DevOps Classroomnotes 03/Dec/2022

CNI – Container Network Interface

  • Docker containers for networking have a Standard CNM (Container Network Model)
  • CNI (Container Network Interface) is another standard which also speaks about networking to container run times Refer Here
  • CNI Plugins implement networking functionalities. In the case of k8s Networking is implemented by CNI and we have an option to choose the CNI Plugin in bare metal installations.
  • CNI Plugins help kube-proxy to give a unique ip address to every Pod in the k8s cluster.
  • Some of the popular CNI Plugins
    • Weave Net
    • Flannel
    • Calico

Self Hosted K8s

  • Problem with k8s version from 1.23
    Preview
  • K8s installations will not have default CNI. So post installtion of k8s cluster we need to install any CNI implementation which works for us
  • kubelet on the node creates the container inside the Pod by using container runtime (Docker/CRI-o).
  • Each Pod requires a network connection which is provided by kube-proxy which requires CNI to assist.
    Preview
  • Installation Steps

    • Create some nodes (>1)
    • Install docker on each node
    • Install cri-dockerd each node
    • Install kubeadm on each node
    • Make one node master/control plane
      Preview
    • Add other nodes to the cluster
    • Install any CNI implementation (Flannel)
      Preview
  • For installation Refer Here

Lets verify the Pod specs created yesterday

  • To view the api-resources
    Preview
  • The above api resources can be interacted from kubectl
    Preview
  • Lets create first pod 
---
apiVersion: v1
kind: Pod
metadata:
  name: hello-pod
spec:
  containers:
    - image: nginx:1.23
      name: nginx-container
      ports:
        - containerPort: 80

Preview
* Lets run some basic commands
Preview
* Run the following command kubectl get pods hello-pod -o yaml

apiVersion: v1
kind: Pod
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"hello-pod","namespace":"default"},"spec":{"containers":[{"image":"nginx:1.23","name":"nginx-container","ports":[{"containerPort":80}]}]}}
  creationTimestamp: "2022-12-03T04:01:32Z"
  name: hello-pod
  namespace: default
  resourceVersion: "2684"
  uid: 995a3e3a-7345-46cb-bf3e-e47108ade091
spec:
  containers:
  - image: nginx:1.23
    imagePullPolicy: IfNotPresent
    name: nginx-container
    ports:
    - containerPort: 80
      protocol: TCP
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-c46wq
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  nodeName: ip-172-31-10-39
  preemptionPolicy: PreemptLowerPriority
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: kube-api-access-c46wq
    projected:
      defaultMode: 420
      sources:
      - serviceAccountToken:
          expirationSeconds: 3607
          path: token
      - configMap:
          items:
          - key: ca.crt
            path: ca.crt
          name: kube-root-ca.crt
      - downwardAPI:
          items:
          - fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
            path: namespace
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2022-12-03T04:01:32Z"
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: "2022-12-03T04:01:41Z"
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: "2022-12-03T04:01:41Z"
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: "2022-12-03T04:01:32Z"
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: docker://40c7fe896e2b025edf90affcb356b62463afe649ec176c6e2fd5a123e9dde240
    image: nginx:1.23
    imageID: docker-pullable://nginx@sha256:e209ac2f37c70c1e0e9873a5f7231e91dcd83fdf1178d8ed36c2ec09974210ba
    lastState: {}
    name: nginx-container
    ready: true
    restartCount: 0
    started: true
    state:
      running:
        startedAt: "2022-12-03T04:01:40Z"
  hostIP: 172.31.10.39
  phase: Running
  podIP: 10.244.1.2
  podIPs:
  - ip: 10.244.1.2
  qosClass: BestEffort
  startTime: "2022-12-03T04:01:32Z"
  • Lets delete the pod
    Preview
  • Run the following yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: second-pod
spec:
  containers:
    - image: nginx:1.23
      name: nginx
      ports: 
        - containerPort: 80
          protocol: TCP
    - image: jenkins/jenkins:lts-jdk11
      name: jenkins
      ports:
        - containerPort: 8080
          protocol: TCP
  • Create the pod and delete the pod
    Preview
  • Now try creating the Pod with the below yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: activity3
spec:
  containers:
    - image: alpine
      command:
        - sleep
      args:
        - 1d
  • Create a pod
    Preview
  • Now add name to the yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: activity3
spec:
  containers:
    - image: alpine
      name: alpine
      command:
        - sleep
      args:
        - 1d

Preview

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner