CNI (Container Network Interface)
CNI is set of standard that defines how program(plugins) should be developed and how container runtime(docker , rkt) will invoke them so that everyone adhere to single set of standard solve the common networking challenges in container runtime environment.
CNI defines a set of Responsibilities for Container Runtime.
- Container Runtime must create network namespace.
- Identify network the container must attach to.
- Container Runtime to invoke Network plugin(bridge) when container is Added.
- Container Runtime to invoke Network plugin(bridge) when container is Deleted.
- JSON format of the Network Configuration.
In plugin side it should Support-
- Command line arguments- ADD/DEL/CHECK.
- Parameters — container ids, network namespace etc..
- Must manage IP address assignment to PODs.
- Must return result in specific format.
CNI comes with set of supported plugins — BRIDGE , VLAN , IPVLAN , MACVLAN , WINDOWS
There are also third party solutions like — flannel , Calico , weaveworks
All these implements CNI standards.
Kubelet is the process that uses the cni plugin. Some of the configuration path are.
- Check which CNI plugin it’s using:
- Check all the plugin binaries supported:
- CNI plugin configured to be used on this kubernetes cluster?
- What binary executable file will be run by kubelet after a container and its associated namespace are created.
Look at the
type field in file
Sample shared in above screen.
POD may sometime fail of the Network is not configured properly.
weave-net networking solution to the cluster:
## Weave Net can be installed onto your CNI-enabled Kubernetes cluster with a single command. Use the below commandkubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
- Identify the name of the bridge network/interface created by weave on each node.
- What is the POD IP address range configured by weave?
- What is the default Gateway configured on the PODs scheduled on node03
Now run the ip r to get the route of the pod. As shown below the default gateway is 10.38.0.0 which is using the interface eth0.