k8s 网络插件

跨node

为了实现不同node上的Pod通信，必须实现以下两点：

1. 对k8s集群中所有node上的pod做IP规划，防止IP冲突。因为Pod之间通过Pod IP通信。
2. 保存规划的Pod IP与node IP映射关系。因为说到底node之间是通过node IP通信。

flannel

实现猜想

数据包从docker0出来，转发给flannel，flannel根据目标Pod IP查询对应node IP，然后发送给对应node上的flannel，对端flannel收到数据包之后再转发docker0。

原理

image

config

通过-etcd-prefix string etcd prefix (default "/coreos.com/network")，存入etcd。

The value of the config is a JSON dictionary with the following keys:

• Network (string): 重点。IPv4 network in CIDR format to use for the entire flannel network. (This is the only mandatory key.)

• SubnetLen (integer): The size of the subnet allocated to each host.
  Defaults to 24 (i.e. /24) unless Network was configured to be smaller than a /24 in which case it is one less than the network.

• SubnetMin (string): The beginning of IP range which the subnet allocation should start with.
  Defaults to the first subnet of Network.

• SubnetMax (string): The end of the IP range at which the subnet allocation should end with.
  Defaults to the last subnet of Network.

• Backend (dictionary): 重点。Type of backend to use and specific configurations for that backend.
  The list of available backends and the keys that can be put into the this dictionary are listed below.
  Defaults to udp backend.

backends

VXLAN is the recommended choice. host-gw is recommended for more experienced users who want the performance improvement and whose infrastructure support it (typically it can't be used in cloud environments). UDP is suggested for debugging only or for very old kernels that don't support VXLAN.

VXLAN

Use in-kernel VXLAN to encapsulate the packets.

Type and options:

• Type (string): vxlan
• VNI (number): VXLAN Identifier (VNI) to be used. Defaults to 1.
• Port (number): UDP port to use for sending encapsulated packets. Defaults to kernel default, currently 8472.
• GBP (Boolean): Enable VXLAN Group Based Policy. Defaults to false.
• DirectRouting (Boolean): Enable direct routes (like host-gw) when the hosts are on the same subnet. VXLAN will only be used to encapsulate packets to hosts on different subnets. Defaults to false.

host-gw

Use host-gw to create IP routes to subnets via remote machine IPs. Requires direct layer2 connectivity between hosts running flannel.

host-gw provides good performance, with few dependencies, and easy set up.

Type:

• Type (string): host-gw

UDP

Use UDP only for debugging if your network and kernel prevent you from using VXLAN or host-gw.

Type and options:

• Type (string): udp
• Port (number): UDP port to use for sending encapsulated packets. Defaults to 8285.