Kubernetes Networking 101 : Vxlan overlay network - Flannel - pods and services
Pods on the same host communicate over the cni0 interface.
The cni0 interface is a virtual bridge that kubernetes attaches the pods to.
Together with the pods the switch creates a layer 2 network inside the host node as you can see below:
To allow pods to communicate directly with other pods in the kubernetes cluster without using NAT - Network address translation - protocol for example, we use Vxlan.
Vxlan is an overlay network , it "lays" over the already existing layer 2 and 1 network .
Flannel is the Vxlan used so the pods could communicate with each other over the cluster.
Vxlan is an overlay network , it "lays" over the already existing layer 2 and 1 network .
Flannel is the Vxlan used so the pods could communicate with each other over the cluster.
Remark:
We could use IPSec instead of Vxlan as a backend plugin for Flannel to have more security in the cluster.
Flannel allows a layer 2 networking (Ethernet for example) over the kubernetes cluster by wrapping the layer 2 packets in UDP datagrams (layer 3).
The source flannel interface wraps the packets and the destination flannel interface unwraps them to be able to read the data and pass it to the pods.
Comments