一、POD:
Pod的出现是为了将一个或多个互相协作的进程(容器)以一个或多个容器的形式,组合成一个完整的服务单元,方便Kubernetes集群进行调度管理等。
在k8s中每个Pod中管理着一组Docker容器,这些Docker容器共享同一个网络命名空间,Pod中的每个Docker容器拥有与Pod相同的IP和port地址空间,并且由于他们在同一个网络命名空间,他们之间可以通过localhost相互访问
二、Node:
Node节点可以是虚拟机、或者物理机,也就咱们口头说的宿主机,当然这宿主机上安装了类似docker以及k8s服务。
通信方式:
通过网桥把veth0和veth1组成为一个以太网,他们直接是可以直接通信的,另外这里通过veth对让pod1的eth0和veth0、pod2的eth0和veth1关联起来,从而让pod1和pod2相互通信。
通信方式: 场景-》左侧的POD1与左侧的POD1中的容器通信
1)首先左侧pod1通过自己的以太网设备eth0把数据包发送到关联到root命名空间的veth0上
2)然后数据包被左侧Node上的网桥设备(例如docker0)接受到,网桥查找转发表发现找不到右侧POD1的Mac地址,则会把包转发到默认路由(root命名空间的eth0设备)
3)然后数据包经过eth0就离开了Node1,被发送到网络
4)数据包到达右侧Node后,首先会被root命名空间的eth0设备
5)然后通过网桥把数据路由到虚拟设备veth1,最终数据表会被流转到与veth1配对的另外一端(pod1的eth0)
每个Node都知道如何把数据包转发到其内部运行的Pod,当一个数据包到达Node后,其内部数据流就和Node内Pod之间的流转类似了
三、k8s容器通信组件介绍
k8s通信组件大致有以下两款Flannel 和Calico,今天给大家演示一下Calico
1、Calico是一个纯三层的数据中心网络方案,是目前Kubernetes主流的网络方案。
下载YAML
[root@k8s-master jason]# wget https://docs.projectcalico.org/manifests/calico.yaml --no-check-certificate
--2021-11-04 21:07:37-- https://docs.projectcalico.org/manifests/calico.yaml
正在解析主机 docs.projectcalico.org (docs.projectcalico.org)... 206.189.46.168, 18.139.201.98, 2406:da18:880:3801:ace0:496f:12a:7ecb, ...
正在连接 docs.projectcalico.org (docs.projectcalico.org)|206.189.46.168|:443... 已连接。
警告: 无法验证 docs.projectcalico.org 的由 “/C=US/O=Let's Encrypt/CN=R3” 颁发的证书:
颁发的证书已经过期。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:202200 (197K) [text/yaml]
正在保存至: “calico.yaml”
100%[=============================================================================================================================================>] 202,200 182KB/s 用时 1.1s
2021-11-04 21:07:39 (182 KB/s) - 已保存 “calico.yaml” [202200/202200])
2、下载完后还需要修改里面定义Pod网络(CALICO_IPV4POOL_CIDR),与前面kubeadm init的 --pod-network-cidr指定的一样
3、开始部署:
[root@k8s-master jason]# kubectl apply -f calico.yaml
configmap/calico-config created
customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/kubecontrollersconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org created
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
Warning: policy/v1beta1 PodDisruptionBudget is deprecated in v1.21+, unavailable in v1.25+; use policy/v1 PodDisruptionBudget
poddisruptionbudget.policy/calico-kube-controllers created4、等Calico Pod都Running,节点也会准备就绪
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 Pending 0 50s
calico-node-8fx44 0/1 Init:2/3 0 50s
calico-node-cxbvd 0/1 Init:2/3 0 50s
calico-node-g6vmc 0/1 Init:2/3 0 50s
coredns-545d6fc579-27pgv 0/1 Pending 0 24h
coredns-545d6fc579-pxpn5 0/1 Pending 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 61s
calico-node-8fx44 0/1 PodInitializing 0 61s
calico-node-cxbvd 0/1 Init:2/3 0 61s
calico-node-g6vmc 0/1 Init:2/3 0 61s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 64s
calico-node-8fx44 0/1 PodInitializing 0 64s
calico-node-cxbvd 0/1 PodInitializing 0 64s
calico-node-g6vmc 0/1 Init:2/3 0 64s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 66s
calico-node-8fx44 0/1 PodInitializing 0 66s
calico-node-cxbvd 0/1 PodInitializing 0 66s
calico-node-g6vmc 0/1 Init:2/3 0 66s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 68s
calico-node-8fx44 0/1 PodInitializing 0 68s
calico-node-cxbvd 0/1 PodInitializing 0 68s
calico-node-g6vmc 0/1 Init:2/3 0 68s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 69s
calico-node-8fx44 0/1 PodInitializing 0 69s
calico-node-cxbvd 0/1 PodInitializing 0 69s
calico-node-g6vmc 0/1 PodInitializing 0 69s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 72s
calico-node-8fx44 0/1 PodInitializing 0 72s
calico-node-cxbvd 0/1 PodInitializing 0 72s
calico-node-g6vmc 0/1 PodInitializing 0 72s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 74s
calico-node-8fx44 0/1 PodInitializing 0 74s
calico-node-cxbvd 0/1 PodInitializing 0 74s
calico-node-g6vmc 0/1 PodInitializing 0 74s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 75s
calico-node-8fx44 0/1 PodInitializing 0 75s
calico-node-cxbvd 0/1 PodInitializing 0 75s
calico-node-g6vmc 0/1 PodInitializing 0 75s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 76s
calico-node-8fx44 0/1 PodInitializing 0 76s
calico-node-cxbvd 0/1 PodInitializing 0 76s
calico-node-g6vmc 0/1 PodInitializing 0 76s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 77s
calico-node-8fx44 0/1 PodInitializing 0 77s
calico-node-cxbvd 0/1 PodInitializing 0 77s
calico-node-g6vmc 0/1 PodInitializing 0 77s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 79s
calico-node-8fx44 0/1 PodInitializing 0 79s
calico-node-cxbvd 0/1 PodInitializing 0 79s
calico-node-g6vmc 0/1 PodInitializing 0 79s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 80s
calico-node-8fx44 0/1 PodInitializing 0 80s
calico-node-cxbvd 0/1 PodInitializing 0 80s
calico-node-g6vmc 0/1 PodInitializing 0 80s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 0/1 ContainerCreating 0 81s
calico-node-8fx44 0/1 PodInitializing 0 81s
calico-node-cxbvd 0/1 PodInitializing 0 81s
calico-node-g6vmc 0/1 PodInitializing 0 81s
coredns-545d6fc579-27pgv 0/1 ContainerCreating 0 24h
coredns-545d6fc579-pxpn5 0/1 ContainerCreating 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 21h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h
[root@k8s-master jason]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-75f8f6cc59-2w2t4 1/1 Running 0 7m24s
calico-node-8fx44 1/1 Running 0 7m24s
calico-node-cxbvd 1/1 Running 0 7m24s
calico-node-g6vmc 0/1 Running 0 7m24s
coredns-545d6fc579-27pgv 0/1 ImagePullBackOff 0 24h
coredns-545d6fc579-pxpn5 0/1 ImagePullBackOff 0 24h
etcd-k8s-master 1/1 Running 1 24h
kube-apiserver-k8s-master 1/1 Running 1 24h
kube-controller-manager-k8s-master 1/1 Running 1 24h
kube-proxy-9j4qc 1/1 Running 1 24h
kube-proxy-cmghj 1/1 Running 1 22h
kube-proxy-hhvb9 1/1 Running 1 21h
kube-scheduler-k8s-master 1/1 Running 1 24h