Anjali Barodia's Blog

Kubernetes Networking

Pod Networking, CNI, WeaveWorks CNI, IPAM, DNS in Kubernetes

Anjali Barodia's photo
Anjali Barodia
·

3 min read

Pod Networking

Kubernetes Pod Networking Model

  • Every Pod should have an IP address

  • Within a node, all pods should be able to communicate with each other.

  • Every pod should communicate with every other pod on other nodes without NAT.

CNI (Container Network Interface)

It is responsible for creating container network namespaces, identifying and attaching those namespaces to the right networks. It does the following tasks:

  • It creates network namespace

  • Identify the network to attach the container

  • Invoke Network Plugins when the container is ADDED and DELETED.

  • JSON format of the Network configuration

CNI plugin is configured in the kubelet service on each node in the cluster.

ps -aux | grep kubelet

ls /opt/cni/bin
ls /etc/cni/net.d

WeaveWorks CNI

It deploys on each node and communicates with each other to exchange information regarding the nodes and networks and pods within them. It creates its own bridge on the nodes and names it a weave. Then assign an IP address to each network.

# single pod may be attached to multiple networks
kubectl exec <pod name> ip route

# list pods in the namesapce kube-system
kukectl get pods -n kube-system

Kubectl logs <weave-pod-name> weave -n kube-system

# ssh node
ssh <node-name>
ip link

## Where to look for CNI Plugins in the Kubernetes cluster
# inspect the kubelet service and identify the network plugin configured in kubernetes
ps aux | grep kubelet | grep network

# configuration path for cni binaries
ls /opt/cni/bin

# check the which cni plugin is used in kubernetes cluster
ls /etc/cni/net.d/

IPAM (IP Address Management)

How IP are assigned to Pods in the Kubernetes Cluster?

Service Networking

# kube-proxy ip table
iptables -L -t nat | grep <service-name>

ps aux | grep kube-api-server

kubectl get services

kubectl logs 

cat /var/log/kube-proxy-log
kubectl -n kube-system logs <node name>
kubectl -n kube-system logs <weave-pod-name> -c <container-name>

/etc/kubernetes/manifests/

DNS in Kubernetes

How Kubernetes implements DNS in the cluster? Kubernetes deploy a built-in DNS server in the cluster.

kubectl get configmap -n kube-system

/var/lib/kubelet/config.yaml
cat /etc/resolv.conf

# identify the dns sol implemented on k8s
kubeclt get pods -n kube-system 

# name of the service  created for accesing the dns
kubeclt get svc -n kube-system 

# what is the ip of the dns server tht should be configured on pod to resolve services
kubeclt get svc -n kube-system 

# dns config file path    
kubeclt get pods -n kube-system 
kubeclt describe pod <dns-pod-name> -n kube-system 

# get the dns config file
kubeclt get pod <dns-pod-name> -n kube-system -o yaml

# check configmap
kubeclt get configmap -n kube-system 
kubeclt describe configmap <dns-pod-name> -n kube-system 

# check the nslookup of a pod
kubectl exec <pod-name> -- nslookup <2-pod-name>

This is a brief summary of networking in Kubernetes.
While creating Kubernetes Cluster using Kubeadm we have used WeaveWorks Network

TrainWithShubhamKubernetes#kubernetesNetworking