kubernetes.md

Kubernetes Integration

Netplugin code can handle the network and network-policy instantiation via plugins provided by Kubernetes. The plugin for Kubernetes is always built as a binary and kept in $GOPATH/bin as k8contivnet

A quick tryout

1. Copy k8contivnet binary from $GOPATH/bin to kubelet-plugins directory: sudo mkdir /usr/libexec/kubernetes/kubelet-plugins/net/exec/k8contivnet sudo cp $GOPATH/bin/k8contivnet /usr/libexec/kubernetes/kubelet-plugins/net/exec/k8contivnet

2. Install Kubernetes and etcd components on your favorite system using the Setup Guides. However you must make sure that kublet was started with --network_plugin=k8contivnet option

3. Start netplugin with desired network intent as specified in late-bindings example. Note taht the json input doesn't specify the host information, which is automatically picked up from as kubernetes scheduler picks up a minion for the host. And Container in the json schema is really a pod's name instead of the container(s) within pod.

4. Launch applications/pods via Kubernetes as usual, they would be connected as specified by the network intent

5. Add/Delete the networks or endpoints directly via netplugin, usually before adding or after deleting the pod

Pending work items

• Fetch the IP information from the netplugin and display it alongside k8's pod information
• Allocate the networks and network policies based on k8 labels

Some details for people interesting in hacking some of this

Kubernetes infrastructure model is to create an infrastructure container (called pod). This requires network plugin to create the network plumbing inside an infrastructure container, which is created dynamically. And the visible names to the application is identified by pod-name or container-name(s) in the pod.

This network plugin has been enhanced to allow specification of the network container to be different from the application-container. Further, kubernetes require that a plugin be written and kept in a specific directory which gets called when an applicaiton (aka pod) is launched. This allows for a binary executable to be called with a specific parameters to do the network plumbing outside Kubernetes.

For that reason, netplugin produces a new binary, called k8contivnet, a small plugin interface that will get called by Kubernetes upon init of the plugin, and during creation/deletion of the application pod. The syntax of k8contivnet is as follows, which adheres to Kubernetes plugin requirements:

$ k8contivnet init
$ k8contivnet setup <pod-name> <pod-namespace> <infra-container-uuid>
$ k8contivnet teardown <pod-name> <pod-namespace> <infra-container-uuid>
$ k8contivnet help

This plugin would need to be copied in following directory: /usr/libexec/kubernetes/kubelet-plugins/net/exec/k8contivnet/k8contivnet