Tanzu Kubernetes Grid(TKGm) に Multus CNI をインストールして使ってみる

-

TKGm にMultus CNI をQuickstart Guide に沿ってインストールしてみました。特に躓くところも無く、問題なくQuickstart Guide にあるステップは実施出来ました。


環境

  • Tanzu Kubernetes Grid(TKGm) v1.3.0
  • Workload Cluster Kubernetes v1.20.4

Multus 利用のための準備

上のQuickstart Guide に従って実施します。
$ kubectl get nodes
NAME                          STATUS   ROLES                  AGE   VERSION
greco-control-plane-pxkpt     Ready    control-plane,master   76m   v1.20.4+vmware.1
greco-md-0-7df88c7d87-26z5m   Ready    <none>                 72m   v1.20.4+vmware.1

git clone https://github.com/k8snetworkplumbingwg/multus-cni.git && cd multus-cni

$ cat ./images/multus-daemonset.yml | kubectl apply -f -
customresourcedefinition.apiextensions.k8s.io/network-attachment-definitions.k8s.cni.cncf.io created
clusterrole.rbac.authorization.k8s.io/multus created
clusterrolebinding.rbac.authorization.k8s.io/multus created
serviceaccount/multus created
configmap/multus-cni-config created
daemonset.apps/kube-multus-ds created

$ kubectl get pods --all-namespaces | grep -i multus
kube-system   kube-multus-ds-6zqfz                                1/1     Running   0          41s
kube-system   kube-multus-ds-kxjqx                                1/1     Running   0          41s

Custom Resource のデプロイ

こちらも手順通り、実施していきます。
$ cat <<EOF | kubectl create -f -
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: macvlan-conf
spec:
  config: '{
      "cniVersion": "0.3.0",
      "type": "macvlan",
      "master": "eth0",
      "mode": "bridge",
      "ipam": {
        "type": "host-local",
        "subnet": "192.168.1.0/24",
        "rangeStart": "192.168.1.200",
        "rangeEnd": "192.168.1.216",
        "routes": [
          { "dst": "0.0.0.0/0" }
        ],
        "gateway": "192.168.1.1"
      }
    }'
EOF

$ kubectl describe network-attachment-definitions macvlan-conf
Name:         macvlan-conf
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  k8s.cni.cncf.io/v1
Kind:         NetworkAttachmentDefinition
Metadata:
  Creation Timestamp:  2021-04-12T07:42:12Z
  Generation:          1
  Managed Fields:
    API Version:  k8s.cni.cncf.io/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:spec:
        .:
        f:config:
    Manager:         kubectl-create
    Operation:       Update
    Time:            2021-04-12T07:42:12Z
  Resource Version:  16313
  UID:               6fdcfb70-c04c-445e-b388-6edb178c8f56
Spec:
  Config:  { "cniVersion": "0.3.0", "type": "macvlan", "master": "eth0", "mode": "bridge", "ipam": { "type": "host-local", "subnet": "192.168.1.0/24", "rangeStart": "192.168.1.200", "rangeEnd": "192.168.1.216", "routes": [ { "dst": "0.0.0.0/0" } ], "gateway": "192.168.1.1" } }
Events:    <none>

サンプルPodのデプロイ

Pod に追加のNW インターフェースを追加します。annotation で先程作成したリソースを追加することで利用出来る様です。
$ cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
  name: samplepod
  annotations:
    k8s.v1.cni.cncf.io/networks: macvlan-conf
spec:
  containers:
  - name: samplepod
    command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"]
    image: alpine
EOF

$ kubectl get pods
NAME        READY   STATUS    RESTARTS   AGE
samplepod   1/1     Running   0          26s

net1@if2 というNW インターフェースがPod に対してアサインされている事が確認出来ます。
$ kubectl exec -it samplepod -- ip a
...(SNIP)...

3: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP
...
    inet 100.96.1.4/24 brd 100.96.1.255 scope global eth0
...

4: net1@if2: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
...
    inet 192.168.1.200/24 brd 192.168.1.255 scope global net1
...

一度、Pod を削除し、追加で2つNW インターフェースがアサインされるように設定し、再度Pod をデプロイしてみます。
$ kubectl get pods -A
NAMESPACE     NAME                                                READY   STATUS    RESTARTS   AGE
default       samplepod                                           1/1     Running   0          4m55s
kube-system   antrea-agent-7w9x5                                  2/2     Running   0          77m
kube-system   antrea-agent-q92mr                                  2/2     Running   0          75m
kube-system   antrea-controller-7bdc9bd99f-vlv4b                  1/1     Running   0          77m
kube-system   coredns-68d49685bd-9ndxd                            1/1     Running   0          79m
kube-system   coredns-68d49685bd-j8nhc                            1/1     Running   0          79m
kube-system   etcd-greco-control-plane-pxkpt                      1/1     Running   0          79m
kube-system   kube-apiserver-greco-control-plane-pxkpt            1/1     Running   1          79m
kube-system   kube-controller-manager-greco-control-plane-pxkpt   1/1     Running   0          79m
kube-system   kube-multus-ds-6zqfz                                1/1     Running   0          7m38s
kube-system   kube-multus-ds-kxjqx                                1/1     Running   0          7m38s
kube-system   kube-proxy-k2ftn                                    1/1     Running   0          75m
kube-system   kube-proxy-s5s4k                                    1/1     Running   0          79m
kube-system   kube-scheduler-greco-control-plane-pxkpt            1/1     Running   0          79m
kube-system   kube-vip-greco-control-plane-pxkpt                  1/1     Running   0          79m
kube-system   metrics-server-684657f57f-zdnqr                     1/1     Running   0          77m
kube-system   vsphere-cloud-controller-manager-n2vrb              1/1     Running   0          77m
kube-system   vsphere-csi-controller-9dc4779d6-7h5v7              5/5     Running   0          77m
kube-system   vsphere-csi-node-5v5hg                              3/3     Running   0          77m
kube-system   vsphere-csi-node-dn6g4                              3/3     Running   0          75m
tkg-system    kapp-controller-577bf5c4b6-vfhwd                    1/1     Running   0          79m

kubectl delete pod samplepod

$ cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
  name: samplepod
  annotations:
    k8s.v1.cni.cncf.io/networks: macvlan-conf,macvlan-conf
spec:
  containers:
  - name: samplepod
    command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"]
    image: alpine
EOF

$ kubectl exec -it samplepod -- ip a
...(SNIP)...

3: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP
...
    inet 100.96.1.5/24 brd 100.96.1.255 scope global eth0
...

4: net1@if2: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
...
    inet 192.168.1.201/24 brd 192.168.1.255 scope global net1
...

5: net2@if2: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
...
    inet 192.168.1.202/24 brd 192.168.1.255 scope global net2
...

先程の結果に加えて、net2@if2 というNW インターフェースが追加されていることが確認出来ました。

このブログの人気の投稿