1 00:00:00,120 --> 00:00:01,700 Hello and welcome to this lecture. 2 00:00:01,730 --> 00:00:06,930 In this lecture will discuss about CNI in Kubernetes in the prerequisite lectures 3 00:00:06,930 --> 00:00:11,190 We started all the way from the absolute basics of network namespaces. 4 00:00:11,220 --> 00:00:16,410 then we saw how it is done in Docker, we then discussed why you need standards for networking containers 5 00:00:16,530 --> 00:00:19,290 and how the container network interface came to be 6 00:00:19,290 --> 00:00:22,650 and then we saw a list of supported plugins available with CNI. 7 00:00:22,680 --> 00:00:28,560 In this lecture we will see how kubernetes is configured to use these network plugins. As we discussed in the 8 00:00:28,560 --> 00:00:35,350 pre-requisite lecture CNI defines the responsibilities of container runtime. As per CNI, container runtimes, 9 00:00:35,370 --> 00:00:41,310 in our case Kubernetes, is responsible for creating container network namespaces, identifying and 10 00:00:41,310 --> 00:00:45,620 attaching those namespaces to the right network by calling the right network plugin. 11 00:00:45,630 --> 00:00:52,380 So where do we specify the CNI plugins for Kubernetes to use? The CNI plugin must be invoked by the 12 00:00:52,410 --> 00:00:58,050 component within Kubernetes that is responsible for creating containers. Because that component 13 00:00:58,200 --> 00:01:03,020 must then invoke the appropriate network plugin after the container is created. 14 00:01:03,060 --> 00:01:07,820 The CNI plugin is configured in the kubelet service on each node in the cluster. 15 00:01:07,830 --> 00:01:14,110 If you look at the kubelet service file, you will see an option called network-plugin set to CNI. 16 00:01:14,130 --> 00:01:18,060 You can see the same information on viewing the running kubelet service. 17 00:01:18,060 --> 00:01:24,270 You can see the network plugins set to CNI and a few other options related to CNI such as the CNI bin 18 00:01:24,330 --> 00:01:26,890 directory and CNI Config directory. 19 00:01:26,890 --> 00:01:34,380 The CNI bin directory has all the supported CNI plugins as executables. Such as the bridge, dhcp, flannel 20 00:01:34,440 --> 00:01:39,030 etc. The CNI conflict directory has a set of configuration files. 21 00:01:39,030 --> 00:01:43,980 This is where kubelet looks to find out which plugin needs to be used. In this case 22 00:01:43,980 --> 00:01:47,780 it finds the bridge configuration file. If there are multiple files here, 23 00:01:47,790 --> 00:01:50,430 It will choose the one in alphabetical order. 24 00:01:50,490 --> 00:01:53,670 If you look at the bridge conf file, it looks like this. 25 00:01:53,700 --> 00:01:58,660 This is a format defined by the CNI standard for a plugin configuration file. 26 00:01:58,710 --> 00:02:01,460 . It’s name is mynet, type is bridge. 27 00:02:01,560 --> 00:02:07,620 It also has a set of other configurations which can be related to the concepts we discussed in the prerequisite 28 00:02:07,620 --> 00:02:13,410 lectures on bridging, routing and Masquerading in NAT. The isGateway defines whether the bridge network 29 00:02:13,410 --> 00:02:18,990 interface should get an IP address assigned so it can act as a gateway. The ipMasquerade defines 30 00:02:19,010 --> 00:02:24,780 if a NAT rule should be added for IP masquerading. The IPAM section defines IPAM configuration. 31 00:02:24,780 --> 00:02:30,630 This is where you specify the subnet or the range of IP addresses that will be assigned to pods and 32 00:02:30,690 --> 00:02:37,050 any necessary routes. The type host-local indicates that the IP addresses are managed locally on this 33 00:02:37,050 --> 00:02:37,370 host. 34 00:02:37,470 --> 00:02:44,540 Unlike a DHCP server maintaining it remotely. The type can also be set to DHCP to configure an external DHCP 35 00:02:44,540 --> 00:02:44,990 server. 36 00:02:45,030 --> 00:02:46,540 Well the set for this lecture. 37 00:02:46,560 --> 00:02:51,600 Head over to the practice exercises and practice working with CNI in Kubernetes.