search

k8snetworkplumbingwg / multus-cni

A CNI meta-plugin for multi-homed pods in Kubernetes
Apache License 2.0
2.32k stars 582 forks source link

Services using multus interface #1310

Open MrDuartePT opened 1 month ago

MrDuartePT commented 1 month ago

I have try to configure multus interface to be use on my k3s services. On my setup multus have access to my DMZ network (VLAN 20) and my LoadBalancer (metallb) live on management interface.

My ideia was to move some service to use the multus-dmz, like traefik and other services that can be accessed externally.

I know multus is more focused to connect vlan to pods, like connect home-assistant to iot network. When I seen k8snetworkplumbingwg/multus-service exist I try to use it but I have some problems with it (multus-proxy-ds-amd64 CrashLoopBack error after right after the deployment). I also noticed the project was archived recently.

So my question is that exist alternative to multus-service or maybe other CNI is better for this use case?

MrDuartePT commented 1 month ago

When I seen k8snetworkplumbingwg/multus-service exist I try to use it but I have some problems with it (multus-proxy-ds-amd64 CrashLoopBack error after right after the deployment).

Just a small note about my setup I have 3 master, two amd64 and one arm64, but I triple check the pods and they are running on the amd64 master.

MrDuartePT commented 1 month ago

After messing around get working, just need to change the socket to containerd. Funny enough I can get whereabouts to work on my as my network definition:

Logs sample-pod
Events:
  Type     Reason                  Age   From               Message
  ----     ------                  ----  ----               -------
  Normal   Scheduled               5s    default-scheduler  Successfully assigned default/sample-pod to raspberrypi
  Normal   AddedInterface          5s    multus             Add eth0 [10.42.0.127/24] from cbr0
  Warning  FailedCreatePodSandBox  4s    kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "a45494632a255c149dc210a354115c78739206f0b98a51666f416da61b2400fe": plugin type="multus" failed (add): [default/sample-pod/2bcd05c5-3017-4fc8-a5da-84c9b994aca8:multus-dmz]: error adding container to network "multus-dmz": config file not found
---
network-attachment-definition.yaml
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: multus-dmz
spec:
  config: '{
      "cniVersion": "0.3.1",
      "name": "multus-dmz",
      "type": "macvlan",
      "master": "eth1",
      "mode": "bridge",
      "ipam": {
        "type": "whereabouts",
        "range": "10.22.20.1/24"
      }
    }'

Sample-pod.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
  namespace: default
  labels:
    app: multus-nginx-bridge
  annotations:
      k8s.v1.cni.cncf.io/networks: |
        [{
            "name": "multus-dmz",
            "namespace": "default",
         }]
spec:
  containers:
  - name: nginx
    image: nginx:latest