搜索歷史

清空
搜索熱詞
      0
      • 聊天消息
      • 系統(tǒng)消息
      • 評(píng)論與回復(fù)
      VIP于 到期 續(xù)費(fèi)
      登錄后你可以
      • 下載海量資料
      • 學(xué)習(xí)在線課程
      • 觀看技術(shù)視頻
      • 寫文章/發(fā)帖/加入社區(qū)
      會(huì)員中心
      創(chuàng)作中心
      發(fā)布
      創(chuàng)作活動(dòng)

      完善資料讓更多小伙伴認(rèn)識(shí)你,還能領(lǐng)取20積分哦,立即完善>

      3天內(nèi)不再提示

      Kubernetes的flannel網(wǎng)絡(luò)

      汽車電子技術(shù) ? 來(lái)源:碼農(nóng)與軟件時(shí)代 ? 作者:碼農(nóng)與軟件時(shí)代 ? 2023-02-15 10:42 ? 次閱讀

      前文:

      kubernetes:集群部署

      kubernetes:應(yīng)用部署與訪問(wèn)

      部署后的視圖為:

      圖片

      在此基礎(chǔ)上,本文研究flannel網(wǎng)絡(luò)的數(shù)據(jù)流視圖。

      一、flannel網(wǎng)絡(luò)的數(shù)據(jù)流轉(zhuǎn)是怎樣的?

      (一)node1節(jié)點(diǎn):

      1、查詢node1節(jié)點(diǎn)詳細(xì)信息,flannel的Backend類型為vxlan。

      root@master: kubectl describe node node1
Name:               node1
Roles:              node
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=node1
                    kubernetes.io/os=linux
                    node-role.kubernetes.io/node=
Annotations:        flannel.alpha.coreos.com/backend-data: {"VNI":1,"VtepMAC":"2a:95:ed:10:e4:56"}
                    flannel.alpha.coreos.com/backend-type: vxlan
                    flannel.alpha.coreos.com/kube-subnet-manager: true
                    flannel.alpha.coreos.com/public-ip: 30.0.1.160
                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
                    node.alpha.kubernetes.io/ttl: 0
                    volumes.kubernetes.io/controller-managed-attach-detach: true

      2、查詢node節(jié)點(diǎn)信息,node1部署httpd-app、httpd-test兩個(gè)POD,node2同樣部署httpd-app、httpd-test另外兩個(gè)POD。

      root@k8s:~# kubectl get pods -o wide
NAME                         READY   STATUS    RESTARTS   AGE    IP           NODE    NOMINATED NODE   READINESS GATES
httpd-app-675b65488d-6kgk6   1/1     Running   0          2d5h   10.244.2.2   node2              
httpd-app-675b65488d-9w69v   1/1     Running   0          2d5h   10.244.1.2   node1              
httpd-test-fd769fcb7-nbqsn   1/1     Running   0          32h    10.244.2.3   node2              
httpd-test-fd769fcb7-nnm99   1/1     Running   0          32h    10.244.1.3   node1

