Cilium - Cilium 1.14.5版本的路由模式场景下的容器流量简介
【摘要】 本文主要对Cilium 1.14.5版本的容器流量访问模型进行梳理,难免有误,仅供自己参考
1.Cilium部署核心参数:
# cilium status
KVStore: Ok Disabled
Kubernetes: Ok 1.27 (v1.27.2+k3s1) [linux/amd64]
Kubernetes APIs: ["EndpointSliceOrEndpoint", "cilium/v2::CiliumClusterwideNetworkPolicy", "cilium/v2::CiliumEndpoint", "cilium/v2::CiliumNetworkPolicy", "cilium/v2::CiliumNode", "cilium/v2alpha1::CiliumCIDRGroup", "core/v1::Namespace", "core/v1::Pods", "core/v1::Service", "networking.k8s.io/v1::NetworkPolicy"]
KubeProxyReplacement: True [ens160 192.168.153.134 (Direct Routing), ens224 192.168.3.24]
Host firewall: Disabled
CNI Chaining: none
Cilium: Ok 1.14.5 (v1.14.5-85db28be)
NodeMonitor: Listening for events on 4 CPUs with 64x4096 of shared memory
Cilium health daemon: Ok
IPAM: IPv4: 6/254 allocated from 10.0.0.0/24,
IPv4 BIG TCP: Disabled
IPv6 BIG TCP: Disabled
BandwidthManager: EDT with BPF [CUBIC] [ens160, ens224]
Host Routing: BPF
Masquerading: BPF [ens160, ens224] 10.0.0.0/8 [IPv4: Enabled, IPv6: Disabled]
Controller Status: 40/40 healthy
Proxy Status: OK, ip 10.0.0.143, 0 redirects active on ports 10000-20000, Envoy: embedded
Global Identity Range: min 256, max 65535
Hubble: Ok Current/Max Flows: 4095/4095 (100.00%), Flows/s: 17.02 Metrics: Disabled
Encryption: Disabled
Cluster health: 2/2 reachable (2024-01-20T17:00:44Z)
2.流量简介
【版权声明】本文为华为云社区用户原创内容,未经允许不得转载,如需转载请自行联系原作者进行授权。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱:
cloudbbs@huaweicloud.com
- 点赞
- 收藏
- 关注作者
评论(0)