Overlay- manifests

Question

Overlay- manifests

cse578group29 opened this issue 3 years ago · 11 comments

Hello, if applying the manifests/overlay, will it create vxlan interface? The overaly/e2e is same as base. Would you please explain more details about how to create vxlan by meshnet-cni? Thank you!

Answer 1 · 2022-02-03T20:50:12.000Z

overlay/e2e is only used for testing. It follow the structure of kustomize manifests.
meshnet creates vxlan or veth interface depending on where the peer pod is located. if it's on the same node - it'll create veth, if it's on a different node - it'll create a vxlan intf

Answer 2 · 2022-02-03T21:24:58.000Z

Can meshnet create vxlan for pods on different nodes when applying manifests/base? In my system, calico + meshnet/base is installed, there is no vxlan intf in the pods created (pods on different nodes can ping ), seems it communicate through calico path not the vxlan.

Answer 3 · 2022-02-03T21:56:19.000Z

calico (or any other CNI plugin) will only plug in a single interface, eth0.
meshnet, on the other hand, was created to plug in other interfaces, e.g. eth1, swp99 in addition to the default eth0.
Applying meshnet manifests simply installs the CRDs and daemonset inside the cluster. You then need to tell it how to interconnect the pods and create the pods themselves.
Have a look at examples in ./tests directory. For example https://github.com/networkop/meshnet-cni/blob/master/tests/2node.yml would create a kind: Topology for the two pods and towards the bottom contains the pod manifests themselves.

Answer 4 · 2022-02-03T23:09:35.000Z

Thanks! By applying the 2node.yml , only 3 pods (r1,r2,r4) are created. What's r3 for in this yml file? might be some typo in this file?

apiVersion: networkop.co.uk/v1beta1
kind: Topology
metadata:
name: r3
spec:
links:
- uid: 2
  peer_pod: r4
  local_intf: eth1
  peer_intf: eth1

Answer 5 · 2022-02-04T09:01:07.000Z

I think this is a left-over (mistake). It shouldn't be there.

Answer 6 · 2022-02-04T18:29:03.000Z

Thanks for the clarification. I have applied the 3node.yml by adjusting IPs to the private ones. By using tcpdump, I can capture icmp between pod2-pod3, but can't capture any traffic between pod3-pod1 (still can ping!). Any suggestion on this issue?

Answer 7 · 2022-02-04T20:14:14.000Z

so p2 and ping p3 but neither can ping p1? is that right? can you provide the output of kubectl get pod -A -owide?

Answer 8 · 2022-02-04T21:25:41.000Z

ping p2<->p3, p2<->p1, and p1<->p3 all work, but can't capture traffic through tcpdump for p1<->p3.
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
r1 1/1 Running 0 20h 10.0.190.92 n0028
r2 1/1 Running 0 20h 10.0.247.232 n0027
r3 1/1 Running 0 20h 10.0.190.93 n00528

Answer 9 · 2022-02-04T21:30:24.000Z

ok, got it. and can you show how you capture the traffic?

Answer 10 · 2022-02-04T21:39:25.000Z

use tcpdump on p3 to capture all traffic, then ping from p3 to p2 and to p1.

Updates--- by re-creating a 5node topology, I can capture all traffic among nodes through vxlan. Still don't know why 3node has issue, but for 5nodes case, meshnet works as expectation. Thanks

Answer 11 · 2022-02-05T15:00:52.000Z

I think if two pods end up on the same node, the veth link between them is not visible in the root network namespace (where you do the packet pacture), hence you can't see the packets. Best way to capture would be inside the pod itself.