This document discusses how to deal with a second network interface in Kubernetes. It explains that having multiple interfaces is necessary for network functions and OpenStack deployments. CNI plugins like Multus and Genie allow containers to have multiple interfaces. The challenges are that Kubernetes does not have service and endpoint resources for the second interface, and components like CoreDNS and kube-proxy lack related information. To address this, the document proposes establishing a service mechanism, DNS resolution, and load balancing for the second interface. It provides examples of using projects to record pod IPs, DNS servers like CoreDNS, and discusses load balancing algorithms.

1. How to deal second interface
service discovery and load balance
in Kubernetes
李孟澤@NUTC
1

2. Agenda
● Why need multiple interface
● What is CNI
● Does CNI support multiple interface
○ Multus
○ Genie
● Challenge
● What to do
● How to do
● Demo
2

3. Why need multiple interface
● Deploying Network Functions (NFV) as pods. This requires at least two
interfaces.
○ Control Plane Interface
○ User Plane Interface
3

4. Why need multiple interface
4

5. Why need multiple interface
5

6. Why need multiple interface
● Openstack deployments typically use multiple networks for security and
QoS isolation (e.g. storage) purposes
6

7. Why need multiple interface
7

8. Why need multiple interface
8
● If we need a high throughput and low latency network
○ SR-IOV
○ DPDK
○ DRMA

9. Why need multiple interface
9

10. Why need multiple interface
10

11. Why need multiple interface
11

12. What is CNI
12

13. What is CNI
13
A lot of plugin provide many basic functions in the CNI project,We can
combine these basic functions and write new CNI
● bridge
● host-device
● ipvlan
● macvlan
● ptp
● vlan
● loopback

14. What is CNI
14

15. Does CNI supprot multiple interface
15
In traditional CNI based networking the orchestrator (Kubernetes)
allows to use a single CNI plugin to cater container networking.
● Flannel
● Calico
● Weave
● Canal
● e.t.c..

16. Does CNI supprot multiple interface
16
Multiple interface support for containers has become a prime
requirement in the coming versions
● Proposals to support multiple network interfaces are being
discussed currently in the community
○ Multus
○ Genie
○ damn
○ Knitter

17. CNI-Multus
17
● Multus is a latin word for "Multi”
● Created by Intel
● Provides multiple network interface in container
● Contact between the container runtime and other plugins

18. CNI-Genie
18
● Created by Intel
● Provides multiple network interface in container
● Contact between the container runtime and other plugins
CNI Genie

19. CNI-Multus/Genie
19

20. CNI-Multus/Genie
20

21. Challenge
21

22. ● call service by FQDN
○ default.svc.cluster.local
Challenge
22

23. Challenge
23

24. Challenge
24

25. Challenge
25

26. Challenge
26

27. Challenge
27

28. Challenge
28

29. Challenge
29

30. Challenge
30
● However, there is no Service and Endpoint resource type for the
second network interface on Kubernetes
● Kubernetes coreDNS components cannot get related information
● Kube-proxy component has no related information and cannot
create a load balance rule.

31. What to do
31
● Establish a Service mechanism for the second network interface
● Establish FQDN resolution component of the second network
interface
● Establish a load balancing mechanism for the second network
interface

32. How to do
32
● Establish a Service mechanism for the second network interface
○ Record the IP of the Pod second network interface
● Establish FQDN resolution component of the second network
interface
○ Find a tool that can support DNS resolution
● Establish a load balancing mechanism for the second network
interface
○ Provide load balancing algorithm
■ Round Robin
■ Random
■ Resource
■ etc.

33. How to do-Record the IP of the Pod second network interface
33
The Linker Network provides an open source project that allows
users to create a second network interface and assign IP the Pod.

34. How to do-Record the IP of the Pod second network interface
34
So we may manage the IP of all the second network interfaces just
like the IPAM of CNI.
At the same time,we can manage all Pod network traffic through
OpenvSwitch (OVS)
Implement policy routing using Software Defined Networking (SDN),
such as Kubernetes Network Policy

35. How to do-Record the IP of the Pod second network interface
35
But there are a lot of IPs to manage, and we need to record which
Deployment has these IPs
We need a place to store this information
● etcd
● zookeeper
● mySQL
● etc.

36. How to do-Find a tool that can support DNS resolution
36
DNS Server can help us resolve FQDN data of the second network
interface
For example, coreDNS helps Kubernetes Service resolve FQDN
Which DNS Servers are suitable and can help us?
● bind9
● coredns
● PowerDNS
● etc.

37. Now we have a place to store the Deployment IP data,as well as a
DNS resolution tool.What is missing?
Of course, Kubernetes' LoadBalance method is still missing.
Then randomly throw the Deployment Pod IP that does not become
a Random mode,right?
In other words... if there is a sequence of throwing Deployment Pod
IP is not RR Mode
How to do-Provide load balancing algorithm
37

38. If you can assign or obtain the IP of the second network interface,
you will be able to provide service discovery of the second network
interface.
As long as you can let Kubernetes Pod find your DNS Servers, you
can do anything about FQDN.
How to do-summary
38

39. DEMO
39

40. 40
Thank you for your attention