Kubernetes/Networking

From Ever changing code
Jump to navigation Jump to search

Verify Pod IP address, container IP and namespace

Networking in Kubernetes is using Linux Network namespace. Each Pod has IP address assosiated with it. It recives this IP from Virtual Ethernet interface pair.

#Find out node that 'nginx' pod is running on
kubectl -n default get pods -owide
NAME                     READY   STATUS    RESTARTS   AGE   IP           NODE                NOMINATED NODE   READINESS GATES
nginx-7cdbd8cdc9-89zcf   1/1     Running   1          8d    10.100.2.9   worker-2.acme.com   <none>           <none>


Ssh to worker-2.acme.com

user@worker-2:~$ ifconfig 
cni0      Link encap:Ethernet  HWaddr 86:5d:c7:93:72:d2  
          inet addr:10.100.2.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::845d:c7ff:fe93:72d2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:29 errors:0 dropped:0 overruns:0 frame:0
          TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1900 (1.9 KB)  TX bytes:7165 (7.1 KB)

docker0   Link encap:Ethernet  HWaddr 02:42:c7:1c:b8:23  
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 02:20:2e:90:a8:66  
          inet addr:172.31.122.65  Bcast:172.31.127.255  Mask:255.255.240.0
          inet6 addr: 2a05:d018:85:e101:2177:162b:63d9:3600/128 Scope:Global
          inet6 addr: fe80::20:2eff:fe90:a866/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:9001  Metric:1
          RX packets:20293 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15985 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:15733611 (15.7 MB)  TX bytes:2550893 (2.5 MB)

flannel.1 Link encap:Ethernet  HWaddr b2:3a:21:03:ec:13  
          inet addr:10.100.2.0  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:20 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:4741 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4741 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:543426 (543.4 KB)  TX bytes:543426 (543.4 KB)

vethc3428d55 Link encap:Ethernet  HWaddr 52:1e:12:8c:0d:34        #<- 6th interface
          inet6 addr: fe80::501e:12ff:fe8c:d34/64 Scope:Link      #its a pipe to the running pod
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:28 errors:0 dropped:0 overruns:0 frame:0
          TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2264 (2.2 KB)  TX bytes:10623 (10.6 KB)

vethe10ac769 Link encap:Ethernet  HWaddr 56:b5:d4:48:33:cc  
          inet6 addr: fe80::54b5:d4ff:fe48:33cc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:8951  Metric:1
          RX packets:1 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:42 (42.0 B)  TX bytes:9190 (9.1 KB)


See containers running on this node. The "/pause" container which pertains to nGinx container for the purpose of holding on to the pods network namespace.

sudo docker ps | grep nginx
CONTAINER ID IMAGE                  COMMAND    CREATED STATUS PORTS NAMES
1fc1244ca7d5 nginx                  "nginx -g" 44 minu Up 44        k8s_nginx_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_2
367062cd2852 k8s.gcr.io/pause:3.1   "/pause"   44 minu Up 44          k8s_POD_nginx-7cdbd8cdc9-89zcf_default_9c89e271-a07c-11e9-80e8-02f78428aaf6_10

#See docker IP (has not worked)
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $INSTANCE_ID

#See the container PID
sudo docker inspect --format '{{ .State.Pid }}' 1fc1244ca7d5
5738
$ sudo nsenter -t 5738 -n ip addr #display the container networking
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: eth0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8951 qdisc noqueue state UP group default 
    link/ether 9e:3a:d3:66:46:bb brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.100.2.9/24 scope global eth0
       valid_lft forever preferred_lft forever

#eth0@if6: :- eth0 on a pod is linked to node's 6th interface