docker
bridge
joined
open
none
kubernetes网络通信:
(1) 容器间通信: 同一个Pod内的多个容器间的通信,lo
(2) Pod通信: Pod IP <--> Pod IP
(3) Pod与Service通信: PodIP <--> ClusterIP
(4) Service与集群外部客户端的通信;
CNI:
flannel
calico
canel
...
解决方案:
虚拟网桥
多路复用: MacVLAN
硬件交换: SR-IOV
kubelete, /etc/cni/net.d/
flannel:
支持多种后端:
VxLAN
(1) vxlan
(2) Directrouting
host-gw: Host Gateway
UDP:
flannel的配置参数:
Network: flannel使用的CIDR格式的网络地址,用于为Pod配置网络功能;
10.244.0.0/16 ->
master: 10.244.0.0/24
node01: 10.244.1.0/24
...
node255: 10.244.255.0/24
10.0.0.0/8
10.0.0.0/24
...
10.255.255.0/24
SubnetLen: 把Network切分子网供各节点使用时,使用多长的掩码进行切分,默认为24位;
SubnetMin: 10.244.10.0/24
SubnetMax: 10.244.100.0/24
Backed: vxlan, host-gw, udp
vxlan:
master:
[root@master ~]# kubectl get configmap -n kube-system
NAME DATA AGE
coredns 1 32d
extension-apiserver-authentication 6 32d
kube-flannel-cfg 2 31d
kube-proxy 2 32d
kubeadm-config 1 32d
kubelet-config-1.11 1 32d
kubernetes-dashboard-settings 1 2d
[root@master ~]# kubectl get configmap kube-proxy -o yaml -n kube-system
mode: ""
[root@master ~]# ll /etc/cni/net.d/
总用量 4
-rw-r--r--. 1 root root 92 7月 8 21:42 10-flannel.conf
[root@master ~]# cat /etc/cni/net.d/10-flannel.conf
{
"name": "cbr0",
"type": "flannel",
"delegate": {
"isDefaultGateway": true
}
}
[root@master ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e1:8a:5b brd ff:ff:ff:ff:ff:ff
inet 172.20.0.70/16 brd 172.20.255.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::ec26:6bfb:12af:4133/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:30:1a:f5:44 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
4: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
link/ether 36:da:91:ec:ce:59 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::34da:91ff:feec:ce59/64 scope link
valid_lft forever preferred_lft forever
5: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000
link/ether 0a:58:0a:f4:00:01 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.1/24 scope global cni0
valid_lft forever preferred_lft forever
inet6 fe80::c406:3dff:feb1:1283/64 scope link
valid_lft forever preferred_lft forever
6: veth18b7199a@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default
link/ether 3e:22:ec:54:e6:87 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::3c22:ecff:fe54:e687/64 scope link
valid_lft forever preferred_lft forever
7: veth5c092db0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default
link/ether be:6a:4f:4d:e6:77 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::bc6a:4fff:fe4d:e677/64 scope link
valid_lft forever preferred_lft forever
[root@master ~]# kubectl get configmap -n kube-system
NAME DATA AGE
coredns 1 35d
extension-apiserver-authentication 6 35d
kube-flannel-cfg 2 34d
kube-proxy 2 35d
kubeadm-config 1 35d
kubelet-config-1.11 1 35d
kubernetes-dashboard-settings 1 5d
[root@master ~]# kubectl get daemonset -n kube-system
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-flannel-ds 3 3 3 3 3 beta.kubernetes.io/arch=amd64 34d
kube-proxy 3 3 3 3 3 beta.kubernetes.io/arch=amd64 35d