      3、進(jìn)入node1節(jié)點(diǎn)httpd-app-675b65488d-9w69v,執(zhí)行ip addr,查詢端口信息。

      初次執(zhí)行ip addr命令提示ip not found,需要安裝iproute2。

      root@k8s:~# kubectl exec -it httpd-app-675b65488d-9w69v /bin/sh 
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
# ip addr
/bin/sh: 6: ip: not found
# apt-get install iproute2
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  libatm1 libbpf0 libbsd0 libcap2 libcap2-bin libelf1 libmd0 libmnl0 libpam-cap libxtables12
Suggested packages:
  iproute2-doc
The following NEW packages will be installed:
  iproute2 libatm1 libbpf0 libbsd0 libcap2 libcap2-bin libelf1 libmd0 libmnl0 libpam-cap libxtables12
0 upgraded, 11 newly installed, 0 to remove and 0 not upgraded.
Need to get 1530 kB of archives.
After this operation, 4960 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libmd0 amd64 1.0.3-3 [28.0 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libbsd0 amd64 0.11.3-1 [108 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]                                                                   
Get:6 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]                                                                    
Get:7 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]                                                               
Get:8 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]                                                               
Get:9 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]                                                                   
Get:10 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]                                                                 
Get:11 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]                                                               
Fetched 1530 kB in 1min 2s (24.8 kB/s)                                                                                                                    
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 6834 files and directories currently installed.)
Preparing to unpack .../00-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../01-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libmd0:amd64.
Preparing to unpack .../02-libmd0_1.0.3-3_amd64.deb ...
Unpacking libmd0:amd64 (1.0.3-3) ...
Selecting previously unselected package libbsd0:amd64.
Preparing to unpack .../03-libbsd0_0.11.3-1_amd64.deb ...
Unpacking libbsd0:amd64 (0.11.3-1) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../04-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../05-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../06-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../07-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../08-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../09-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../10-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libmd0:amd64 (1.0.3-3) ...
Setting up libbsd0:amd64 (0.11.3-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype
Processing triggers for libc-bin (2.31-13+deb11u2) ...
# ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: eth0@if6:  mtu 1400 qdisc noqueue state UP group default 
    link/ether 4a:1f:b9:9d:30:75 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.244.1.2/24 brd 10.244.1.255 scope global eth0
       valid_lft forever preferred_lft forever
# ip route
default via 10.244.1.1 dev eth0 
10.244.0.0/16 via 10.244.1.1 dev eth0 
10.244.1.0/24 dev eth0 proto kernel scope link src 10.244.1.2

      10.244.1.2的數(shù)據(jù)包從eth0出來(lái),eth0為Veth設(shè)備,對(duì)端為@if6,也就是宿主機(jī)對(duì)應(yīng)的6: veth76d1fce3@if3,這兩者組成veth對(duì)。

      4、進(jìn)入宿主機(jī),執(zhí)行ip addr進(jìn)行查看:

      root@k8s:# ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens3:  mtu 1450 qdisc fq_codel state UP group default qlen 1000
    link/ether fa:16:3e:69:98:f3 brd ff:ff:ff:ff:ff:ff
    inet 30.0.1.160/24 brd 30.0.1.255 scope global dynamic ens3
       valid_lft 19286sec preferred_lft 19286sec
    inet6 fe80::f816:3eff:fe69:98f3/64 scope link 
       valid_lft forever preferred_lft forever
3: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:62:9b:ec:f4 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
4: flannel.1:  mtu 1400 qdisc noqueue state UNKNOWN group default 
    link/ether 2a:95:ed:10:e4:56 brd ff:ff:ff:ff:ff:ff
    inet 10.244.1.0/32 brd 10.244.1.0 scope global flannel.1
       valid_lft forever preferred_lft forever
    inet6 fe80::2895:edff:fe10:e456/64 scope link 
       valid_lft forever preferred_lft forever
5: cni0:  mtu 1400 qdisc noqueue state UP group default qlen 1000
    link/ether 36:a5:21:90:7c:9a brd ff:ff:ff:ff:ff:ff
    inet 10.244.1.1/24 brd 10.244.1.255 scope global cni0
       valid_lft forever preferred_lft forever
    inet6 fe80::34a5:21ff:fe90:7c9a/64 scope link 
       valid_lft forever preferred_lft forever
6: veth76d1fce3@if3:  mtu 1400 qdisc noqueue master cni0 state UP group default 
    link/ether 16:ae:4d:3a:e9:d8 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::14ae:4dff:fe3a:e9d8/64 scope link 
       valid_lft forever preferred_lft forever
7: veth16e5e638@if3:  mtu 1400 qdisc noqueue master cni0 state UP group default 
    link/ether f6:93:97:52:2e:5a brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::f493:97ff:fe52:2e5a/64 scope link 
       valid_lft forever preferred_lft forever

      宿主機(jī)對(duì)應(yīng)的6為veth76d1fce3。

      或者,通過(guò)工具ethtool查詢。如沒(méi)安裝,則執(zhí)行apt-get install ethtool:

      # ethtool -S eth0
/bin/sh: 27: ethtool: not found
# apt-get install ethtool
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  ethtool
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 182 kB of archives.
After this operation, 611 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 ethtool amd64 1:5.9-1 [182 kB]
Fetched 182 kB in 1s (142 kB/s)  
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package ethtool.
(Reading database ... 7124 files and directories currently installed.)
Preparing to unpack .../ethtool_1%3a5.9-1_amd64.deb ...
Unpacking ethtool (1:5.9-1) ...
Setting up ethtool (1:5.9-1) ...
# ethtool -S eth0
NIC statistics:
     peer_ifindex: 6

