• flannel 1.1 cn0

    1. 创建一个名为flannel.1的VXLAN网卡

    root@ubuntu:~/cmd# ip -d link show flannel.1
198: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/ether 3a:2b:ed:85:2f:74 brd ff:ff:ff:ff:ff:ff promiscuity 0 
    vxlan id 1 local 10.10.16.82 dev enahisic2i0 srcport 0 0 dstport 8472 nolearning ttl inherit ageing 300 udpcsum noudp6zerocsumtx noudp6zerocsumrx addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 28672 gso_max_segs 65535 
root@ubuntu:~/cmd#

    可以看到mtu为1450(IP头、UDP头、MAC头、vxlan协议共占了50)。dstport为8472,local IP为节点IP, ]

    root@ubuntu:~# kubectl get pod
NAME           READY   STATUS    RESTARTS   AGE
kata-busybox   1/1     Running   0          207d
kata-nginx     1/1     Running   0          205d
root@ubuntu:~# kubectl exec -it kata-busybox ip a
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc fq_codel qlen 1000
    link/ether 32:26:5a:e7:0d:83 brd ff:ff:ff:ff:ff:ff
    inet 10.244.0.5/24 brd 10.244.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::3026:5aff:fee7:d83/64 scope link flags 02 
       valid_lft forever preferred_lft forever

    pod的路由

    root@ubuntu:~# kubectl exec -it kata-busybox ip r show
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
default via 10.244.0.1 dev eth0 
10.244.0.0/24 dev eth0 scope link  src 10.244.0.5 
10.244.0.0/16 via 10.244.0.1 dev eth0 
    10.244.0.1是host上cni0的ip

    pod 访问 8.8.8.8

    host上TCP dump

    host路由

    root@ubuntu:~# tcpdump -i flannel.1 icmp and host 8.8.8.8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on flannel.1, link-type EN10MB (Ethernet), capture size 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
root@ubuntu:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.10.16.254    0.0.0.0         UG    0      0        0 enahisic2i0
10.10.16.0      0.0.0.0         255.255.255.0   U     0      0        0 enahisic2i0
10.10.100.0     0.0.0.0         255.255.255.0   U     0      0        0 peerh
10.10.104.0     0.0.0.0         255.255.255.0   U     0      0        0 virbr1
10.10.104.0     0.0.0.0         255.255.255.0   U     0      0        0 enahisic2i2
10.244.0.0      0.0.0.0         255.255.255.0   U     0      0        0 cni0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
    root@ubuntu:~# tcpdump -i enahisic2i0 icmp and host 8.8.8.8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enahisic2i0, link-type EN10MB (Ethernet), capture size 262144 bytes
14:21:00.430365 IP ubuntu > dns.google: ICMP echo request, id 0, seq 0, length 64
14:21:00.447569 IP dns.google > ubuntu: ICMP echo reply, id 0, seq 0, length 64
14:21:01.430464 IP ubuntu > dns.google: ICMP echo request, id 0, seq 1, length 64
14:21:01.448616 IP dns.google > ubuntu: ICMP echo reply, id 0, seq 1, length 64
    root@ubuntu:~# kubectl exec -it kata-busybox telnet 10.10.16.81 22
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
Connected to 10.10.16.81
SSH-2.0-OpenSSH_7.4
^C
Console escape. Commands are:

 l      go to line mode
 c      go to character mode
 z      suspend telnet
 e      exit telnet
continuing...

    查看contrack表

    root@ubuntu:~# conntrack -L | grep 8.8.8.8
conntrack v1.4.4 (conntrack-tools): 152 flow entries have been shown.
root@ubuntu:~# conntrack -L | grep 10.10.16.81
tcp      6 109 TIME_WAIT src=10.244.0.5 dst=10.10.16.81 sport=52124 dport=22 src=10.10.16.81 dst=10.10.16.82 sport=22 dport=19607 [ASSURED] mark=0 use=1
conntrack v1.4.4 (conntrack-tools): 159 flow entries have been shown.
root@ubuntu:~#

     

    flannel网络模式---vxlan介绍

    Kubernetes中的网络解析——以flannel为例
  • 相关阅读:
    1 Java基础知识
    2 Java中常见集合
    请求转发和重定向的区别
    Kafka之工作流程分析
    Kafka之概述
    Kafka之安装
    Oracle数据库查看用户状态
    linux压缩和解压文件命令
    JVM性能调优
    Hbase之命令
  • 原文地址:https://www.cnblogs.com/dream397/p/14758509.html
Copyright © 2020-2023  润新知