Kubernetes iptables-主节点应该运行Pod吗?
[英]Kubernetes iptables - should the master node be running pods?
问题描述
In my kubernetes cluster I have a flannel overlay configured. 
在我的kubernetes集群中,我配置了法兰绒覆盖物。 the iptables on the master node and the minions are not the same. 主节点上的iptables和小仆节点上的iptables不同。 I understand that this is by design but it creates the problem that pods can't run on the master node: on the master, external IP addresses (for a service) are not resolved. 我了解这是设计使然,但是会导致Pod无法在主节点上运行的问题:在主节点上,无法解析(用于服务的)外部IP地址。
On the minions there is a KUBE-PORTALS-CONTAINER and KUBE-PORTALS-HOST chain which redirects service cluster and external IP addresses. 在各个奴隶上,有一个KUBE-PORTALS-CONTAINER和KUBE-PORTALS-HOST链,用于重定向服务集群和外部IP地址。 Static routes redirect this traffic to the master which actually resolves the addresses. 静态路由会将这些流量重定向到实际解析地址的主服务器。 On the master there isn't the 2 chains mentioned above but instead there is a KUBE-SERVICES chain which resolves services IPs to pod IP addresses. 在主服务器上,没有上面提到的2条链,而是有一个KUBE-SERVICES链,它将服务IP解析为Pod IP地址。
Is there a way to configure the master node to have the chains that the nodes have as well as the service resolution chain too? 是否可以将主节点配置为具有节点所拥有的链以及服务解析链?
1 个解决方案
解决方案1
1 已采纳 2016-04-12 23:52:56
Pods are running on Kubernetes nodes (formerly called minions) but not on masters, see Kubernetes architecture . Pod在Kubernetes节点(以前称为Minions)上运行,但不在主节点上运行,请参阅Kubernetes体系结构 。 You may also find the debugging Service doc helpful. 您可能还会发现调试服务文档很有帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.