{"id":151,"date":"2024-01-31T16:31:49","date_gmt":"2024-01-31T15:31:49","guid":{"rendered":"https:\/\/leren.ovh\/?p=151"},"modified":"2024-02-02T16:04:45","modified_gmt":"2024-02-02T15:04:45","slug":"kubernetes-pod-networking","status":"publish","type":"post","link":"https:\/\/leren.ovh\/index.php\/2024\/01\/31\/kubernetes-pod-networking\/","title":{"rendered":"Kubernetes POD\/ContainerNetworking"},"content":{"rendered":"\n<p>A Name Space consists of a Network Stack sharing: NIC&#8217;s, routing tables, forwarding rules, Firewall Rules, L4 Ports (sockets)&#8230; Each OS has by default a global (also called root or host) Namespace. <\/p>\n\n\n\n<p>In Kubernetes you can build one or more extra Namespaces (as required). Each New Namespace here shares a Network Stack for one or more POD&#8217;s. (Each Namespaces is independent from other namespaces or it&#8217;s host&#8217;s OS\/Namespace).<\/p>\n\n\n\n<p>Each POD has a unique IP-address. This address is part of a subnet (podCIDR) unique to the Node. All these unique Node Subnets are parts from a bigger subnet call Cluster CIDR. For example: Pod1 has IP 172.17.1.10\/24 which comes from PodCIDR 172.17.1.0\/24 for Node1 and all the Nodes will have a unique Subnet from the Cluster CIDR 172.17.0.0\/16. <\/p>\n\n\n\n<p>The interconnection between Namespaces happens by Veth devices. You can see these as a virtual patch cable.  <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"720\" height=\"491\" src=\"https:\/\/leren.ovh\/wp-content\/uploads\/2024\/02\/image.png\" alt=\"\" class=\"wp-image-169\" srcset=\"https:\/\/leren.ovh\/wp-content\/uploads\/2024\/02\/image.png 720w, https:\/\/leren.ovh\/wp-content\/uploads\/2024\/02\/image-300x205.png 300w\" sizes=\"auto, (max-width: 720px) 100vw, 720px\" \/><\/figure>\n\n\n\n<p>In order to allow communication between POD&#8217;s in the SAME Network Namespace but on  DIFFERENT Nodes. An Overlay Network is required: By Default this is Flannel(for Kubernetes, Canal for Rancher) which uses (L2 VXLAN Technology running over UDP with a Default MTU of 1450) a common different technology is Calico (default IP-in-IP L3 Tunnel technology). In Kubernetes this types of networks overlay are done by choosing a CNI Plugin (Which exists between Kubelet and POD NameSpace). Their are many CNI Plugin&#8217;s <\/p>\n","protected":false},"excerpt":{"rendered":"<p>A Name Space consists of a Network Stack sharing: NIC&#8217;s, routing tables, forwarding rules, Firewall Rules, L4 Ports (sockets)&#8230; Each OS has by default a global (also called root or host) Namespace. In Kubernetes you can build one or more extra Namespaces (as required). Each New Namespace here shares a Network Stack for one or&hellip;&nbsp;<a href=\"https:\/\/leren.ovh\/index.php\/2024\/01\/31\/kubernetes-pod-networking\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Kubernetes POD\/ContainerNetworking<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"_ti_tpc_template_sync":false,"_ti_tpc_template_id":"","footnotes":""},"categories":[7],"tags":[11],"class_list":["post-151","post","type-post","status-publish","format-standard","hentry","category-kubernetes","tag-kubernetes"],"_links":{"self":[{"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/posts\/151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/comments?post=151"}],"version-history":[{"count":14,"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/posts\/151\/revisions"}],"predecessor-version":[{"id":179,"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/posts\/151\/revisions\/179"}],"wp:attachment":[{"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/media?parent=151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/categories?post=151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/leren.ovh\/index.php\/wp-json\/wp\/v2\/tags?post=151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}