需要修改calico.yaml文件

- name: CALICO_IPV4POOL_IPIP
  value: "Always" # 默认是always

或者修改ippool yaml文件

apiVersion: projectcalico.org/v3
kind: IPPool
metadata:
  name: ippool-ipip-1
spec:
  cidr: 192.168.0.0/16
  ipipMode: Always 
  # 注意这里还有subnet模式,假设两个node 都在同一个网段,就会不封装,直接走网络bgp模式
  # 如果不在同一个网段,就会使用ipInip模式
  natOutgoing: true

看下三台主机的路由表
在这里插入图片描述
由master节点上面的10.244.219.64 ping node1 节点上面的10.244.166.141
在master节点上面抓包

# 先看路由表

# 先抓 tunl0
tcpdump -i tunl0 -nn host 10.244.166.141

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tunl0, link-type RAW (Raw IP), capture size 262144 bytes
15:13:52.243553 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 45, length 64
15:13:52.243907 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 45, length 64
15:13:53.243985 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 46, length 64
15:13:53.244233 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 46, length 64
15:13:54.243602 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 47, length 64
15:13:54.244024 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 47, length 64
15:13:55.244525 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 48, length 64
15:13:55.244806 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 48, length 64
15:13:56.244596 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 49, length 64
15:13:56.245027 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 49, length 64

# 在抓ens33
tcpdump -i ens33 -nn host 192.168.64.151
# 做了刷选,找出了两条比较重要的
15:14:31.266588 IP 192.168.64.150 > 192.168.64.151: IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 84, length 64 (ipip-proto-4)
15:14:31.267136 IP 192.168.64.151 > 192.168.64.150: IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 84, length 64 (ipip-proto-4)

从上面抓包可以看出:ipinip做了层封装
在这里插入图片描述
再在node1上面进行抓包

# 在tunl0上面抓包
tcpdump -i tunl0 -nn host 10.244.219.64
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tunl0, link-type RAW (Raw IP), capture size 262144 bytes
15:21:14.764929 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 487, length 64
15:21:14.764976 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 487, length 64
15:21:15.766134 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 488, length 64
15:21:15.766192 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 488, length 64
15:21:16.766671 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 489, length 64
15:21:16.766724 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 489, length 64
15:21:17.767188 IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 490, length 64
15:21:17.767224 IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 490, length 64

# 在ens33上面抓包
tcpdump -i ens33 -nn host 192.168.64.150

15:22:50.834149 IP 192.168.64.150 > 192.168.64.151: IP 10.244.219.64 > 10.244.166.141: ICMP echo request, id 77, seq 583, length 64 (ipip-proto-4)
15:22:50.834256 IP 192.168.64.151 > 192.168.64.150: IP 10.244.166.141 > 10.244.219.64: ICMP echo reply, id 77, seq 583, length 64 (ipip-proto-4)

由上面可以看出:IP in IP的链接方式为:
在这里插入图片描述

# kubernetes
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes