到Kubernetes的多播流量 [英] Multicast traffic to Kubernetes

问题描述

我希望我的Pod接收从kubernetes集群外部流到节点中特定端口的多播网络流量.

I want my pods to receive multicast network traffic flowing from outside of my kubernetes cluster to specific ports in my nodes.

我正在考虑两种解决方案:

I'm considering two solutions:

1. 将hostNetwork: true标志和hostPort配置一起添加到其yaml文件中，以便直接接收到Pod的流量.
2. 使用iptables命令将节点上的流量从eth0接口本地转发到docker0接口.

1. Adding hostNetwork: true flag to their yaml file along with hostPort configuration in order to receive the traffic directly to the pod.
2. Forwarding the traffic locally on the nodes from eth0 interface to docker0 interface using iptables command.

方法1是Kubernetes的一项官方功能，但感觉像是打破了docker最初强加的安全墙，并可能导致端口 与主机的进程等发生冲突.

Method 1 is an official feature in Kubernetes, but it feels like breaking a security wall that docker originally imposed, and might cause port collisions with host's processes, etc.

另一方面，方法2将多播网络流量透明地转发到Pod.
尽管事实上我可以使用自动化工具来传播此配置(Ansible/Salt等)，但任何配置超出Kubernetes范围的东西对我来说还是有点棘手.

Method 2 on the other hand transparently forwards the multicast network traffic to the pods.
Despite the fact I can use an automation tool to spread this configuration (ansible/salt etc), anything configured 'out of the scope' of Kubernetes feels a little hacky to me.

想听听您的利弊，评论，以及其他解决向kubernetes集群多播问题的解决方案.

Would like to hear your pros and cons, comments, and maybe other solutions to the problem of multicasting to a kubernetes cluster.

推荐答案

最后，我们选择了方法1，因为它是实现所需功能的有据可查的方法，我可以报告说它能很好地工作.

In the end we picked method 1, as it is the documented way to achieve what we wanted, and I can report that it works fine.

这篇关于到Kubernetes的多播流量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！