[root@master ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE
coredns-78fcdf6894-bt5g6 1/1 Running 1 35d 10.244.0.4 master.smoke.com
coredns-78fcdf6894-zzbll 1/1 Running 1 35d 10.244.0.5 master.smoke.com
etcd-master.smoke.com 1/1 Running 1 35d 172.20.0.70 master.smoke.com
kube-apiserver-master.smoke.com 1/1 Running 1 35d 172.20.0.70 master.smoke.com
kube-controller-manager-master.smoke.com 1/1 Running 1 35d 172.20.0.70 master.smoke.com
kube-flannel-ds-5hjb9 1/1 Running 1 34d 172.20.0.67 node02.smoke.com
kube-flannel-ds-6l2ht 1/1 Running 2 34d 172.20.0.66 node01.smoke.com
kube-flannel-ds-nspfq 1/1 Running 1 34d 172.20.0.70 master.smoke.com
kube-proxy-5jppm 1/1 Running 1 34d 172.20.0.66 node01.smoke.com
kube-proxy-7lg96 1/1 Running 1 35d 172.20.0.70 master.smoke.com
kube-proxy-qmrq7 1/1 Running 1 34d 172.20.0.67 node02.smoke.com
kube-scheduler-master.smoke.com 1/1 Running 1 35d 172.20.0.70 master.smoke.com
kubernetes-dashboard-6948bdb78-7rkwz 1/1 Running 0 4d 10.244.2.70 node02.smoke.com
[root@master ~]# kubectl get configmap -n kube-system
NAME DATA AGE
coredns 1 35d
extension-apiserver-authentication 6 35d
kube-flannel-cfg 2 34d
kube-proxy 2 35d
kubeadm-config 1 35d
kubelet-config-1.11 1 35d
kubernetes-dashboard-settings 1 5d
[root@master ~]# kubectl get configmap kube-flannel-cfg -o json -n kube-system
{
"apiVersion": "v1",
"data": {
"cni-conf.json": "{\n \"name\": \"cbr0\",\n \"type\": \"flannel\",\n \"delegate\": {\n \"isDefaultGateway\": true\n }\n}\n",
"net-conf.json": "{\n \"Network\": \"10.244.0.0/16\",\n \"Backend\": {\n \"Type\": \"vxlan\"\n }\n}\n"
},
"kind": "ConfigMap",
"metadata": {
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"data\":{\"cni-conf.json\":\"{\\n \\\"name\\\": \\\"cbr0\\\",\\n \\\"type\\\": \\\"flannel\\\",\\n \\\"delegate\\\": {\\n
\\\"isDefaultGateway\\\": true\\n }\\n}\\n\",\"net-conf.json\":\"{\\n \\\"Network\\\": \\\"10.244.0.0/16\\\",\\n \\\"Backend\\\": {\\n \\\"Type\\\": \\\"vxlan\\\"\\n }\\n}\\n\"},\"kind\":\"ConfigMap\",\
"metadata\":{\"annotations\":{},\"labels\":{\"app\":\"flannel\",\"tier\":\"node\"},\"name\":\"kube-flannel-cfg\",\"namespace\":\"kube-system\"}}\n"
},
"creationTimestamp": "2020-06-17T11:59:01Z",
"labels": {
"app": "flannel",
"tier": "node"
},
"name": "kube-flannel-cfg",
"namespace": "kube-system",
"resourceVersion": "810",
"selfLink": "/api/v1/namespaces/kube-system/configmaps/kube-flannel-cfg",
"uid": "ef4fca45-b091-11ea-9ec2-000c29e18a5b"
}
}
vxlan网络
master:
[root@master manifests]# vim deploy-demo.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 3
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
labels:
app: myapp
release: canary
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v2
ports:
- name: http
containerPort: 80
[root@master manifests]# kubectl apply -f deploy-demo.yaml
[root@master manifests]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
myapp-deploy-67f6f6b4dc-hc2xt 1/1 Running 0 27s 10.244.1.59 node01.smoke.com
myapp-deploy-67f6f6b4dc-mmwgx 1/1 Running 0 27s 10.244.1.58 node01.smoke.com
myapp-deploy-67f6f6b4dc-wz9lp 1/1 Running 0 27s 10.244.2.71 node02.smoke.com
pod-sa-demo 1/1 Running 1 14d 10.244.1.54 node01.smoke.com
pod-vol-hostpath 1/1 Running 1 26d 10.244.2.63 node02.smoke.com
[root@master manifests]# kubectl exec -it myapp-deploy-67f6f6b4dc-hc2xt -- /bin/sh #连接node01上的myapp
/ # ping 10.244.2.71
PING 10.244.2.71 (10.244.2.71): 56 data bytes
64 bytes from 10.244.2.71: seq=0 ttl=62 time=0.977 ms
64 bytes from 10.244.2.71: seq=1 ttl=62 time=0.789 ms
[root@master manifests]# kubectl exec -it myapp-deploy-67f6f6b4dc-wz9lp -- /bin/sh #连接node02上的myapp
/ #
node01:
[root@node01 ~]# yum -y install bridge-utils [root@node01 ~]# brctl show cni0 bridge name bridge id STP enabled interfaces cni0 8000.0a580af40101 no veth01dbb94a veth6806c0af veth7e3e1a21 vethff4c21ce [root@node01 ~]# yum -y install tcpdump [root@node01 ~]# tcpdump -i cni0 -nn icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on cni0, link-type EN10MB (Ethernet), capture size 262144 bytes 21:50:44.383142 IP 10.244.1.59 > 10.244.2.71: ICMP echo request, id 3072, seq 625, length 64 21:50:44.384277 IP 10.244.2.71 > 10.244.1.59: ICMP echo reply, id 3072, seq 625, length 64 21:50:45.383641 IP 10.244.1.59 > 10.244.2.71: ICMP echo request, id 3072, seq 626, length 64 21:50:45.384213 IP 10.244.2.71 > 10.244.1.59: ICMP echo reply, id 3072, seq 626, length 64 ^C 4 packets captured 4 packets received by filter 0 packets dropped by kernel [root@node01 ~]# tcpdump -i flannel.1 -nn icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on flannel.1, link-type EN10MB (Ethernet), capture size 262144 bytes 21:53:19.442737 IP 10.244.1.59 > 10.244.2.71: ICMP echo request, id 3072, seq 780, length 64 21:53:19.443443 IP 10.244.2.71 > 10.244.1.59: ICMP echo reply, id 3072, seq 780, length 64 21:53:20.443071 IP 10.244.1.59 > 10.244.2.71: ICMP echo request, id 3072, seq 781, length 64 21:53:20.443367 IP 10.244.2.71 > 10.244.1.59: ICMP echo reply, id 3072, seq 781, length 64 ^C 4 packets captured 4 packets received by filter 0 packets dropped by kernel [root@node01 ~]# tcpdump -i ens33 -nn host 172.20.0.66 and host 172.20.0.67 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes 21:57:23.539650 IP 172.20.0.66.47712 > 172.20.0.67.8472: OTV, flags [I] (0x08), overlay 0, instance 1 IP 10.244.1.59 > 10.244.2.71: ICMP echo request, id 3072, seq 1024, length 64 21:57:23.540114 IP 172.20.0.67.40407 > 172.20.0.66.8472: OTV, flags [I] (0x08), overlay 0, instance 1 IP 10.244.2.71 > 10.244.1.59: ICMP echo reply, id 3072, seq 1024, length 64 21:57:23.554831 ARP, Request who-has 172.20.0.66 tell 172.20.0.67, length 46 21:57:23.554858 ARP, Reply 172.20.0.66 is-at 00:0c:29:93:0e:b9, length 28 21:57:24.539977 IP 172.20.0.66.47712 > 172.20.0.67.8472: OTV, flags [I] (0x08), overlay 0, instance 1 IP 10.244.1.59 > 10.244.2.71: ICMP echo request, id 3072, seq 1025, length 64 21:57:24.540296 IP 172.20.0.67.40407 > 172.20.0.66.8472: OTV, flags [I] (0x08), overlay 0, instance 1 IP 10.244.2.71 > 10.244.1.59: ICMP echo reply, id 3072, seq 1025, length 64 ^C 6 packets captured 6 packets received by filter 0 packets dropped by kernel
Directrouting网络
master:
[root@master manifests]# mkdir flannel
[root@master manifests]# cd flannel/
[root@master flannel]# vim net-conf.json
{
"Network": "10.244.0.0/16",
"Bacend": {
"Type": "vxlan",
"Directrouting": "true"
}
}
[root@master flannel]# kubectl edit configmap kube-flannel-cfg -n kube-system
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
cni-conf.json: |
{
"name": "cbr0",
"type": "flannel",
"delegate": {
"isDefaultGateway": true
}
}
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan",
"Directrouting": true #添加Directrouting为true
}
}
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","data":{"cni-conf.json":"{\n \"name\": \"cbr0\",\n \"type\": \"flannel\",\n \"delegate\": {\n \"isDefaultGateway\": true\n }\n}\n","net-conf.json":"{\n \"Network\": \"10.244.0.0/16\"
,\n \"Backend\": {\n \"Type\": \"vxlan\"\n }\n}\n"},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app":"flannel","tier":"node"},"name":"kube-flannel-cfg","namespace":"kube-system"}}
creationTimestamp: 2020-06-17T11:59:01Z
labels:
app: flannel
tier: node
name: kube-flannel-cfg
namespace: kube-system
resourceVersion: "810"
selfLink: /api/v1/namespaces/kube-system/configmaps/kube-flannel-cfg
uid: ef4fca45-b091-11ea-9ec2-000c29e18a5b
[root@master flannel]# ip route show #路由还没有改变
default via 172.20.0.2 dev ens33 proto static metric 100
10.244.0.0/24 dev cni0 proto kernel scope link src 10.244.0.1
10.244.1.0/24 via 10.244.1.0 dev flannel.1 onlink
10.244.2.0/24 via 10.244.2.0 dev flannel.1 onlink
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
172.20.0.0/16 dev ens33 proto kernel scope link src 172.20.0.70 metric 100
[root@master flannel]# kubectl get configmap kube-flannel-cfg -o json -n kube-system
{
"apiVersion": "v1",
"data": {
"cni-conf.json": "{\n \"name\": \"cbr0\",\n \"type\": \"flannel\",\n \"delegate\": {\n \"isDefaultGateway\": true\n }\n}\n",
"net-conf.json": "{\n \"Network\": \"10.244.0.0/16\",\n \"Backend\": {\n \"Type\": \"vxlan\",\n \"Directrouting\": true\n }\n}\n" #已改为Directrouting
},
"kind": "ConfigMap",
"metadata": {
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"data\":{\"cni-conf.json\":\"{\\n \\\"name\\\": \\\"cbr0\\\",\\n \\\"type\\\": \\\"flannel\\\",\\n \\\"delegate\\\": {\\n
\\\"isDefaultGateway\\\": true\\n }\\n}\\n\",\"net-conf.json\":\"{\\n \\\"Network\\\": \\\"10.244.0.0/16\\\",\\n \\\"Backend\\\": {\\n \\\"Type\\\": \\\"vxlan\\\"\\n }\\n}\\n\"},\"kind\":\"ConfigMap\",\"
metadata\":{\"annotations\":{},\"labels\":{\"app\":\"flannel\",\"tier\":\"node\"},\"name\":\"kube-flannel-cfg\",\"namespace\":\"kube-system\"}}\n"
},
"creationTimestamp": "2020-06-17T11:59:01Z",
"labels": {
"app": "flannel",
"tier": "node"
},
"name": "kube-flannel-cfg",
"namespace": "kube-system",
"resourceVersion": "312977",
"selfLink": "/api/v1/namespaces/kube-system/configmaps/kube-flannel-cfg",
"uid": "ef4fca45-b091-11ea-9ec2-000c29e18a5b"
}
}
[root@master flannel]# cd ..