      5、veth設(shè)備veth76d1fce3在網(wǎng)橋cni0上,數(shù)據(jù)包便流轉(zhuǎn)到cni0。

      root@k8s:~# brctl show
bridge namebridge idSTP enabledinterfaces
cni08000.36a521907c9anoveth16e5e638
            veth76d1fce3
docker08000.0242629becf4no

      6、cni0的數(shù)據(jù)包將走到網(wǎng)關(guān)10.244.1.0

      root@k8s:~# ifconfig
cni0: flags=4163  mtu 1400
        inet 10.244.1.1  netmask 255.255.255.0  broadcast 10.244.1.255
        inet6 fe80::34a5:21ff:fe90:7c9a  prefixlen 64  scopeid 0x20
        ether 36:a5:21:90:7c:9a  txqueuelen 1000  (Ethernet)
        RX packets 5683  bytes 328382 (328.3 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6677  bytes 10746482 (10.7 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
flannel.1: flags=4163  mtu 1400
        inet 10.244.1.0  netmask 255.255.255.255  broadcast 10.244.1.0
        inet6 fe80::2895:edff:fe10:e456  prefixlen 64  scopeid 0x20
        ether 2a:95:ed:10:e4:56  txqueuelen 0  (Ethernet)
        RX packets 116  bytes 11090 (11.0 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 101  bytes 9963 (9.9 KB)
        TX errors 0  dropped 91 overruns 0  carrier 0  collisions 0

      根據(jù)路由匹配規(guī)則,目的地址為10.244.2.2(假定ping操作)的數(shù)據(jù)包將會(huì)交由flannel.1設(shè)備處理。

      root@k8s:# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         30.0.1.1        0.0.0.0         UG    100    0        0 ens3
10.244.0.0      10.244.0.0      255.255.255.0   UG    0      0        0 flannel.1
10.244.1.0      0.0.0.0         255.255.255.0   U     0      0        0 cni0
10.244.2.0      10.244.2.0      255.255.255.0   UG    0      0        0 flannel.1
30.0.1.0        0.0.0.0         255.255.255.0   U     0      0        0 ens3
169.254.169.254 30.0.1.1        255.255.255.255 UGH   100    0        0 ens3
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0

      而flannel.1為VTEP設(shè)備。

      root@k8s:~# ip -d link show flannel.1
4: flannel.1:  mtu 1400 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/ether 2a:95:ed:10:e4:56 brd ff:ff:ff:ff:ff:ff promiscuity 0 
    vxlan id 1 local 30.0.1.160 dev ens3 srcport 0 0 dstport 8472 nolearning ttl inherit ageing 300 udpcsum noudp6zerocsumtx noudp6zerocsumrx addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

      (二)node2節(jié)點(diǎn)

      1、查詢node2節(jié)點(diǎn)的網(wǎng)絡(luò)設(shè)備信息:ens3為宿主機(jī)的eth端口,cni0為網(wǎng)橋,flannel.1為VTEP設(shè)備。

      root@k8s:/# ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens3:  mtu 1450 qdisc fq_codel state UP group default qlen 1000
    link/ether fa:16:3e:eb:3a:5e brd ff:ff:ff:ff:ff:ff
    inet 30.0.1.47/24 brd 30.0.1.255 scope global dynamic ens3
       valid_lft 61438sec preferred_lft 61438sec
    inet6 fe80::f816:3eff:feeb:3a5e/64 scope link 
       valid_lft forever preferred_lft forever
3: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:9c:0c:bb:08 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
4: flannel.1:  mtu 1400 qdisc noqueue state UNKNOWN group default 
    link/ether 72:c8:ad:5f:87:07 brd ff:ff:ff:ff:ff:ff
    inet 10.244.2.0/32 brd 10.244.2.0 scope global flannel.1
       valid_lft forever preferred_lft forever
    inet6 fe80::70c8:adff:fe5f:8707/64 scope link 
  valid_lft forever preferred_lft forever
5: cni0:  mtu 1400 qdisc noqueue state UP group default qlen 1000
    link/ether de:fb:ba:bd:46:44 brd ff:ff:ff:ff:ff:ff
    inet 10.244.2.1/24 brd 10.244.2.255 scope global cni0
       valid_lft forever preferred_lft forever
    inet6 fe80::dcfb:baff:febd:4644/64 scope link 
       valid_lft forever preferred_lft forever
6: veth79a7513f@if3:  mtu 1400 qdisc noqueue master cni0 state UP group default 
    link/ether de:88:ba:a5:77:cb brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::dc88:baff:fea5:77cb/64 scope link 
       valid_lft forever preferred_lft forever
7: vethd0184a65@if3:  mtu 1400 qdisc noqueue master cni0 state UP group default 
    link/ether 5a:6f:a9:bc:09:27 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::586f:a9ff:febc:927/64 scope link 
       valid_lft forever preferred_lft forever
root@k8s:/#

