Kubernetes - Network - CNI - Flunnel - 2/5/2021 - notes
Last class, we successfully configured multi node k8s cluster
Flannel/Coredns/Context
---------------------------
1. Login to your master node
# kc get nodes
Status: Ready
kubectl (User) commands is run on master node
# kc get pods
#
high availabity cluster
- Need multiple master node
- Worker nodes are already high availabity
- if one node goes down, pod will be created on different node.
- If master node goes down, entire cluster is down
- With respective to master node, this is a single point of failure
@
> kc get nodes
error
complain about master
> kc -h check help file
Where is your k8s master node? define here (AWS - use public IP, at local, you can use provate)
> kc get pods --server 44/54.177.232
master node is an umpreall of the programs
- system program
- scheduler
- controller manager
- kube-api server
user connect to API-server
port # of API server is 6443
# netstat -tmlp
look for port for api-server
> kc get pods --server 44/54.177.232:6443
# kc get nodes
Kubernetes config directory
# cd /etc/kubernetes
# vi admin.conf
look for username: kubernetes-admin
PW: is so big
How to connect from your laptop
Copy the admin.conf file. or download with winscp
How?
Copy
kubeconfig file - main username and pw ..
save the file on your working directory
admin.yaml
so, keep it secure...
from your PC, run
> kc get pods --server 54.67.175.343:6443 -kubeconfig admin.yaml
you got error
BadRequest - the server rejustect ...
to fix this errror
note:
edit the admin.yaml and change the server entry from private IP to your master IP from aws.
> kc get pods --kubeconfig admin.yaml
now error is changed to x509 - certificate
so certificate is valid for old IP, now, we have to modify some values,
> notepad
@master node - look around ...
# kc config vi
looks like we have to create key ..
------------------------
Start local cluster
> minikube start
- launch virtual machione
- launch single node cluster
- creates kubeconfig file
thats why we don't see any problem...
cd .kube/; notepad config
=========================================
Master node also works as a user interface system...
LAB1 LAB2
Network1 Network2
10.20.0.0/24 10.20.1.0/24
SWITCH
- VLAN
Lab
underlay network - real physical network - its virtual but looks real in our case
overlay - virtual network
we have to make these two lab as one - using VxLAN
# br show
Flannel is a program...
- usages VxLAN for tunneling
net-conf-jason
flannels will manage multiple worker nodes
- Distribute ...
w1 (10.240.0.1/24
w2 (10.240.1.1/24)
w3 (10.240.2.1/24)
VPC - Bignetwork -
Smaller network range - subnet
> kc
# var/run/flannel/subnet.env
Flunnel Network: 10.240.1.1/24
subnet:
IPMASQ=True
aws
# kc delete deploy --all
# kc create deploy myd --image=vimal13/apache-webserver-php
# kkc get pods
# kc get pods -o wide
# kc scale deploy myd --replicas=3
> kc get pods -o wide
flannel is a way to manage container network.
CNI Plugins
- Flanner
- calico -> another program (plug-ins)
- AWS VPC (POD will get IP directly from VPC)
if pod need IP, they contact CNI and will get IP. Admin need to set up plugins and
user does not have to worry about plugins.
Google for "kubernetes cni plugins"
- Azure CNI
- AOS
- VPC CNI
- Google
....
CSI - container storage Interface
- storage class
- NFS
- EBS
all the information is stored on a database and the name of the database is etcd
# kc get pods -n kube-system
you see etcd-ip
# kc get pods -n kube-system -o wide
#> kc get nodes
> k
scheduler
controller
etcd
api-server
are main compoenent on k8s
proxy, flannel run on all node
flunnel - manages network range
Go inside any mod
# kc get pods
# kc exec -it myd-.... -- bash
you are inside pod
# ifconfig
# hostname
# cat /etc/hosts
# cat /etc/resolv.conf # DNS client set up
Try to ping the POD
# ping myd-.....
next class - how name resolution works - coredns
============
Flannel creates one swich (bridge) - CNI
create POD and They create one inteface on worker node -
- The pod feels like the card is real card.
- This card is linked to bridge
- so all the pods are connected
- This is default behavior of docker as well.
Flannel also does the same kind of task...
# docker ps | grep flannel
# docker inspect <container>
# docker inspect <pod> | grep
# kc get -n kube-system
# kc -n kube-system exec -it kube-flannel-ds-7... --bash
you are inside pod. now, run
# ifconfig
you will see flunnel
all virtual ethernet connected to flunnel
netspace on network is different ..
# brctl show
bridgename
cni
interface - you see multiple interfaces.
flannel contains
all network component ..
254 port ip can be run
2^8 -> 256
#
Friday, February 5, 2021
Kubernetes - Network - CNI - Flunnel - Day15
Subscribe to:
Post Comments (Atom)
Git branch show detached HEAD
Git branch show detached HEAD 1. List your branch $ git branch * (HEAD detached at f219e03) 00 2. Run re-set hard $ git reset --hard 3. ...
-
snmpconfig command allow you to managge snmpv1/v3 agent configuration on SAN switch. Event trap level is mapped with event severity level....
-
Firmware upgrade on HPE SuperDom Flex 280 - prerequisites tasks a. Set up repo b. Upload firmware to your webserver 1. For foundation so...
-
Disabling the Telnet protocol on Brocade SAN switches By default, telnet is enabled on Brocade SAN switches. As part of security hardening o...
No comments:
Post a Comment