\u7528\u5230\u7684\u77e5\u8bc6:<\/p>\n
linux bridge
\nlinux network namespace
\nflannel backend
\niptables<\/p>\n
host \u4e0a\u7684 flannel \u914d\u7f6e\u6587\u4ef6<\/p>\n
[root@k8snode028 bin]# cat \/etc\/cni\/net.d\/10-flannel.conflist \n{\n \"name\":\"cni0\",\n \"cniVersion\":\"0.3.1\",\n \"plugins\":[\n {\n \"type\":\"flannel\",\n \"delegate\":{\n \"forceAddress\":true,\n \"hairpinMode\": true,\n \"isDefaultGateway\":true\n }\n },\n {\n \"type\":\"portmap\",\n \"capabilities\":{\n \"portMappings\":true\n }\n }\n ]\n}\n<\/pre>\nhost \u4e0a\u7684 flannel \u76f8\u5173 bin \u6587\u4ef6<\/p>\n
ls \/opt\/cni\/bin\/\nbridge cnitool dhcp flannel host-local ipvlan loopback macvlan noop portmap ptp tuning vlan\n<\/pre>\n\u67e5\u770b namespace<\/p>\n
ip netns list\n<\/pre>\n\u67e5\u770b link<\/p>\n
ip link\n<\/pre>\n\u521b\u5efa red \u7684 namespace\uff0c\u5e76\u67e5\u770b link<\/p>\n
ip netns exec red ip link\n<\/pre>\nkubernetes host \u4e0a\u7684 interface, ifconfig<\/p>\n
...\ncni0: flags=4163 mtu 1450\n inet 10.27.9.1 netmask 255.255.255.0 broadcast 0.0.0.0\n...\n\nflannel.1: flags=4163 mtu 1450\n inet 10.27.9.0 netmask 255.255.255.255 broadcast 0.0.0.0\n...\n<\/up,broadcast,running,multicast><\/up,broadcast,running,multicast><\/pre>\nkubernetes pod \u5185\u7684 arp route \u663e\u793a<\/p>\n
[root@backend-6b7b58986c-jdnhn spring]# route -n\nKernel IP routing table\nDestination Gateway Genmask Flags Metric Ref Use Iface\n0.0.0.0 10.27.9.1 0.0.0.0 UG 0 0 0 eth0\n10.27.0.0 10.27.9.1 255.255.0.0 UG 0 0 0 eth0\n10.27.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0\n<\/pre>\nnode \u8282\u70b9\u4e0a\u7684 bridge \u4fe1\u606f<\/p>\n
yum install bridge-utils -y\n[root@k8snode028 ~]# brctl show\nbridge name\tbridge id\t\tSTP enabled\tinterfaces\ncni0\t\t8000.0a580a1d0d01\tno\t\tveth0985a0b8\n\t\t\t\t\t\t\tveth1253dd53\n\t\t\t\t\t\t\tveth127dc912\n\t\t\t\t\t\t\tveth15b89d85\n\t\t\t\t\t\t\tveth30b9e182\n\t\t\t\t\t\t\tveth3a6a0f27\n\t\t\t\t\t\t\tveth500fcaf1\n\t\t\t\t\t\t\tveth5f994152\n\t\t\t\t\t\t\tveth6374a5e2\n\t\t\t\t\t\t\tveth67f0cb2e\n\t\t\t\t\t\t\tveth69772276\n\t\t\t\t\t\t\tveth6a95a62c\n\t\t\t\t\t\t\tveth6c8897b0\n\t\t\t\t\t\t\tveth781dd728\n\t\t\t\t\t\t\tveth88eddba5\n\t\t\t\t\t\t\tveth8d28dfe8\n\t\t\t\t\t\t\tveth8fd03c3e\n\t\t\t\t\t\t\tveth8fe5c104\n\t\t\t\t\t\t\tvetha529244f\n\t\t\t\t\t\t\tvethb2b2134b\n\t\t\t\t\t\t\tvethc070358a\n\t\t\t\t\t\t\tvethccd69c78\n\t\t\t\t\t\t\tvethd6f2ae04\n\t\t\t\t\t\t\tvethdbaec209\n\t\t\t\t\t\t\tvethe0e0bd3a\n\t\t\t\t\t\t\tvethe3939f54\n\t\t\t\t\t\t\tvethec7d63a5\n\t\t\t\t\t\t\tvethefdaa81a\n\t\t\t\t\t\t\tvethf836c26b\n\t\t\t\t\t\t\tvethfb0f86bc\n\t\t\t\t\t\t\tvethfec66a08\ndocker0\t\t8000.0242fbd0e139\tno\n<\/pre>\nnode \u8282\u70b9\u4e0a\u7684\u8def\u7531\u4fe1\u606f<\/p>\n