      2、通過(guò)vxlan隧道,flannel.1會(huì)接收到來(lái)自node1節(jié)點(diǎn)的數(shù)據(jù)包,根據(jù)目的IP地址是10.244.2.2,進(jìn)一步轉(zhuǎn)發(fā)到cni0。

      root@k8s:/# ip route
default via 30.0.1.1 dev ens3 proto dhcp src 30.0.1.47 metric 100 
10.244.0.0/24 via 10.244.0.0 dev flannel.1 onlink 
10.244.1.0/24 via 10.244.1.0 dev flannel.1 onlink 
10.244.2.0/24 dev cni0 proto kernel scope link src 10.244.2.1 
30.0.1.0/24 dev ens3 proto kernel scope link src 30.0.1.47 
169.254.169.254 via 30.0.1.1 dev ens3 proto dhcp src 30.0.1.47 metric 100 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown

      3、cni0的端口設(shè)備為veth79a7513f、vethd0184a65。

      root@k8s:/# brctl show cni0
bridge name   bridge idSTP enabled   interfaces
cni08000.defbbabd4644   no   veth79a7513f
                   vethd0184a65

      4、進(jìn)入到httpd-app-675b65488d-6kgk6 pod中,查找veth設(shè)備對(duì)為veth79a7513f -- eth0@if6。

      root@k8s:~# kubectl exec -it httpd-app-675b65488d-6kgk6 /bin/sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: eth0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default 
    link/ether 0e:da:e9:4e:f0:bf brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.244.2.2/24 brd 10.244.2.255 scope global eth0
       valid_lft forever preferred_lft forever

      通過(guò)node1節(jié)點(diǎn)和node2節(jié)點(diǎn)的分析,則可得到數(shù)據(jù)流轉(zhuǎn)圖為:

      圖片

      二、網(wǎng)絡(luò)抓包分析數(shù)據(jù)流

      在node1節(jié)點(diǎn)httpd-app(10.244.1.2) ping node2節(jié)點(diǎn)httpd-app(10.244.2.2)。

      通過(guò)在node1節(jié)點(diǎn)的pod路由追蹤traceroute發(fā)現(xiàn)其鏈路為:

      # traceroute 10.244.2.2
traceroute to 10.244.2.2 (10.244.2.2), 30 hops max, 60 byte packets
 1  10.244.1.1 (10.244.1.1)  0.163 ms  0.025 ms  0.017 ms
 2  10.244.2.0 (10.244.2.0)  1.269 ms  1.185 ms  1.097 ms
 3  10-244-2-2.httpd-app.default.svc.cluster.local (10.244.2.2)  1.409 ms  1.357 ms  1.303 ms

      1、node1節(jié)點(diǎn)的抓包點(diǎn)放在:flannel.1、ens3:

      root@k8s:/# tcpdump -n -vv -i flannel.1 -w /var/tmp/n1-flannel.cap
root@k8s:/# tcpdump -n -vv -i ens3 -w /var/tmp/n1-ens3.cap

      Node1--flannel.1

      圖片

      Node1--ens3

      圖片

      2、node2節(jié)點(diǎn)的抓包點(diǎn)放在:flannel.1、ens3:

      root@k8s:/# tcpdump -n -vv -i flannel.1 -w /var/tmp/n2-flannel.cap
root@k8s:/# tcpdump -n -vv -i ens3 -w /var/tmp/n2-ens3.cap

      Node2--flannel.1

      圖片

      Node2--ens3

      圖片

      通過(guò)flannel.1設(shè)備上抓的數(shù)據(jù)包來(lái)看,vxlan包沒(méi)有在flannel.1獲取到,而在ens3上是vxlan包的。vxlan解封包應(yīng)該是在flanneld上進(jìn)行的。

