How-To: Identify The Virtual Interface of a Pod in the Root Namespace Using Flannel as the Network B

Problem

Identify the virtual interface of a particular pod in the root namespace of the node using flannel as Network backend.

Environment

Platform9 Managed Kubernetes - All Versions
Flannel

Procedure

Use the docker command to identify the pause container for the pod as it holds the network namespace for the pod.

# docker ps | grep -i busybox2 | grep pause

f15ae72287e0 k8s.gcr.io/pause:3.1 "/pause" 2 minutes ago Up 2 minutes k8s_POD_mybusybox2_default_2a12aac4-ed54-4c99-aa0e-be32f793f41d_0

Run docker inspect on the container Id obtained from the above command and look for the SandboxKey to get the namespace created for the pod.

# docker inspect f15ae72287e0 | grep -i sandboxkey

"SandboxKey": "/var/run/docker/netns/5048a1a60e3b",

Use nsenter to get the interface details within the pod namespace.

# nsenter --net=/var/run/docker/netns/5048a1a60e3b ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever

3: eth0@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1472 qdisc noqueue state UP group default
link/ether 86:5f:a6:c3:8a:61 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.20.88.6/24 brd 10.20.88.255 scope global eth0
valid_lft forever preferred_lft forever

Note

ip netns command can not be used for the docker namespaces as it only knows about namespaces listed in /var/run/netns/

Run ethtool on the interface with the pod's IP in the namespace above to obtain the peer index of the Veth-pair for the interface

# nsenter --net=/var/run/docker/netns/5048a1a60e3b ethtool -S eth0 | grep -i peer

peer_ifindex: 27

List the network interface on the node (root namespace) using ip command, the interface listed at the index obtained in the above step ( 27 in this case ) is the virtual interface for the pod in the root namespace.

# ip a
.
.
27: vetha2fb55e7@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1472 qdisc noqueue master cni0 state UP group default
link/ether b6:76:f3:c9:a4:3c brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::b476:f3ff:fec9:a43c/64 scope link
valid_lft forever preferred_lft forever

PreviousHow to Prevent Container Runtime From Being Managed by Platform9 NextHow To Persist Changes to CoreDNS ConfigMap on PMK Cluster

Last updated 3 months ago

Good evening

hashtagProblem

hashtagEnvironment

hashtagProcedure

Problem

Environment

Procedure