Skip to content

Latest commit

 

History

History
120 lines (85 loc) · 3.23 KB

11-pod-network-routes.md

File metadata and controls

120 lines (85 loc) · 3.23 KB
Raw

Provisioning Pod Network Routes

Pods scheduled to a node receive an IP address from the node's Pod CIDR range. At this point pods can not communicate with other pods running on different nodes due to missing network routes.

In this lab you will create a route for each worker node that maps the node's Pod CIDR range to the node's internal IP address.

There are other ways to implement the Kubernetes networking model.

The Routing Table

In this section you will gather the information required to create routes in the kubernetes-the-hard-way VPC network.

Print the internal IP address and Pod CIDR range for each worker instance:

  • GCP
for instance in worker-0 worker-1 worker-2; do
  gcloud compute instances describe ${instance} \
    --format 'value[separator=" "](networkInterfaces[0].networkIP,metadata.items[0].value)'
done
  • AWS
for i in 0 1 2; do
  kubectl patch node worker-${i} -p '{"spec":{"podCIDR":"10.200.'${i}'.0/24"}}'
done
kubectl get nodes \
  --output=jsonpath='{range .items[*]}{.status.addresses[?(@.type=="InternalIP")].address} {.spec.podCIDR} {"\n"}{end}'

output

10.240.0.20 10.200.0.0/24
10.240.0.21 10.200.1.0/24
10.240.0.22 10.200.2.0/24

Routes

Create network routes for each worker instance:

  • GCP
for i in 0 1 2; do
  gcloud compute routes create kubernetes-route-10-200-${i}-0-24 \
    --network kubernetes-the-hard-way \
    --next-hop-address 10.240.0.2${i} \
    --destination-range 10.200.${i}.0/24
done
  • AWS
for i in 0 1 2; do
  wk_id="worker_id$i"
  aws ec2 create-route \
    --route-table-id $tableId \
    --destination-cidr-block 10.200.${i}.0/24 \
    --instance-id ${!wk_id}
done

List the routes in the kubernetes-the-hard-way VPC network:

  • GCP
gcloud compute routes list --filter "network: kubernetes-the-hard-way"

output

NAME                            NETWORK                  DEST_RANGE     NEXT_HOP                  PRIORITY
default-route-236a40a8bc992b5b  kubernetes-the-hard-way  0.0.0.0/0      default-internet-gateway  1000
default-route-df77b1e818a56b30  kubernetes-the-hard-way  10.240.0.0/24                            1000
kubernetes-route-10-200-0-0-24  kubernetes-the-hard-way  10.200.0.0/24  10.240.0.20               1000
kubernetes-route-10-200-1-0-24  kubernetes-the-hard-way  10.200.1.0/24  10.240.0.21               1000
kubernetes-route-10-200-2-0-24  kubernetes-the-hard-way  10.200.2.0/24  10.240.0.22               1000
  • AWS
$ aws ec2 describe-route-tables --filters Name=vpc-id,Values=$vpcId --output text

output

...
ROUTES	10.200.0.0/24			i-0ed63f1e7e07ef0XX	020997832382	eni-0bb4485eda9b10aXX	CreateRoute	active
ROUTES	10.200.1.0/24			i-0d8e1fb2ffd2596XX	020997832382	eni-0c9e694d5919b51XX	CreateRoute	active
ROUTES	10.200.2.0/24			i-082e1ecbe1e228bXX	020997832382	eni-006e3ffe5aaecf1XX	CreateRoute	active
ROUTES	10.240.0.0/24		local				CreateRouteTable	active
ROUTES	0.0.0.0/0		igw-0a41a8c51c6c202XX				CreateRoute	active

Next: Deploying the DNS Cluster Add-on