Kubernetes:Pods网络隔离
[英]Kubernetes: pods network isolation
问题描述
We need to know about pods network isolation. 
我们需要了解pods网络隔离。
Is there a possibility to access one pod from another one in cluster? 是否有可能从群集中的another one one pod访问one pod ? Maybe by namespace dividing? 也许通过namespace划分?
We also need pod 's membership in local networks, which are not accessible from outside. 我们还需要本地网络中pod的成员资格,这些成员无法从外部访问。
Any plans? 任何计划? Is it will be soon? 会很快吗?
1 个解决方案
解决方案1
1 2015-11-20 05:49:13
In a standard Kubernetes installation, all pods (even across namespaces) share a flat IP space and can all communicate with each other. 在标准的Kubernetes安装中,所有Pod(甚至跨命名空间)共享一个平面IP空间,并且可以相互通信。
To get isolation, you'll need to customize your install to prevent cross namespace communication. 为了获得隔离,您需要自定义安装以防止跨名称空间通信。 One way to do this is to use OpenContrail. 一种方法是使用OpenContrail。 They recently wrote a blog post describing an example deployment using the Guestbook from the Kubernetes repository. 他们最近写了一篇博客文章,描述了使用Kubernetes存储库中的Guestbook进行示例部署的情况。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.