sudo docker ps | grep nginx
CONTAINER ID IMAGE                  COMMAND    CREATED STATUS PORTS NAMES
CONTAINER ID IMAGE                  COMMAND    CREATED STATUS PORTS NAMES
fddffd510a62 nginx                  "nginx -g '14 minu Up 14       k8s_nginx_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_1
1fc1244ca7d5 nginx                  "nginx -g 44 minu Up 44       k8s_nginx_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_2
16509cc4326d k8s.gcr.io/pause:3.1  "/pause"  14 minu Up 14        k8s_POD_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_4
367062cd2852 k8s.gcr.io/pause:3.1  "/pause"  44 minu Up 44          k8s_POD_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_10
 
#See docker IP (has not worked)
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $INSTANCE_ID
 
#See the container PID
sudo docker inspect --format '{{ .State.Pid }}' 1fc1244ca7d5
5738
$ sudo nsenter -t 5738 -n ip addr #display the container networking
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
3: eth0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8951 qdisc noqueue state UP group default
    link/ether 9e:3a:d3:66:46:bb brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.100.2.9/24 scope global eth0
      valid_lft forever preferred_lft forever


continue @1.46
#eth0@if6: :- eth0 on a pod is linked to node's 6th interface
</source>
</source>

Revision as of 00:29, 16 July 2019

Verify Pod IP address, container IP and namespace

Networking in Kubernetes is using Linux Network namespace. Each Pod has IP address assosiated with it. It recives this IP from Virtual Ethernet interface pair. 

#Find out node that 'nginx' pod is running on
kubectl -n default get pods -owide
NAME                     READY   STATUS    RESTARTS   AGE   IP           NODE                NOMINATED NODE   READINESS GATES
nginx-7cdbd8cdc9-89zcf   1/1     Running   1          8d    10.100.2.7   worker-2.acme.com   <none>           <none>


Ssh to worker-2.acme.com 

user@worker-2:~$ ifconfig 
cni0      Link encap:Ethernet  HWaddr 86:5d:c7:93:72:d2  
          inet addr:10.100.2.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::845d:c7ff:fe93:72d2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:29 errors:0 dropped:0 overruns:0 frame:0
          TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1900 (1.9 KB)  TX bytes:7165 (7.1 KB)

docker0   Link encap:Ethernet  HWaddr 02:42:c7:1c:b8:23  
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 02:20:2e:90:a8:66  
          inet addr:172.31.122.65  Bcast:172.31.127.255  Mask:255.255.240.0
          inet6 addr: 2a05:d018:85:e101:2177:162b:63d9:3600/128 Scope:Global
          inet6 addr: fe80::20:2eff:fe90:a866/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
          RX packets:20293 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15985 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:15733611 (15.7 MB)  TX bytes:2550893 (2.5 MB)

flannel.1 Link encap:Ethernet  HWaddr b2:3a:21:03:ec:13  
          inet addr:10.100.2.0  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:20 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:4741 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4741 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:543426 (543.4 KB)  TX bytes:543426 (543.4 KB)

vethc3428d55 Link encap:Ethernet  HWaddr 52:1e:12:8c:0d:34        #<- 6th interface
          inet6 addr: fe80::501e:12ff:fe8c:d34/64 Scope:Link      #its a pipe to the running pod
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:28 errors:0 dropped:0 overruns:0 frame:0
          TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2264 (2.2 KB)  TX bytes:10623 (10.6 KB)

vethe10ac769 Link encap:Ethernet  HWaddr 56:b5:d4:48:33:cc  
          inet6 addr: fe80::54b5:d4ff:fe48:33cc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:1 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:42 (42.0 B)  TX bytes:9190 (9.1 KB)


See containers running on this node. The "/pause" container which pertains to nGinx container for the purpose of holding on to the pods network namespace. 

sudo docker ps | grep nginx
CONTAINER ID IMAGE                  COMMAND    CREATED STATUS PORTS NAMES
1fc1244ca7d5 nginx                  "nginx -g  44 minu Up 44        k8s_nginx_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_2
367062cd2852 k8s.gcr.io/pause:3.1   "/pause"   44 minu Up 44          k8s_POD_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_10

#See docker IP (has not worked)
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $INSTANCE_ID

#See the container PID
sudo docker inspect --format '{{ .State.Pid }}' 1fc1244ca7d5
5738
$ sudo nsenter -t 5738 -n ip addr #display the container networking
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: eth0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8951 qdisc noqueue state UP group default 
    link/ether 9e:3a:d3:66:46:bb brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.100.2.9/24 scope global eth0
       valid_lft forever preferred_lft forever

#eth0@if6: :- eth0 on a pod is linked to node's 6th interface
Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=Kubernetes/Networking&oldid=4307