Kubernetes Network

As many of you know kubernetes architecture is composed by two main component Master node and Worker node, when you start your first kubernetes installation  you need to setup these components but after you finish to run your commands you realize your cluster isn’t ready to run pod because you need to install your network plugin! Yes, kubernetes doesn’t provide any network solution but use plugin instead, common plugins are:

Kubenet
Container Network Interface, standard under CNCF that aim to provide a common interface
between various networking solutions and container runtimes

A network plugin by default has some requirements:

All pod can communicate with each other across nodes
All nodes can communicate with all pods
No Nat is required

So basically kubernetes assign a virtual IP address to setup routing and network, the things we need to keep in mind in kubernetes the lowest compute unit is not the container but the pod ( a group of container ) on network perspective we need to assign ip addresses to pods and routing communication between pods on any nodes. From the POD perspective we have this situation:

POD has a single ip
when a container spawn share the same network namepsace inside a pod
two container in a pod communicate via localhost because they share the same network namespace
network namespace sharing is possible inside the pod via the pause container

What we learned today is in kubernetes all IP are routable without NAT via phisical infrastruture or network plugin like Flannel – Calico. A detailed guide is covered here!

Comments

Post a Comment

Popular posts from this blog

IBM and Red Hat long story, long love, now married!

Most of the people thinking about opensource they think in my perspective mostly to Red Hat and other company rather than IBM. IBM is really active in opensource for a long time, helped Apache Foundation , Eclipse Foudation collaborate with the Linux Foundation and Red Hat as well. I think I can create a different long post to describe how is active and how helped opensource in different way. We can analyze  this acquisition from different perspective, from Financial to  Development. My personal point of view ( from a Cloud Architect ) most of the application around the world in banking, assurance and not only are java based, think about java in cloud in the past Year could be hard. Right now we can talk about java in the cloud with opensource project like OpenJ9 and OpenLiberty and the community behind. If you think about moving from on premise to cloud or from monolitch to microservice you can't say " well it's time to rework " because you are throwing years o
Read more

MY EXPERIENCE @ HYBRID CLOUD SUMMIT IN ZURICH

Image
I can simply say “it was a great experience” and based on the audience probably people can trust me, but let's go deeper into the event. My favorite part of the event was the panel session with cloud discussions and question answer about slides and example presented during the session. Based on discussion the most relevant general questions are: Adoption: best practices on adopting cloud technologies Development: how to develop cloud applications in the right way and how we can enable fresh people into this great world IBM and Forrester gave a lot of answers because there are different aspects and factors we need to cover when we talk about cloud development and adoption, let me share some of these: Security: 12 factor principle is the main manifesto to follow Digital Experience: in cloud you need to create applications user centric Performance: in cloud you need to give best experience to the end user in every part of the world Microservice: rework of the legacy
Read more

Kubernetes Persistent Volumes and Claims

In a distrubuted system, storage isn't simple to manage without a good abstraction, kubernetes offer an object called persistent volume to let pod to reclaim storage for persisting data. In the pod definition you can define your volume type with another object called persistentVolumeClaim where you can define type size and many other things. There are different phase in the persistent storage lifecycle: Provisioning : when an administrator create a Persistent Volume or a cloud resource dynamically request Binding : when a PVC is created  k8s control loop watch if there are Persisten Volume matching the PVC  and bind them together. Use : when the bound volume is mounted in to the pod Releasing : whene the POD is done and an API request is sent to delete the related bound PVC, the volume in this stage remains Reclaim : there are three options related to this state: - Retain:  keep data interact and allow an administrato to handle data from storage - Delete:  tells the volume
Read more