概述
业务上,很多场景下是需要双网卡的,下面双网卡的模式,简单介绍一下。
双网卡pod的yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
|
apiVersion: v1
kind: Pod
metadata:
annotations:
cattle.io/timestamp: "2021-11-15T08:00:10Z"
cni.projectcalico.org/podIP: 10.254.44.185/32
cni.projectcalico.org/podIPs: 10.254.44.185/32
k8s.v1.cni.cncf.io/networks: '[{"name":"static-macvlan-cni-attach","interface":"eth1"}]'
k8s.v1.cni.cncf.io/networks-status: |-
[{
"name": "default-cni-network",
"ips": [
"10.254.44.185"
],
"dns": {}
},{
"name": "static-macvlan-cni-attach",
"interface": "eth1",
"ips": [
"10.9.228.10"
],
"mac": "f6:fd:5a:9b:fe:75",
"dns": {}
}]
macvlan.pandaria.cattle.io/ip: auto
macvlan.pandaria.cattle.io/mac: auto
macvlan.pandaria.cattle.io/subnet: access-vlan228
creationTimestamp: "2021-11-15T08:00:11Z"
generateName: lxb-test-1-54b9fd98f-
labels:
macvlan.panda.io/macvlanIpType: auto
macvlan.panda.io/selectedMac: ""
macvlan.pandaria.cattle.io/multipleIpHash: hash-0d612c12d2ac33625bf3e0351b6f5e4f73829fa8
macvlan.pandaria.cattle.io/selectedIp: 10.9.228.10
macvlan.pandaria.cattle.io/subnet: access-vlan228
pod-template-hash: 54b9fd98f
workload.user.cattle.io/workloadselector: deployment-default-lxb-test-1
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:cattle.io/timestamp: {}
f:k8s.v1.cni.cncf.io/networks: {}
f:macvlan.pandaria.cattle.io/ip: {}
f:macvlan.pandaria.cattle.io/mac: {}
f:macvlan.pandaria.cattle.io/subnet: {}
f:generateName: {}
f:labels:
.: {}
f:pod-template-hash: {}
f:workload.user.cattle.io/workloadselector: {}
f:ownerReferences:
.: {}
k:{"uid":"6f455869-ebb4-4793-81b3-6885e6a8967e"}:
.: {}
f:apiVersion: {}
f:blockOwnerDeletion: {}
f:controller: {}
f:kind: {}
f:name: {}
f:uid: {}
f:spec:
f:containers:
k:{"name":"lxb-test-1"}:
.: {}
f:image: {}
f:imagePullPolicy: {}
f:name: {}
f:resources: {}
f:securityContext:
.: {}
f:allowPrivilegeEscalation: {}
f:capabilities: {}
f:privileged: {}
f:readOnlyRootFilesystem: {}
f:runAsNonRoot: {}
f:stdin: {}
f:terminationMessagePath: {}
f:terminationMessagePolicy: {}
f:tty: {}
f:dnsConfig: {}
f:dnsPolicy: {}
f:enableServiceLinks: {}
f:restartPolicy: {}
f:schedulerName: {}
f:securityContext: {}
f:terminationGracePeriodSeconds: {}
manager: kube-controller-manager
operation: Update
time: "2021-11-15T08:00:11Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:labels:
f:macvlan.panda.io/macvlanIpType: {}
f:macvlan.panda.io/selectedMac: {}
f:macvlan.pandaria.cattle.io/multipleIpHash: {}
f:macvlan.pandaria.cattle.io/selectedIp: {}
f:macvlan.pandaria.cattle.io/subnet: {}
manager: network-controller
operation: Update
time: "2021-11-15T08:00:11Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
f:cni.projectcalico.org/podIP: {}
f:cni.projectcalico.org/podIPs: {}
manager: calico
operation: Update
time: "2021-11-15T08:00:18Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
f:k8s.v1.cni.cncf.io/networks-status: {}
manager: multus
operation: Update
time: "2021-11-15T08:00:18Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:status:
f:conditions:
k:{"type":"ContainersReady"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
k:{"type":"Initialized"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
k:{"type":"Ready"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
f:containerStatuses: {}
f:hostIP: {}
f:phase: {}
f:podIP: {}
f:podIPs:
.: {}
k:{"ip":"10.254.44.185"}:
.: {}
f:ip: {}
f:startTime: {}
manager: kubelet
operation: Update
time: "2021-11-15T08:00:36Z"
name: lxb-test-1-54b9fd98f-86qls
namespace: default
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: lxb-test-1-54b9fd98f
uid: 6f455869-ebb4-4793-81b3-6885e6a8967e
resourceVersion: "206376088"
selfLink: /api/v1/namespaces/default/pods/lxb-test-1-54b9fd98f-86qls
uid: c47ef648-d9bf-4477-b39c-607b2fa1798e
spec:
containers:
- image: busybox:1.31.1
imagePullPolicy: IfNotPresent
name: lxb-test-1
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities: {}
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: false
stdin: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
tty: true
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-pspc7
readOnly: true
dnsConfig: {}
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: 10.9.204.52
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: default-token-pspc7
secret:
defaultMode: 420
secretName: default-token-pspc7
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2021-11-15T08:00:11Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2021-11-15T08:00:36Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2021-11-15T08:00:36Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2021-11-15T08:00:11Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://884f3962acde8ccae50cf42165faaf1822ea8c77119b2a1880f565c16f44b33f
image: busybox:1.31.1
imageID: docker-pullable://busybox@sha256:95cf004f559831017cdf4628aaf1bb30133677be8702a8c5f2994629f637a209
lastState: {}
name: lxb-test-1
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2021-11-15T08:00:35Z"
hostIP: 10.9.204.52
phase: Running
podIP: 10.254.44.185
podIPs:
- ip: 10.254.44.185
qosClass: BestEffort
startTime: "2021-11-15T08:00:11Z"
|
macvlan隔离性的问题
关于单网卡macvlan的问题
需要了解业务做服务发现的方法,如果在 dubbo zk做,是否不需要,以及 zk 是否需要容器化,或者通过外部 dns 来做域名发现。
查看docker0的信息
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
root@VM-34-13-ubuntu:/home/ubuntu# docker network inspect e22d2858c27e
[
{
"Name": "bridge",
"Id": "e22d2858c27e20abed01c7abe555956ad8e95a5773ffc24b77f58c099def4b81",
"Created": "2021-11-16T10:15:06.546693443+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
root@VM-34-13-ubuntu:/home/ubuntu#
|
创建一个容器
1
|
docker run –d –-net=host --name nginx-host nginx
|
查看网卡设备
好像看不出来什么…
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
root@VM-34-13-ubuntu:/home/ubuntu# ethtool eth0
Settings for eth0:
Supported ports: [ ]
Supported link modes: Not reported
Supported pause frame use: No
Supports auto-negotiation: No
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Speed: Unknown!
Duplex: Unknown! (255)
Port: Other
PHYAD: 0
Transceiver: internal
Auto-negotiation: off
Link detected: yes
|
查看网络接口。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
root@VM-34-13-ubuntu:/home/ubuntu# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:98:a7:ec brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:5a:83:59:46 brd ff:ff:ff:ff:ff:ff
root@VM-34-13-ubuntu:/home/ubuntu# ip link show lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
root@VM-34-13-ubuntu:/home/ubuntu# ip link show eht0
Device "eht0" does not exist.
root@VM-34-13-ubuntu:/home/ubuntu# ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:98:a7:ec brd ff:ff:ff:ff:ff:ff
|
参考资料
警告
本文最后更新于 2022年3月1日,文中内容可能已过时,请谨慎参考。
