macvlan 由于完全是基于 L2 bridge 的模式,所以需要避免 ip 冲突

bobz965
5 阅读2分钟

如果我在两个节点上的 macvlan 的子接口配置一个 node local 的 ip,也是会出现 ip 冲突的,而且 mac 可能会被错位的配置为非 kube-ovn gw pod 本地的 macvlan 子接口的 mac 地址



# k get network-attachment-definitions.k8s.cni.cncf.io -n kube-system   real-eip -o yaml
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
  annotations:
  name: real-eip
  namespace: kube-system
spec:
  config: '{ "cniVersion": "0.3.1", "type": "macvlan", "master": "bond1", "mode":
    "bridge" }'





# k exec -it -n kube-system                    vpc-nat-gw-ns7-bgp-gw-0 -- bash
vpc-nat-gw-ns7-bgp-gw-0:/kube-ovn#
vpc-nat-gw-ns7-bgp-gw-0:/kube-ovn#
vpc-nat-gw-ns7-bgp-gw-0:/kube-ovn# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: net1@if61962: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether be:32:ba:9b:2f:9e brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 163.142.153.136/28 scope global net1
       valid_lft forever preferred_lft forever
    inet6 fe80::bc32:baff:fe9b:2f9e/64 scope link
       valid_lft forever preferred_lft forever
62202: eth0@if62203: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
    link/ether d2:5a:b9:ff:28:d7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.177.255.253/16 brd 10.177.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::d05a:b9ff:feff:28d7/64 scope link
       valid_lft forever preferred_lft forever
vpc-nat-gw-ns7-bgp-gw-0:/kube-ovn# arping -I net1 169.254.25.101
ARPING 169.254.25.101 from 163.142.153.136 net1
Unicast reply from 169.254.25.101 [2A:E5:0D:36:50:72]  0.601ms
Unicast reply from 169.254.25.101 [2A:E5:0D:36:50:72]  0.545ms
Unicast reply from 169.254.25.101 [2A:E5:0D:36:50:72]  0.534ms
Unicast reply from 169.254.25.101 [2A:E5:0D:36:50:72]  0.552ms
^CSent 4 probes (1 broadcast(s))
Received 4 response(s)
vpc-nat-gw-ns7-bgp-gw-0:/kube-ovn# arping -I net1 169.254.25.101
ARPING 169.254.25.101 from 163.142.153.136 net1
Unicast reply from 169.254.25.101 [2A:E5:0D:36:50:72]  0.564ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.649ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.615ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.628ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.610ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.628ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.627ms
Unicast reply from 169.254.25.101 [DA:89:5D:83:8C:BE]  0.620ms
^CSent 7 probes (1 broadcast(s))
Received 8 response(s)
vpc-nat-gw-ns7-bgp-gw-0:/kube-ovn#
avatar
文章
阅读
粉丝