CNI – Container Network Interface
- Docker containers for networking have a Standard CNM (Container Network Model)
- CNI (Container Network Interface) is another standard which also speaks about networking to container run times Refer Here
- CNI Plugins implement networking functionalities. In the case of k8s Networking is implemented by CNI and we have an option to choose the CNI Plugin in bare metal installations.
- CNI Plugins help kube-proxy to give a unique ip address to every Pod in the k8s cluster.
- Some of the popular CNI Plugins
- Weave Net
- Flannel
- Calico
Self Hosted K8s
- Problem with k8s version from 1.23
- K8s installations will not have default CNI. So post installtion of k8s cluster we need to install any CNI implementation which works for us
- kubelet on the node creates the container inside the Pod by using container runtime (Docker/CRI-o).
-
Each Pod requires a network connection which is provided by kube-proxy which requires CNI to assist.
-
Installation Steps
- Create some nodes (>1)
- Install docker on each node
- Install cri-dockerd each node
- Install kubeadm on each node
- Make one node master/control plane
- Add other nodes to the cluster
- Install any CNI implementation (Flannel)
- For installation Refer Here
Lets verify the Pod specs created yesterday
- To view the api-resources
- The above api resources can be interacted from kubectl
- Lets create first pod
---
apiVersion: v1
kind: Pod
metadata:
name: hello-pod
spec:
containers:
- image: nginx:1.23
name: nginx-container
ports:
- containerPort: 80
* Lets run some basic commands
* Run the following command kubectl get pods hello-pod -o yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"hello-pod","namespace":"default"},"spec":{"containers":[{"image":"nginx:1.23","name":"nginx-container","ports":[{"containerPort":80}]}]}}
creationTimestamp: "2022-12-03T04:01:32Z"
name: hello-pod
namespace: default
resourceVersion: "2684"
uid: 995a3e3a-7345-46cb-bf3e-e47108ade091
spec:
containers:
- image: nginx:1.23
imagePullPolicy: IfNotPresent
name: nginx-container
ports:
- containerPort: 80
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-c46wq
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: ip-172-31-10-39
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-c46wq
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2022-12-03T04:01:32Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2022-12-03T04:01:41Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2022-12-03T04:01:41Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2022-12-03T04:01:32Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://40c7fe896e2b025edf90affcb356b62463afe649ec176c6e2fd5a123e9dde240
image: nginx:1.23
imageID: docker-pullable://nginx@sha256:e209ac2f37c70c1e0e9873a5f7231e91dcd83fdf1178d8ed36c2ec09974210ba
lastState: {}
name: nginx-container
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2022-12-03T04:01:40Z"
hostIP: 172.31.10.39
phase: Running
podIP: 10.244.1.2
podIPs:
- ip: 10.244.1.2
qosClass: BestEffort
startTime: "2022-12-03T04:01:32Z"
- Lets delete the pod
- Run the following yaml
---
apiVersion: v1
kind: Pod
metadata:
name: second-pod
spec:
containers:
- image: nginx:1.23
name: nginx
ports:
- containerPort: 80
protocol: TCP
- image: jenkins/jenkins:lts-jdk11
name: jenkins
ports:
- containerPort: 8080
protocol: TCP
- Create the pod and delete the pod
- Now try creating the Pod with the below yaml
---
apiVersion: v1
kind: Pod
metadata:
name: activity3
spec:
containers:
- image: alpine
command:
- sleep
args:
- 1d
- Create a pod
- Now add name to the yaml
---
apiVersion: v1
kind: Pod
metadata:
name: activity3
spec:
containers:
- image: alpine
name: alpine
command:
- sleep
args:
- 1d