[root@master manifests]# kubectl delete -f deploy-demo.yaml
[root@master manifests]# kubectl apply -f deploy-demo.yaml
[root@master manifests]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-deploy-67f6f6b4dc-9h56w 1/1 Running 0 23s
myapp-deploy-67f6f6b4dc-hbgvg 1/1 Running 0 23s
myapp-deploy-67f6f6b4dc-td5fv 1/1 Running 0 23s
pod-sa-demo 1/1 Running 1 14d
pod-vol-hostpath 1/1 Running 1 27d
node01:
[root@node01 ~]# ip route show #路由还是没有改变 default via 172.20.0.2 dev ens33 proto static metric 100 10.244.0.0/24 via 10.244.0.0 dev flannel.1 onlink 10.244.1.0/24 dev cni0 proto kernel scope link src 10.244.1.1 10.244.2.0/24 via 10.244.2.0 dev flannel.1 onlink 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 172.20.0.0/16 dev ens33 proto kernel scope link src 172.20.0.66 metric 100
下载kube-flannel.yml文件:https://raw.githubusercontent.com/coreos/flannel/v0.9.1/Documentation/kube-flannel.yml
master:
[root@master manifests]# cd flannel/
[root@master flannel]# rm net-conf.json
[root@master flannel]# wget https://raw.githubusercontent.com/coreos/flannel/v0.9.1/Documentation/kube-flannel.yml
[root@master flannel]# vim kube-flannel.yml
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan",
"Directrouting": true #增加Directrouting为true
}
}
[root@master flannel]# kubectl apply -f kube-flannel.yml
node01:
[root@node01 ~]# ip route show #路由还是没有改变 default via 172.20.0.2 dev ens33 proto static metric 100 10.244.0.0/24 via 10.244.0.0 dev flannel.1 onlink 10.244.1.0/24 dev cni0 proto kernel scope link src 10.244.1.1 10.244.2.0/24 via 10.244.2.0 dev flannel.1 onlink 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 172.20.0.0/16 dev ens33 proto kernel scope link src 172.20.0.66 metric 100
master:
[root@master flannel]# kubectl delete -f kube-flannel.yml [root@master flannel]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-78fcdf6894-bt5g6 1/1 Running 1 36d coredns-78fcdf6894-zzbll 1/1 Running 1 36d etcd-master.smoke.com 1/1 Running 1 36d kube-apiserver-master.smoke.com 1/1 Running 1 36d kube-controller-manager-master.smoke.com 1/1 Running 1 36d kube-proxy-5jppm 1/1 Running 1 35d kube-proxy-7lg96 1/1 Running 1 36d kube-proxy-qmrq7 1/1 Running 1 35d kube-scheduler-master.smoke.com 1/1 Running 1 36d kubernetes-dashboard-6948bdb78-7rkwz 1/1 Running 0 6d [root@master flannel]# kubectl apply -f kube-flannel.yml [root@master flannel]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-78fcdf6894-bt5g6 1/1 Running 1 36d coredns-78fcdf6894-zzbll 1/1 Running 1 36d etcd-master.smoke.com 1/1 Running 1 36d kube-apiserver-master.smoke.com 1/1 Running 1 36d kube-controller-manager-master.smoke.com 1/1 Running 1 36d kube-flannel-ds-9qwfx 1/1 Running 0 1m kube-flannel-ds-l5zqf 1/1 Running 0 1m kube-flannel-ds-vsqtl 1/1 Running 0 1m kube-proxy-5jppm 1/1 Running 1 35d kube-proxy-7lg96 1/1 Running 1 36d kube-proxy-qmrq7 1/1 Running 1 35d kube-scheduler-master.smoke.com 1/1 Running 1 36d kubernetes-dashboard-6948bdb78-7rkwz 1/1 Running 0 6d [root@master flannel]# cd .. [root@master