前提: 有2台一样的虚拟机, 都是centos, 同时镜像和配置都一样.
其中一台A装了sealos的k8s, 这台机器的路由信息:
[root@sealos nfs]# ip route show
default via 192.168.8.19 dev eth0
10.0.0.0/24 via 10.0.0.10 dev cilium_host src 10.0.0.10
10.0.0.10 dev cilium_host scope link
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.169.254 via 192.168.8.19 dev eth0 proto static
192.168.8.0/24 dev eth0 proto kernel scope link src 192.168.8.97
[root@sealos nfs]#
[root@sealos nfs]#
[root@sealos nfs]# ping 10.96.3.234
PING 10.96.3.234 (10.96.3.234) 56(84) bytes of data.
64 bytes from 10.96.3.234: icmp_seq=1 ttl=64 time=0.047 ms
64 bytes from 10.96.3.234: icmp_seq=2 ttl=64 time=0.089 ms
^C
--- 10.96.3.234 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1027ms
rtt min/avg/max/mdev = 0.047/0.068/0.089/0.021 ms
[root@sealos nfs]# tracepath 10.96.3.234
1: sealos 0.096ms reached
Resume: pmtu 65535 hops 1 back 1
另外一台B也装了k8s, 但是不是用sealos装的. 路由信息如下:
[root@testk8s-controlplane-xpq2-0 1221]# ip route show
default via 192.168.8.19 dev eth0
blackhole 10.233.65.0/24 proto bird
10.233.65.5 dev cali372240c076f scope link
10.233.65.6 dev cali529f3ba8bde scope link
10.233.65.7 dev cali0456335f20f scope link
10.233.65.8 dev calid8275f0f573 scope link
10.233.65.9 dev cali8b56182ddcf scope link
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.169.254 via 192.168.8.19 dev eth0 proto static
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.8.0/24 dev eth0 proto kernel scope link src 192.168.8.90
[root@testk8s-controlplane-xpq2-0 1221]# ping 10.233.48.184
PING 10.233.48.184 (10.233.48.184) 56(84) bytes of data.
64 bytes from 10.233.48.184: icmp_seq=1 ttl=64 time=0.046 ms
64 bytes from 10.233.48.184: icmp_seq=2 ttl=64 time=0.058 ms
^C
--- 10.233.48.184 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.046/0.052/0.058/0.006 ms
[root@testk8s-controlplane-xpq2-0 1221]# 10.96.3.234^C
[root@testk8s-controlplane-xpq2-0 1221]# tracepath 10.233.48.184
1: testk8s-controlplane-xpq2-0 0.069ms reached
Resume: pmtu 65535 hops 1 back 1
经过比对发现, 这2台对 10网段的路由逻辑不一样. 具体可以看上面针对10网段的路由.
这个路由的问题, 导致了我的一个场景:
比如A机器, 也就是sealos机器构建出来的k8s的内部网络为 10.96.0.0 网段. 那么我从外部网络做一条静态路由
目的: 10.96.0.0 子网掩码 255.255.0.0 网关 也就是sealos的节点ip 192.168.8.97
这个逻辑的话, 就没法路由进去.
同样的逻辑, 在B机器上是可以的.
所以, 我的问题是, sealos 可以实现我想要的这个逻辑的吗?