1

I have been setting up Kubernets with kubeadm and I have used Flannel to setup the pod network. The setup basically worked but I have been running into all kinds of problems (and bugs) and now I am trying to gain a better understanding of the different steps involved in network setup process (e.g. CNI and flannel).

From an end-user/admin perspective I simply pass --pod-network-cidr with some network argument to kubeadm and then later I apply a pod configuration for flannel using kubectl. Kubernetes will then start a flannel pod on each of my nodes. Assuming everything worked, flannel should then use the container network interfaces (CNI) of Kubernetes to setup the pod network.

As a result of this process I should get a pod network which includes the following:

  1. A cni0 bridge.
  2. A flannel.x interface.
  3. iptables entries to route between the host and the pod network.

The following files and binaries seem to be involved in the setup:

  1. kubectl reads a CNI configuration such as /etc/cni/net.d/10-flannel.conflist and invokes the CNI plugin described in the config file.
  2. Somehow a folder /var/lib/cni is being created which seems to contain configuration files for the network setup.
  3. A CNI plugin such as /opt/cni/bin/flannel is run, I don't yet understand what it does.

What am I missing on this list and how does (2.) fit into these steps. How does /var/lib/cni get created and which program is responsible for this?

Dan Kohn
  • 33,811
  • 9
  • 84
  • 100
lanoxx
  • 12,249
  • 13
  • 87
  • 142

1 Answers1

0

As I see from code of CNI:

var  (
   CacheDir  =  "/var/lib/cni"
)

this folder used as cache dir for CNI and looks like created by CNI plugin.

Here you can find detailed documentation about CNI.

What is CNI?

CNI (Container Network Interface), a Cloud Native Computing Foundation project, consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Because of this focus, CNI has a wide range of support and the specification is simple to implement.

All projects like Calico, Flannel use CNI as a base. That's why they called CNI-plugins

Here you can find documentation about how kubernetes interact with CNI.

Nick Rak
  • 2,629
  • 13
  • 19