Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
2.3k views
in Technique[技术] by (71.8m points)

docker - Multicast traffic to Kubernetes

I want my pods to receive multicast network traffic flowing from outside of my kubernetes cluster to specific ports in my nodes.

I'm considering two solutions:

  1. Adding hostNetwork: true flag to their yaml file along with hostPort configuration in order to receive the traffic directly to the pod.
  2. Forwarding the traffic locally on the nodes from eth0 interface to docker0 interface using iptables command.

Method 1 is an official feature in Kubernetes, but it feels like breaking a security wall that docker originally imposed, and might cause port collisions with host's processes, etc.

Method 2 on the other hand transparently forwards the multicast network traffic to the pods.
Despite the fact I can use an automation tool to spread this configuration (ansible/salt etc), anything configured 'out of the scope' of Kubernetes feels a little hacky to me.

Would like to hear your pros and cons, comments, and maybe other solutions to the problem of multicasting to a kubernetes cluster.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

A cleaner way to support multicast is to add an additional interface to your PODs through multus-cni. Then, you could associate this new multus interface to your host network interface that will receive multicast traffic on the host. Summarizing, you will have two interface on your POD i.e:

  1. net1 (default) for pod-to-pod communication and other unicast traffic.
  2. eth0 (multus) for multicast traffic. Then you will need to "join" it with a NIC in your host machine, either by using bridge or macvlan

See more details here: https://github.com/intel/multus-cni/blob/master/docs/quickstart.md


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...