How to ensure there's an eth0 in docker container?

PHPBird
April 18, 2023
166 views
2 votes
3 Answers

In k8s, I want my server to listen on podIP rather than 127.0.0.1 or 0.0.0.0. But the podIP is dynamically allocated, so I want to do something like:

ip := getIPFromNic("eth0")
net.Listen(ip)

But I don’t know how to ensure the nic in pod is called eth0 rather than en0 or others. Should I do something in Dockerfile or should I do something in deployment.yaml?

I tried to search on google, but didn’t find any related resources about the nic in docker. Most of the blogs are talking about the veth and docker bridge

Tags: docker kubernetes

Answers

Chosen as BEST ANSWER
- PHPBird
- April 26, 2023 at 1:43 pm
- 0 votes
0
After digging into this problem, I found that the network interface name is controlled by the kubelet, it's a cluster wide configuration that can't be changed by the users. By default, the nic name is eth0, and if you're not sure, you can check any pod in the cluster to confirm that.

In practice, it's recommended to use downward api to pass the PodIP as an env var to the pod, thus you can get the PodIP easily. But my case is a little special, the application's config file(mounted as a configmap) need a listen addr, which must be either an ip address or a nic name. That's why I need a fixed value.

(Edit)

- ArefRiant
- April 18, 2023 at 8:26 am
- 0 votes
0
1. Your pods ip address is present in:
  /proc/1/task/1/net/fib_trie
  file
mine is like:
```
 cat /proc/1/task/1/net/fib_trie
Main:
  +-- 0.0.0.0/1 2 0 2
     +-- 0.0.0.0/4 2 0 2
        |-- 0.0.0.0
           /0 universe UNICAST
        +-- 10.0.0.0/24 2 0 2
           |-- 10.0.0.45
              /32 host LOCAL
           |-- 10.0.0.184
              /32 link UNICAST
     +-- 127.0.0.0/8 2 0 2
        +-- 127.0.0.0/31 1 0 0
           |-- 127.0.0.0
              /32 link BROADCAST
              /8 host LOCAL
           |-- 127.0.0.1
              /32 host LOCAL
        |-- 127.255.255.255
           /32 link BROADCAST
```
and 10.0.0.45 is my pod ip address
1. also if you have enough privileges, you can use kubernetes rest api to access pod information:
curl -s -H "Authorization: Bearer $YOUR_TOKEN" https://$KUBERNETES_SERVICE_HOST/api/v1/namespaces/$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)/pods/$(hostname)/ | grep "podIP" | awk '{print $2}' | tr -d '",'

unfortunately default privileges of cat /var/run/secrets/kubernetes.io/serviceaccount/token is not enough for this request.
Login or Signup to reply.

You can get the pod ip from Kubernetes rather than trying to look it up from the interface (or files in /proc).

You can expose information about a Pod as environment variables; the documentation includes this example; look in particular at how MY_POD_IP is set:

apiVersion: v1
kind: Pod
metadata:
  name: dapi-envars-fieldref
spec:
  containers:
    - name: test-container
      image: registry.k8s.io/busybox
      command: [ "sh", "-c"]
      args:
      - while true; do
          echo -en 'n';
          printenv MY_NODE_NAME MY_POD_NAME MY_POD_NAMESPACE;
          printenv MY_POD_IP MY_POD_SERVICE_ACCOUNT;
          sleep 10;
        done;
      env:
        - name: MY_NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: MY_POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: MY_POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: MY_POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: MY_POD_SERVICE_ACCOUNT
          valueFrom:
            fieldRef:
              fieldPath: spec.serviceAccountName
  restartPolicy: Never

You can an example of this in use in the node_exporter manifests from the kube-prometheus project.

Please signup or login to give your own answer.

Click here to cancel reply.