[root@k8snode028 network-scripts]# route -n\nKernel IP routing table\nDestination Gateway Genmask Flags Metric Ref Use Iface\n0.0.0.0 10.18.19.1 0.0.0.0 UG 0 0 0 bond0\n10.18.19.0 0.0.0.0 255.255.255.0 U 0 0 0 bond0\n10.27.0.0 10.27.0.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.1.0 10.27.1.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.2.0 10.27.2.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.3.0 10.27.3.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.4.0 10.27.4.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.5.0 10.27.5.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.6.0 10.27.6.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.7.0 10.27.7.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.8.0 10.27.8.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.9.0 0.0.0.0 255.255.255.0 U 0 0 0 cni0\n10.27.10.0 10.27.10.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.11.0 10.27.11.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.12.0 10.27.12.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.13.0 10.27.13.0 255.255.255.0 UG 0 0 0 flannel.1\n10.27.14.0 10.27.14.0 255.255.255.0 UG 0 0 0 flannel.1\n169.254.0.0 0.0.0.0 255.255.0.0 U 1006 0 0 bond0\n172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0\n<\/pre>\nnode \u8282\u70b9\u4e0a\u67e5\u770b bridge (\u76f8\u5f53\u4e8e\u672c\u673a\u865a\u62df\u4ea4\u6362\u673a)<\/p>\n
ip link show type bridge \u6216 bridge link show\n7: docker0: mtu 1500 qdisc noqueue state UP mode DEFAULT group default \n link\/ether 02:42:1c:85:aa:91 brd ff:ff:ff:ff:ff:ff\n12: cni0: mtu 1450 qdisc noqueue state UP mode DEFAULT group default qlen 1000\n link\/ether 0a:58:0a:1b:09:01 brd ff:ff:ff:ff:ff:ff\n<\/broadcast,multicast,up,lower_up><\/broadcast,multicast,up,lower_up><\/pre>\nnode \u8282\u70b9\u4e0a\u67e5\u770b\u6240\u6709\u7684 veth<\/p>\n
ip link show type veth\n25: veth7443cee@if24: mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default \n link\/ether 2e:03:af:2d:5e:46 brd ff:ff:ff:ff:ff:ff link-netnsid 5\n...\n<\/broadcast,multicast,up,lower_up><\/pre>\nnode \u4e0a\u7684 flannel \u5bb9\u5668\u91cc\u7684\u4fe1\u606f<\/p>\n
[root@k8snode028 bin]# docker exec 1a84ab994e5d cat \/run\/flannel\/subnet.env\nFLANNEL_NETWORK=10.27.0.0\/16\nFLANNEL_SUBNET=10.27.9.1\/24\nFLANNEL_MTU=1450\nFLANNEL_IPMASQ=true\n<\/pre>\n\u4ece\u4e00\u53f0 node pod \u5230\u53e6\u4e00\u53f0 node pod \u7f51\u6bb5(10.29.13.0)\uff0c\u67e5\u8be2\u627e\u5230 mac \u5730\u5740<\/p>\n
arp -e | grep 10.29.13.0\n10.29.13.0 ether 42:32:74:de:24:50 CM flannel.1\n<\/pre>\n\u518d\u901a\u8fc7 mac \u5730\u5740\u627e\u5230\u662f\u54ea\u53f0\u76ee\u6807 node<\/p>\n
bridge fdb show | grep 42:32:74:de:24:50\n42:32:74:de:24:50 dev flannel.1 dst 10.18.19.129 self permanent\n<\/pre>\n\u53c2\u8003:
\nhttps:\/\/xuxinkun.github.io\/2019\/06\/05\/flannel-vxlan\/
\n