I have been setting up Kubernets with kubeadm and I have used Flannel to setup the pod network. The setup basically worked but I have been running into all kinds of problems (and bugs) and now I am trying to gain a better understanding of the different steps involved in network setup process (e.g. CNI and flannel).
From an end-user/admin perspective I simply pass --pod-network-cidr with some network argument to kubeadm and then later I apply a pod configuration for flannel using kubectl. Kubernetes will then start a flannel pod on each of my nodes. Assuming everything worked, flannel should then use the container network interfaces (CNI) of Kubernetes to setup the pod network.
As a result of this process I should get a pod network which includes the following:
- A
cni0bridge. - A
flannel.xinterface. - iptables entries to route between the host and the pod network.
The following files and binaries seem to be involved in the setup:
kubectlreads a CNI configuration such as/etc/cni/net.d/10-flannel.conflistand invokes the CNI plugin described in the config file.- Somehow a folder
/var/lib/cniis being created which seems to contain configuration files for the network setup. - A CNI plugin such as
/opt/cni/bin/flannelis run, I don't yet understand what it does.
What am I missing on this list and how does (2.) fit into these steps. How does /var/lib/cni get created and which program is responsible for this?
As I see from code of CNI:
this folder used as cache dir for CNI and looks like created by CNI plugin.
Here you can find detailed documentation about CNI.
What is CNI?
CNI (Container Network Interface), a Cloud Native Computing Foundation project, consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Because of this focus, CNI has a wide range of support and the specification is simple to implement.
All projects like Calico, Flannel use CNI as a base. That's why they called CNI-plugins
Here you can find documentation about how kubernetes interact with CNI.