How Flannel Manages Subnet Allocation in Kubernetes Docker Clusters
This article explains how Docker containers are managed within Kubernetes clusters using the Flannel component, detailing its interaction with etcd to allocate unique subnet ranges for each minion node, configuring flanneld, and troubleshooting common networking issues.
Docker is a representative container platform, and managing Docker clusters can be challenging. This article discusses how the Flannel component in Kubernetes clusters works together with etcd to allocate subnet ranges, helping ensure each Docker container receives a unique IP address.
Flannel and etcd Interaction
When installing a Kubernetes cluster, etcd is configured with a network CIDR that defines the IP address range available to containers. Flannel uses this CIDR to divide a secondary subnet for each minion node, ensuring unique IPs across the cluster.
Flanneld Configuration
The flanneld configuration file typically includes the etcd endpoint and the key where network information is stored:
# Flanneld configuration options
FLANNEL_ETCD="http://192.168.163.152:2379"
FLANNEL_ETCD_KEY="/coreos.com/network"
#FLANNEL_OPTIONS=""FLANNEL_ETCD points to the etcd server address, allowing flanneld on each minion to communicate with etcd. FLANNEL_ETCD_KEY specifies the key that holds the network configuration, e.g.:
etcdctl -C 192.168.163.148:2379 set /coreos.com/network/config '{ "Network": "192.168.0.0/16" }'These settings define the IP range that Docker on each minion will use. The Docker daemon receives a --bip parameter derived from Flannel, effectively assigning a unique subnet to each node.
Verification
After configuring Flannel, you can verify the connection status between a minion and etcd, and inspect Docker’s virtual network interface (docker0) to ensure its subnet matches the range defined by FLANNEL_ETCD_KEY. If the docker0 subnet does not fall within the Flannel-assigned range, Docker may fail to start and the node will appear “NotReady” in Kubernetes.
Overall, Flannel, provided by CoreOS for Kubernetes, communicates with etcd to obtain the cluster-wide network CIDR, then performs a secondary subnet allocation for each minion, guaranteeing unique IP addresses for all Docker containers in the cluster.
Flannel connection status on a minion node.
Docker startup parameters on minion1.
Docker startup parameters on minion2.
Network interface information on minion2, showing the Docker virtual network card.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
360 Zhihui Cloud Developer
360 Zhihui Cloud is an enterprise open service platform that aims to "aggregate data value and empower an intelligent future," leveraging 360's extensive product and technology resources to deliver platform services to customers.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.