{"id":30953,"date":"2024-02-20T08:36:39","date_gmt":"2024-02-20T07:36:39","guid":{"rendered":"https:\/\/www.dbi-services.com\/blog\/?p=30953"},"modified":"2024-03-01T16:34:01","modified_gmt":"2024-03-01T15:34:01","slug":"kubernetes-networking-by-using-cilium-intermediate-level-part-1","status":"publish","type":"post","link":"https:\/\/www.dbi-services.com\/blog\/kubernetes-networking-by-using-cilium-intermediate-level-part-1\/","title":{"rendered":"Kubernetes Networking by Using Cilium – Intermediate Level – Network Interfaces"},"content":{"rendered":"\n

If you are new or uneasy with networking in Kubernetes, you may benefit from my previous blog for beginner level<\/a>. In this blog post I will show you in a Kubernetes cluster what a building and its networking components look like. As a reminder, below is the picture I drew in my previous blog to illustrate the networking in a Kubernetes cluster with Cilium:<\/p>\n\n\n\n

\"Kubernetes<\/figure>\n\n\n\n

If you want to understand this networking in Kubernetes in more details, read on, this blog post is for you! I’ll consider you know the basics about Kubernetes and how to interact with it, otherwise you may find our training course<\/a> on it very interesting (in English or in French)!<\/p>\n\n\n\n

Diving into the IP Addresses configuration<\/h2>\n\n\n\n

Let’s start by checking our environment and update our picture with real information from our Kubernetes cluster:<\/p>\n\n\n

\n$ kubectl get no -owide\nNAME                      STATUS   ROLES           AGE    VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE                         KERNEL-VERSION      CONTAINER-RUNTIME\nmycluster-control-plane   Ready    control-plane   113d   v1.27.3   172.18.0.3    <none>        Debian GNU\/Linux 11 (bullseye)   5.15.0-94-generic   containerd:\/\/1.7.1\nmycluster-worker          Ready    <none>          113d   v1.27.3   172.18.0.2    <none>        Debian GNU\/Linux 11 (bullseye)   5.15.0-94-generic   containerd:\/\/1.7.1\nmycluster-worker2         Ready    <none>          113d   v1.27.3   172.18.0.4    <none>        Debian GNU\/Linux 11 (bullseye)   5.15.0-94-generic   containerd:\/\/1.7.1\n\n$ kubectl get po -n networking101 -owide\nNAME                        READY   STATUS    RESTARTS      AGE     IP            NODE                NOMINATED NODE   READINESS GATES\nbusybox-c8bbbbb84-fmhwc     1\/1     Running   1 (24m ago)   3d23h   10.10.1.164   mycluster-worker2   <none>           <none>\nbusybox-c8bbbbb84-t6ggh     1\/1     Running   1 (24m ago)   3d23h   10.10.2.117   mycluster-worker    <none>           <none>\nnetshoot-7d996d7884-fwt8z   1\/1     Running   0             79s     10.10.2.121   mycluster-worker    <none>           <none>\nnetshoot-7d996d7884-gcxrm   1\/1     Running   0             80s     10.10.1.155   mycluster-worker2   <none>           <none>\n<\/pre><\/div>\n\n\n
\"Kubernetes<\/figure>\n\n\n\n
You can now see for real that the IP subnets of the pods are different than the one of the nodes. Also the IP subnet of pods on each node is different from each other. If you are not sure why, you are perfectly right because it is not so clear at this stage. So let’s clarify it by checking our Cilium configuration.<\/p>\n\n\n\n
I’ve told you in my previous blog that there is one Cilium Agent per building. This Agent is a pod itself and he takes care about networking in the node. This is what they look like in our cluster:<\/p>\n\n\n
\n$ kubectl get po -n kube-system -owide|grep cilium\ncilium-9zh9s                                      1\/1     Running   5 (65m ago)   113d   172.18.0.3    mycluster-control-plane   <none>           <none>\ncilium-czffc                                      1\/1     Running   5 (65m ago)   113d   172.18.0.4    mycluster-worker2         <none>           <none>\ncilium-dprvh                                      1\/1     Running   5 (65m ago)   113d   172.18.0.2    mycluster-worker          <none>           <none>\ncilium-operator-6b865946df-24ljf                  1\/1     Running   5 (65m ago)   113d   172.18.0.2    mycluster-worker          <none>           <none>\n<\/pre><\/div>\n\n\n
There is two things to notice here:<\/p>\n\n\n\n