到 Kubernetes 的多播流量 [英] Multicast traffic to Kubernetes

问题描述

我希望我的 Pod 接收从我的 kubernetes 集群外部流向我节点中特定端口的多播网络流量.

I want my pods to receive multicast network traffic flowing from outside of my kubernetes cluster to specific ports in my nodes.

我正在考虑两种解决方案:

I'm considering two solutions:

1. 将 hostNetwork: true 标志与 hostPort 配置一起添加到他们的 yaml 文件中，以便直接接收到 pod 的流量.莉>
2. 使用 iptables 命令将节点上的流量从 eth0 接口本地转发到 docker0 接口.

1. Adding hostNetwork: true flag to their yaml file along with hostPort configuration in order to receive the traffic directly to the pod.
2. Forwarding the traffic locally on the nodes from eth0 interface to docker0 interface using iptables command.

方法1是Kubernetes的官方特性，但是感觉就像打破了docker最初强加的安全墙，可能会导致端口与主机进程等发生冲突.

Method 1 is an official feature in Kubernetes, but it feels like breaking a security wall that docker originally imposed, and might cause port collisions with host's processes, etc.

另一方面，方法 2 将多播网络流量透明地转发到 Pod.
尽管事实上我可以使用自动化工具来传播这个配置(ansible/salt 等)，但任何配置超出 Kubernetes 范围"的东西对我来说都感觉有点麻烦.

Method 2 on the other hand transparently forwards the multicast network traffic to the pods.
Despite the fact I can use an automation tool to spread this configuration (ansible/salt etc), anything configured 'out of the scope' of Kubernetes feels a little hacky to me.

想听听您的优缺点、评论，以及针对向 kubernetes 集群进行多播的问题的其他解决方案.

Would like to hear your pros and cons, comments, and maybe other solutions to the problem of multicasting to a kubernetes cluster.

推荐答案

最后我们选择了方法 1，因为它是实现我们想要的文档的方式，我可以报告它工作正常.

In the end we picked method 1, as it is the documented way to achieve what we wanted, and I can report that it works fine.

这篇关于到 Kubernetes 的多播流量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！