      聲明:本文內(nèi)容及配圖由入駐作者撰寫或者入駐合作網(wǎng)站授權(quán)轉(zhuǎn)載。文章觀點(diǎn)僅代表作者本人,不代表電子發(fā)燒友網(wǎng)立場(chǎng)。文章及其配圖僅供工程師學(xué)習(xí)之用,如有內(nèi)容侵權(quán)或者其他違規(guī)問(wèn)題,請(qǐng)聯(lián)系本站處理。 舉報(bào)投訴
      • 節(jié)點(diǎn)
        +關(guān)注

        關(guān)注

        0

        文章

        212

        瀏覽量

        24296
      • node
        +關(guān)注

        關(guān)注

        0

        文章

        23

        瀏覽量

        5916
      • VxLAN
        +關(guān)注

        關(guān)注

        0

        文章

        23

        瀏覽量

        3804
      收藏 人收藏

        評(píng)論

        相關(guān)推薦

        Kubernetes 網(wǎng)絡(luò)模型如何實(shí)現(xiàn)常見(jiàn)網(wǎng)絡(luò)任務(wù)

        Kubernetes 是為運(yùn)行分布式集群而建立的,分布式系統(tǒng)的本質(zhì)使得網(wǎng)絡(luò)成為 Kubernetes 的核心和必要組成部分,了解 Kubernetes
        的頭像 發(fā)表于 10-08 11:32 ?985次閱讀

        Kubernetes的Device Plugin設(shè)計(jì)解讀

        摘要: Kubernetes的生態(tài)地位已經(jīng)確立,可擴(kuò)展性將是其發(fā)力的主戰(zhàn)場(chǎng)。異構(gòu)計(jì)算作為非常重要的新戰(zhàn)場(chǎng),Kubernetes非常重視。而異構(gòu)計(jì)算需要強(qiáng)大的計(jì)算力和高性能網(wǎng)絡(luò),需要提供一種統(tǒng)一的方式
        發(fā)表于 03-12 16:23

        淺析Kubernetes

        【k8s】Kubernetes基礎(chǔ)概念
        發(fā)表于 09-27 09:11

        K8s 從懵圈到熟練 – 集群網(wǎng)絡(luò)詳解

        (干道),而 flannel cni 是節(jié)點(diǎn)創(chuàng)建的時(shí)候,通過(guò) kubernetes-cni 這個(gè) rpm 包安裝的 cni 插件,其被 kubelet 調(diào)用,用來(lái)為具體的 pod 創(chuàng)建網(wǎng)絡(luò)(分枝)。理解
        發(fā)表于 10-14 15:06

        Kubernetes上運(yùn)行Kubernetes

        開(kāi)源容器編排引擎 Kubernetes 絕對(duì)有魔力。 一直以來(lái),容器就是個(gè)很酷的概念,但事實(shí)上,廣泛部署卻十分困難。你幾乎沒(méi)法手動(dòng)管理容器之間的網(wǎng)絡(luò)、持續(xù)存儲(chǔ)和數(shù)百個(gè)容器間的自動(dòng)擴(kuò)展,而一個(gè)讓人
        發(fā)表于 09-30 13:33 ?0次下載
        在<b class='flag-5'>Kubernetes</b>上運(yùn)行<b class='flag-5'>Kubernetes</b>

        Kubernetes網(wǎng)絡(luò)隔離NetworkPolicy實(shí)驗(yàn)

        Kubernetes的一個(gè)重要特性就是要把不同node節(jié)點(diǎn)的pod(container)連接起來(lái),無(wú)視物理節(jié)點(diǎn)的限制。但是在某些應(yīng)用環(huán)境中,比如公有云,不同租戶的pod不應(yīng)該互通,這個(gè)時(shí)候就需要網(wǎng)絡(luò)
        發(fā)表于 11-28 10:00 ?2631次閱讀

        Kubernetes網(wǎng)絡(luò)模型介紹以及如何實(shí)現(xiàn)常見(jiàn)網(wǎng)絡(luò)任務(wù)

        Kubernetes 是為運(yùn)行分布式集群而建立的,分布式系統(tǒng)的本質(zhì)使得網(wǎng)絡(luò)成為 Kubernetes 的核心和必要組成部分,了解 Kubernetes
        的頭像 發(fā)表于 05-05 20:22 ?1671次閱讀

