Skip to content

Instantly share code, notes, and snippets.

@trapier

trapier/kube-on-linux-networking.txt

Last active August 15, 2020 17:43
Show Gist options
  • Save trapier/118d62c1646f7162de52057259e6fdb4 to your computer and use it in GitHub Desktop.
Save trapier/118d62c1646f7162de52057259e6fdb4 to your computer and use it in GitHub Desktop.
Download ZIP
kube on linux networking (created using http://asciiflow.com/)
Raw
kube-on-linux-networking.txt
+-----------------------------------------------------------------------------+
|CLIENT POD HOST |
| +---------------------------------------------+ |
+---------------+ | |CLIENT POD | |
|KUBEDNS | | | | |
| <-------------+ $ curl http://myservice:4000 | |
| | | srvc | | |
| myservice | | disc | $ grep nameserver /etc/resolv.conf | | ++ kubelet
| A 10.96.193.4 | | (DNS) | nameserver 10.96.0.10 | | ++ > svc cluster ip range:
| | | | | | 10.96.0.0/16
| +-------------> $ curl http://10.96.193.4:4000 | |
| | | | | |
+---------------+ | | $ ip r sh | | ++
| | default via 169.254.1.1 dev eth0 | | | CNI
| | 169.254.1.1 dev eth0 scope link | | | > pod cidr: 10.10.0.0/16
| | | | |
| | +3:eth0@if19 10.10.59.2/32 | | |
| +--------------- | ---------------------------+ | |
| | (veth) | |
| Inner/Encap/Outer +19:cali7d7a89ea281@if3 | ++
| | function |
| v v |
| I NAT iptables nat: 10.96.193.4 tcp dpt:4000 x DNAT to:10.10.242.135:80* | ++ kube-proxy
| x DNAT to:10.10.59.3:80 | ++
| |
| I ROUTE $ ip r get 10.10.242.135 | head -n1 | ++
| 10.10.242.135 via 10.10.242.128 dev vxlan.calico src 10.10.59.0 | | CNI
| | |
| I ARP $ ip neigh | grep 10.10.242.128 | |
| 10.10.242.128 dev vxlan.calico lladdr 66:68:3d:c5:aa:4a PERMANENT | |
| | |
| E ENCAP $ bridge fdb sh dev vxlan.calico | grep 66:68:3d:c5:aa:4a | |
| 66:68:3d:c5:aa:4a dst 192.168.122.64 self permanent | ++
| |
| O ROUTE $ ip r get 192.168.122.64 | head -n1 | ++ DHCP
| 192.168.122.64 dev eth0 src 192.168.122.155 | ++
| |
| O ARP $ ip neigh | grep 192.168.122.64 | ++ ARP
| 192.168.122.64 dev eth0 lladdr 52:54:00:90:37:06 REACHABLE | ++
| |
| eth0 192.168.122.155/24 |
+------------------------------+----------------------------------------------+
|
+------------+--------------------------------+
| |
| INFRASTRUCTURE NETWORK |
| |
+------------------+----+---------------------+
| |
+---------------------------+ | | +---------------------------+
|SERVER POD HOST (replica 1)| | | |SERVER POD HOST (replica 2)|
| +-----------------------+ | | | | +-----------------------+ |
| |SERVER POD | | | | | |SERVER POD | |
| | nginx:80 | | | | | | nginx:80 | |
| | eth0 10.10.242.135/32 | | | | | | eth0 10.10.59.3/32 | | ++ CNI
| +-----------------------+ | | | | +-----------------------+ |
| | | | | |
| eth0 192.168.122.64/24 | | | | eth0 192.168.122.92/24 | ++ DHCP
+---+-----------------------+ | | +---+-----------------------+
| | | |
+----------------------------+ +--------+
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment