Virtual Ethernet Pair简称veth pair,是一个成对的端口,所有从这对端口一 端进入的数据包都将从另一端出来,反之也是一样
一,下面用例子说明veth pair的创建和使用:
现在有这样一个环境,两个网桥,一个是Linux内核网桥br1,另一个是ovs网桥 br-eth1,现在想把两个网桥连接起来,就可以用veth pair.
顾名思义,veth-pair 就是一对的虚拟设备接口,和 tap/tun 设备不同的是,它都是成对出现的。一端连着协议栈,一端彼此相连着。如下图所示:
431521-20190328111406972-563563680.png
二,在k8s的宿主节点上,查找运行在此宿主机上的pod。先查看运行在宿主机端的所有veth设备。
ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT
link/ether 02:42:c8:c5:dc:fb brd ff:ff:ff:ff:ff:ff
4: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN mode DEFAULT
link/ether 26:20:d1:31:63:fb brd ff:ff:ff:ff:ff:ff
8: veth1497758@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether ca:ba:96:ff:bb:38 brd ff:ff:ff:ff:ff:ff link-netnsid 1
66: vethe39eb35@if65: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether 36:91:f7:37:39:a7 brd ff:ff:ff:ff:ff:ff link-netnsid 2
76: vethc00302f@if75: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether 1a:b9:d2:55:2c:65 brd ff:ff:ff:ff:ff:ff link-netnsid 3
92: veth1b9ce55@if91: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether 66:12:04:66:6d:47 brd ff:ff:ff:ff:ff:ff link-netnsid 5
93: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP mode DEFAULT qlen 1000
link/ether de:93:9d:7f:34:18 brd ff:ff:ff:ff:ff:ff
98: veth9c0fc138@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP mode DEFAULT
link/ether 36:8c:39:8e:9a:20 brd ff:ff:ff:ff:ff:ff link-netnsid 6
99: vethd87953e1@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP mode DEFAULT
link/ether d2:17:37:5a:a7:da brd ff:ff:ff:ff:ff:ff link-netnsid 4
109: veth088365f@if108: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether c2:a8:c6:ab:70:b1 brd ff:ff:ff:ff:ff:ff link-netnsid 0
111: veth6ad1585@if110: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether a2:71:19:9e:0a:5d brd ff:ff:ff:ff:ff:ff link-netnsid 7
123: veth0137c3a@if122: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether 82:f0:46:32:bc:de brd ff:ff:ff:ff:ff:ff link-netnsid 8
133: veth1adebde@if132: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether 42:6c:1f:a5:90:72 brd ff:ff:ff:ff:ff:ff link-netnsid 9
135: vethddf7e72@if134: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT
link/ether f6:04:38:3a:70:fc brd ff:ff:ff:ff:ff:ff link-netnsid 10
三,进入pod,运行命令,查找对应的veth-pair。
kubectl exec -it proxy-nginx-778f4bdd5f-hxfqb -n kube-system sh
ip link
# cat /sys/class/net/eth0/iflink
由下面的输出可知,此虚拟网卡对应外面的veth的ID为99.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: eth0@if99: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP
link/ether 8e:a2:69:37:9b:90 brd ff:ff:ff:ff:ff:ff
四,eth0、tap、tun、veth-pair知识
tun:点对点的设备,tun设备模拟网络层设备,处理三层报文,如IP报文。tun设备完全不需要物理地址的。它收到和发出的包不需要arp,也不需要有数据链路层的头。
tap:是一个普通的以太网设备,tap设备模拟链路层设备,处理二层报文,比如以太网帧。tap设备需要有完整的物理地址和完整的以太网帧
TUN用于路由,而TAP用于创建网桥。
eth-pair 是成对出现的一种虚拟网络设备,一端连接着协议栈,一端连接着彼此,数据从一端出,从另一端进。
它的这个特性常常用来连接不同的虚拟网络组件,构建大规模的虚拟网络拓扑,比如连接 Linux Bridge、OVS、LXC 容器等。
431521-20190308112809094-593909112.png
网友评论