        Kubernetes網(wǎng)絡(luò)模型的基礎(chǔ)知識(shí)

        Kubernetes 是為運(yùn)行分布式集群而建立的,分布式系統(tǒng)的本質(zhì)使得網(wǎng)絡(luò)成為 Kubernetes 的核心和必要組成部分,了解 Kubernetes
        的頭像 發(fā)表于 07-20 09:46 ?1102次閱讀

        Kubernetes集群發(fā)生網(wǎng)絡(luò)異常時(shí)如何排查

        本文將引入一個(gè)思路:“在 Kubernetes 集群發(fā)生網(wǎng)絡(luò)異常時(shí)如何排查”。文章將引入 Kubernetes 集群中網(wǎng)絡(luò)排查的思路,包含網(wǎng)絡(luò)
        的頭像 發(fā)表于 09-02 09:45 ?4568次閱讀

        跟蹤Kubernetes網(wǎng)絡(luò)流量路徑

        通過(guò)本文,你將了解在 Kubernetes 內(nèi)外,數(shù)據(jù)包是如何轉(zhuǎn)發(fā)的,從原始的 Web 請(qǐng)求開(kāi)始,到托管應(yīng)用程序的容器。 在深入了解在 Kubernetes 集群中數(shù)據(jù)包如何流轉(zhuǎn)的細(xì)節(jié)之前,先明確一下 Kubernetes 對(duì)
        的頭像 發(fā)表于 10-24 10:22 ?1045次閱讀

        Kubernetes中的網(wǎng)絡(luò)模型

        kubernetes 中,underlay network 中比較典型的例子是通過(guò)將宿主機(jī)作為路由器設(shè)備,Pod 的網(wǎng)絡(luò)則通過(guò)學(xué)習(xí)路由條目從而實(shí)現(xiàn)跨節(jié)點(diǎn)通訊。
        的頭像 發(fā)表于 12-14 10:07 ?762次閱讀

        Kubernetes Pod如何獨(dú)立工作

        在學(xué)習(xí) Kubernetes 網(wǎng)絡(luò)模型的過(guò)程中,了解各種網(wǎng)絡(luò)組件的作用以及如何交互非常重要。本文就介紹了各種網(wǎng)絡(luò)組件在 Kubernetes
        的頭像 發(fā)表于 05-16 14:29 ?542次閱讀
        <b class='flag-5'>Kubernetes</b> Pod如何獨(dú)立工作

        各種網(wǎng)絡(luò)組件在 Kubernetes 集群中是如何交互的

        Kubernetes 中有多種網(wǎng)絡(luò)設(shè)置方法,以及 container runtime 的各種選項(xiàng)。這篇文章將使用 Flannel 作為 network provider,并使用 Containered 作為 containe
        的頭像 發(fā)表于 05-23 09:49 ?697次閱讀
        各種<b class='flag-5'>網(wǎng)絡(luò)</b>組件在 <b class='flag-5'>Kubernetes</b> 集群中是如何交互的

        探討Kubernetes中的網(wǎng)絡(luò)模型(各種網(wǎng)絡(luò)模型分析)

        kubernetes 中,underlay network 中比較典型的例子是通過(guò)將宿主機(jī)作為路由器設(shè)備,Pod 的網(wǎng)絡(luò)則通過(guò)學(xué)習(xí)路由條目從而實(shí)現(xiàn)跨節(jié)點(diǎn)通訊。
        發(fā)表于 08-24 12:44 ?286次閱讀
        探討<b class='flag-5'>Kubernetes</b>中的<b class='flag-5'>網(wǎng)絡(luò)</b>模型(各種<b class='flag-5'>網(wǎng)絡(luò)</b>模型分析)

        常用的k8s容器網(wǎng)絡(luò)模式有哪些?

        ,每種模式都有其特點(diǎn)和適用場(chǎng)景。Bridge模式適用于簡(jiǎn)單的容器通信場(chǎng)景;Host模式適用于需要高度集成和性能優(yōu)化的場(chǎng)景;Overlay模式和Flannel模式適用于跨節(jié)點(diǎn)的容器通信場(chǎng)景;而CNI模式則提供了一種標(biāo)準(zhǔn)化的網(wǎng)絡(luò)插件接口,使得
        的頭像 發(fā)表于 09-19 11:29 ?61次閱讀