manifests]# kubectl delete -f deploy-demo.yaml [root@master manifests]# kubectl get pods NAME READY STATUS RESTARTS AGE pod-sa-demo 1/1 Running 1 15d pod-vol-hostpath 1/1 Running 1 27d [root@master manifests]# kubectl apply -f deploy-demo.yaml [root@master manifests]# kubectl get pods NAME READY STATUS RESTARTS AGE myapp-deploy-67f6f6b4dc-92zpg 1/1 Running 0 38s myapp-deploy-67f6f6b4dc-9lt9q 1/1 Running 0 38s myapp-deploy-67f6f6b4dc-xv55c 1/1 Running 0 38s pod-sa-demo 1/1 Running 1 15d pod-vol-hostpath 1/1 Running 1 27d
node01:
[root@node01 ~]# ip route show #路由发生改变 default via 172.20.0.2 dev ens33 proto static metric 100 10.244.0.0/24 via 172.20.0.70 dev ens33 10.244.1.0/24 dev cni0 proto kernel scope link src 10.244.1.1 10.244.2.0/24 via 172.20.0.67 dev ens33 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 172.20.0.0/16 dev ens33 proto kernel scope link src 172.20.0.66 metric 100
master:
[root@master manifests]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE myapp-deploy-67f6f6b4dc-92zpg 1/1 Running 0 5m 10.244.1.62 node01.smoke.com myapp-deploy-67f6f6b4dc-9lt9q 1/1 Running 0 5m 10.244.1.63 node01.smoke.com myapp-deploy-67f6f6b4dc-xv55c 1/1 Running 0 5m 10.244.2.73 node02.smoke.com pod-sa-demo 1/1 Running 1 15d 10.244.1.54 node01.smoke.com pod-vol-hostpath 1/1 Running 1 27d 10.244.2.63 node02.smoke.com [root@master manifests]# kubectl exec -it myapp-deploy-67f6f6b4dc-92zpg -- /bin/sh / # ping 10.244.2.73 PING 10.244.2.73 (10.244.2.73): 56 data bytes 64 bytes from 10.244.2.73: seq=0 ttl=62 time=0.459 ms 64 bytes from 10.244.2.73: seq=1 ttl=62 time=0.710 ms 64 bytes from 10.244.2.73: seq=2 ttl=62 time=0.979 ms
node01:
[root@node01 ~]# tcpdump -i ens33 -nn icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes 21:50:36.053903 IP 10.244.1.62 > 10.244.2.73: ICMP echo request, id 4864, seq 456, length 64 21:50:36.054421 IP 10.244.2.73 > 10.244.1.62: ICMP echo reply, id 4864, seq 456, length 64 21:50:36.393663 IP 10.244.1.62 > 10.244.2.73: ICMP echo request, id 7936, seq 5, length 64 21:50:36.394419 IP 10.244.2.73 > 10.244.1.62: ICMP echo reply, id 7936, seq 5, length 64 21:50:37.054310 IP 10.244.1.62 > 10.244.2.73: ICMP echo request, id 4864, seq 457, length 64 21:50:37.054821 IP 10.244.2.73 > 10.244.1.62: ICMP echo reply, id 4864, seq 457, length 64 ^C 6 packets captured 6 packets received by filter 0 packets dropped by kernel
master:
[root@master manifests]# cd flannel/
[root@master flannel]# vim kube-flannel.yml
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "host-gw",
}
}
[root@master flannel]# kubectl apply -f kube-flannel.yml
node01:
[root@node01 ~]# ip route show #host-gw路有信息也是这样的 default via 172.20.0.2 dev ens33 proto static metric 100 10.244.0.0/24 via 172.20.0.70 dev ens33 10.244.1.0/24 dev cni0 proto kernel scope link src 10.244.1.1 10.244.2.0/24 via 172.20.0.67 dev ens33 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 172.20.0.0/16 dev ens33 proto kernel scope link src 172.20.0.66 metric 100
浙公网安备 33010602011771号