Rede no Kubernetes
- Comunicação entre containers
  - Pod-to-Pod

Rede no Kubernetes

$ kubectl get pods -n kube-system -o wide
NAME                                                          READY   STATUS    RESTARTS   AGE     IP               NODE                                  NOMINATED NODE   READINESS GATES
calico-kube-controllers-56fcbf9d6b-8bgc4                      1/1     Running   0          22h     172.16.244.65    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
calico-node-dp8bl                                             1/1     Running   0          22h     177.75.176.40    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
calico-node-mrljz                                             1/1     Running   0          19h     177.75.176.41    kube-worker-01.juntotelecom.com.br    <none>           <none>
calico-node-rq79d                                             1/1     Running   0          19h     177.75.176.42    kube-worker-02.juntotelecom.com.br    <none>           <none>
coredns-64897985d-6j9g7                                       1/1     Running   0          3d16h   192.168.244.67   kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
coredns-64897985d-mbjdq                                       1/1     Running   0          3d16h   192.168.244.66   kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
etcd-kube-ctrl-pl-01.juntotelecom.com.br                      1/1     Running   0          3d16h   177.75.176.40    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
kube-apiserver-kube-ctrl-pl-01.juntotelecom.com.br            1/1     Running   0          3d16h   177.75.176.40    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
kube-controller-manager-kube-ctrl-pl-01.juntotelecom.com.br   1/1     Running   0          3d16h   177.75.176.40    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
kube-proxy-6m6gg                                              1/1     Running   0          19h     177.75.176.41    kube-worker-01.juntotelecom.com.br    <none>           <none>
kube-proxy-6mdph                                              1/1     Running   0          19h     177.75.176.42    kube-worker-02.juntotelecom.com.br    <none>           <none>
kube-proxy-h8s2j                                              1/1     Running   0          3d16h   177.75.176.40    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>
kube-scheduler-kube-ctrl-pl-01.juntotelecom.com.br            1/1     Running   0          3d16h   177.75.176.40    kube-ctrl-pl-01.juntotelecom.com.br   <none>           <none>

Comunicação entre containers

$ cat container_to_container.yaml
---
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: ops
  name: pod1
spec:
  containers:
  - image: nginx
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
      - containerPort: 80
  - image: registry:2
    name: registry
    ports:
      - containerPort: 5000

$ kubectl apply -f container_to_container.yaml
pod/pod1 created

$ kubectl get pods
NAME   READY   STATUS    RESTARTS   AGE
pod1   2/2     Running   0          54s

$ kubectl get pods -o wide
NAME   READY   STATUS    RESTARTS   AGE   IP               NODE                                 NOMINATED NODE   READINESS GATES
pod1   2/2     Running   0          77s   172.16.213.132   kube-worker-02.juntotelecom.com.br   <none>           <none>

$ curl 172.16.213.132:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
 
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
 
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

$ curl 172.16.213.132:5000/v2/_catalog
{"repositories":[]}

$ export POD1=$(kubectl get po pod1 -o wide | awk -F" " '{print $6}' | tail -1)

$ curl $POD1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
 
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
 
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Pod-to-Pod

$ cat pod_to_pod.yaml
---
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: dev
    ver: "0.5"
  name: pod2
spec:
  containers:
  - image: nginx
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
      - containerPort: 80
---
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: dev
    ver: "0.5"
  name: pod3
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
      - containerPort: 80

$ kubectl apply -f pod_to_pod.yaml
pod/pod2 created
pod/pod3 created

$ kubectl get pods -o wide
NAME   READY   STATUS    RESTARTS   AGE    IP               NODE                                 NOMINATED NODE   READINESS GATES
pod1   2/2     Running   0          3h3m   172.16.213.132   kube-worker-02.juntotelecom.com.br   <none>           <none>
pod2   1/1     Running   0          58s    172.16.101.68    kube-worker-01.juntotelecom.com.br   <none>           <none>
pod3   1/1     Running   0          58s    172.16.101.69    kube-worker-01.juntotelecom.com.br   <none>           <none>

$ kubectl get pods -l app=dev -o wide
NAME   READY   STATUS    RESTARTS   AGE    IP              NODE                                 NOMINATED NODE   READINESS GATES
pod2   1/1     Running   0          3m4s   172.16.101.68   kube-worker-01.juntotelecom.com.br   <none>           <none>
pod3   1/1     Running   0          3m4s   172.16.101.69   kube-worker-01.juntotelecom.com.br   <none>           <none>

$ kubectl get pods -l ver=0.5 -o wide
NAME   READY   STATUS    RESTARTS   AGE     IP              NODE                                 NOMINATED NODE   READINESS GATES
pod2   1/1     Running   0          4m51s   172.16.101.68   kube-worker-01.juntotelecom.com.br   <none>           <none>
pod3   1/1     Running   0          4m51s   172.16.101.69   kube-worker-01.juntotelecom.com.br   <none>           <none>

$ kubectl get pods -l app=ops -o wide
NAME   READY   STATUS    RESTARTS   AGE    IP               NODE                                 NOMINATED NODE   READINESS GATES
pod1   2/2     Running   0          3h5m   172.16.213.132   kube-worker-02.juntotelecom.com.br   <none>           <none>

$ kubectl exec -it pod3 -- cat /etc/resolv.conf
search default.svc.cluster.local svc.cluster.local cluster.local juntotelecom.com.br
nameserver 10.96.0.10
options ndots:5

$ kubectl exec -it pod3 -- cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

$ kubectl exec -ti pod3 -- curl $POD1:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
 
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
 
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Pod-to-Service

$ cat pod_to_service.yaml
---
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: dev
    ver: "0.5"
  name: pod2
spec:
  containers:
  - image: nginx
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
      - containerPort: 80
---
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: dev
    ver: "0.5"
  name: pod3
spec:
  containers:
  - image: nginx
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
      - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: dev
  name: nginx-service
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: dev
  type: LoadBalancer

$ kubectl apply -f pod_to_service.yaml --force
pod/pod2 unchanged
pod/pod3 configured
service/nginx-service unchanged

$ kubectl get pods -o wide
NAME   READY   STATUS    RESTARTS   AGE     IP               NODE                                 NOMINATED NODE   READINESS GATES
pod1   2/2     Running   0          3h27m   172.16.213.132   kube-worker-02.juntotelecom.com.br   <none>           <none>
pod2   1/1     Running   0          24m     172.16.101.68    kube-worker-01.juntotelecom.com.br   <none>           <none>
pod3   1/1     Running   0          75s     172.16.213.133   kube-worker-02.juntotelecom.com.br   <none>           <none>

$ kubectl get services
NAME            TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes      ClusterIP      10.96.0.1       <none>        443/TCP        3d20h
nginx-service   LoadBalancer   10.110.75.105   <pending>     80:31852/TCP   2m5s

$ kubectl describe service nginx-service
Name:                     nginx-service
Namespace:                default
Labels:                   app=dev
Annotations:              <none>
Selector:                 app=dev
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.110.75.105
IPs:                      10.110.75.105
Port:                     <unset>  80/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  31852/TCP
Endpoints:                172.16.101.68:80,172.16.213.133:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

$ kubectl exec -ti pod3 -- curl 10.110.75.105
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
 
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
 
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Table of Contents

Rede no Kubernetes

Comunicação entre containers

Pod-to-Pod

Pod-to-Service