stackoom
  简体   繁体   中英

Kubernetes kube-proxy mechanism

 原文  2017-06-01 15:15:42       kubernetes/ kube-proxy

Question

In Kubernetes, let's say we have three pods, which are physically hosted on Node X, Y and Z. When I expose them as a service using 'kubectl expose', are all nodes in the cluster (in addition to X, Y and Z) configured the same way? Specifically, kube-proxy in each node within the cluster watches the apiserver, builds a bunch of iptables rules and references the portal IP (chosen by apiserver), and inserts those rules to the node which it lives on?

I assume the reason it has to be done on all nodes is that the cluster has no idea from which node the client would come from to hit the portal IP?

1 answers

solution1
 4  2017-06-02 09:48:02

You are correct. The portal network (aka service network, cluster network) has no network interface but is a collection of iptables rules managed by kube-proxy. Each node needs to have these rules as a pod on any of them could connect any portal IP (aka service IP, cluster IP).

Read more here: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Kubernetes Ingress controller vs kube-proxy Kubernetes: link a pod to kube-proxy Kubernetes CNI vs Kube-proxy Azure kubernetes kube-proxy explanation Deleted kube-proxy Kubernetes kube-proxy iptables rules seem to be redundant kubernetes fails to pull kube-proxy from gcr.io Kubernetes Kube-proxy failed to retrieve node info How to restore accidentally deleted a kube-proxy DaemonSet in a Kubernetes cluster? How to restart kube-proxy in Kubernetes 1.2 (GKE)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM