0

I have 2 worker nodes in a Kubernetes cluster. The worker nodes are on the same L2 domain.

$]cat ipvlanconf1.yaml
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: ipvlanconf1
  namespace: cncf
spec:
  config: '{
      "cniVersion": "0.3.0",
      "type": "ipvlan",
      "master": "enp1s0.10",
      "mode": "l3",
      "vlan": 10,
      "ipam": {
        "type": "whereabouts",
        "range": "10.1.1.1/24",
        "gateway": "10.1.1.254"
      }
    }'

Pod00 on Worker-node0 is using IPVLAN. So, net1 gets 10.1.1.1

Pod01 on Worker-node1 is using IPVLAN. So, net1 gets 10.1.1.2

I want to able to ping 10.1.1.1 <---> 10.1.1.2 and it should carry the VLAN header. I don't see any in the tcpdump. Questions:

  • I assumed that the VLAN header is inserted by the Pod itself. However, in the IPVLAN CNI I don't see any code where VLAN information is taken via config. Is my understanding correct?

  • Should interfaces in pod be explicitly configured as vlan-subinterfaces (net1.10) or should I do it on the worker node (enp1s0.10)?

  • What should I use as 'master' interface? enp1s0 or enp1s0.10?

Thanks

M.P
  • 61
  • 5
  • On which environment are you working on? Which version of Kubernetes did you use and how did you set up the cluster? Did you use bare metal installation or some cloud provider? – kkopczak Dec 10 '21 at 15:22
  • @kkopczak I am working on Centos8 and using Kubeinit for a virtual OKD cluster. So, my compute nodes are VMs. So, if my gateway is 10.1.1.254, should that be assigned to a virtual router to which both the VMs are attached? – M.P Dec 10 '21 at 19:45

0 Answers0