本文主要是介绍flannel 实战与源码分析(六),希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
其实flannel的东西基本都说完了,还有一个功能点由于和kubernetes紧密结合的,所以在这里解释一下。相信大家都还记得之前写的创建SubnetManager
func newSubnetManager() (subnet.Manager, error) {if opts.kubeSubnetMgr {return kube.NewSubnetManager()}cfg := &etcdv2.EtcdConfig{Endpoints: strings.Split(opts.etcdEndpoints, ","),Keyfile: opts.etcdKeyfile,Certfile: opts.etcdCertfile,CAFile: opts.etcdCAFile,Prefix: opts.etcdPrefix,Username: opts.etcdUsername,Password: opts.etcdPassword,}return etcdv2.NewLocalManager(cfg)
}如果传参是 –kube-subnet-mgr那么将启动kube的子网管理,如果熟悉kubernetes的人可能都知道,其实kubernetes没有什么网络管理,只有一个网络策略,那这个网络管理从何说起呢?
看代码就会明白subnet/kube/kube.go
indexer, controller := cache.NewIndexerInformer(&cache.ListWatch{ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {return ksm.client.Core().Nodes().List(options)},WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {return ksm.client.Core().Nodes().Watch(options)},},&v1.Node{},resyncPeriod,cache.ResourceEventHandlerFuncs{AddFunc: func(obj interface{}) {ksm.handleAddLeaseEvent(subnet.EventAdded, obj)},UpdateFunc: ksm.handleUpdateLeaseEvent,DeleteFunc: func(obj interface{}) {ksm.handleAddLeaseEvent(subnet.EventRemoved, obj)},},cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc},)所谓的网络管理就是listwatch node节点。再看看kubernetes的node的annotations就恍然大悟了
annotations:flannel.alpha.coreos.com/backend-data: '{"VtepMAC":"8e:11:4d:6c:15:1c"}'flannel.alpha.coreos.com/backend-type: vxlanflannel.alpha.coreos.com/kube-subnet-manager: "true"flannel.alpha.coreos.com/public-ip: 10.39.0.46
原理就是放到node的annotations,通过这种方式去替换etcd的作用,我这也是醉了,这个信心还是保存到etcd的啊!大神们!
当然还提供WatchLease等方法
func (ksm *kubeSubnetManager) WatchLease(ctx context.Context, sn ip.IP4Net, cursor interface{}) (subnet.LeaseWatchResult, error) {select {case event := <-ksm.selfEvents:return subnet.LeaseWatchResult{Events: []subnet.Event{event},}, nilcase <-ctx.Done():return subnet.LeaseWatchResult{}, nil}
}只不过不再直接watch etcd了,通过kubernetes的api listwatch机制,把event放到subnet.Event这个管道里面,然后WatchLease从管道中获取。至于怎么放进去的看下面代码
func (ksm *kubeSubnetManager) handleAddLeaseEvent(et subnet.EventType, obj interface{}) {n := obj.(*v1.Node)if s, ok := n.Annotations[subnetKubeManagedAnnotation]; !ok || s != "true" {return}l, err := nodeToLease(*n)if err != nil {glog.Infof("Error turning node %q to lease: %v", n.ObjectMeta.Name, err)return}ksm.events <- subnet.Event{et, l}if n.ObjectMeta.Name == ksm.nodeName {ksm.selfEvents <- subnet.Event{et, l}}
}上面的代码以网络添加为例,那么这个kube-mgr就可以替换etcd,如果要说这样设计的比直接用etcd的好处的话,我觉得是可以配合网络策略实现网络隔离。应为有了这些节点信息,配合calico的网络策略,就可以很好的控制网络隔离,有个开源的项目canal,如果感兴趣可以了解一下。
这篇关于flannel 实战与源码分析(六)的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
