K
Q

Second NIC with Macvlan on GKE

3/9/2021

I need to add a second interface to some of the specific K8s pods on GKE that need to be accessible directly from public users on the Internet. So I used Multus and defined a Macvlan cni like this:

apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: macvlan-conf
spec:
  config: '{
      "cniVersion": "0.3.1",
      "type": "macvlan",
      "master": "eth0",
      "mode": "bridge",
      "ipam": {
        "type": "host-local",
        "subnet": "10.162.0.0/20",
        "rangeStart": "10.162.0.100",
        "rangeEnd": "10.162.0.150",
        "routes": [
          { "dst": "0.0.0.0/0" }
        ],
        "gateway": "10.162.0.1"
      }
    }'

10.162.0.1 is the default gateway of my K8s nodes in GCP. So, I imagine that in this case, pods should have the access to the outside. But in pods, just there is one default gateway that routes the internal pods traffic. Also, I can't add any route because of the privileges issues.

Question:

My expectation is wrong? How I should use Macvlan to create a public interface for those pods?

-- PSDK
gke-networking
google-kubernetes-engine
kubernetes
macvlan

Similar Questions

Certificate error when deploying Hashicorp Vault with Kubernetes Auth Method on AWS EKS
Trouble connecting to postgres from outside Kubernetes cluster
Kubernetes services cannot reach each other anymore
Azure Devops Kubernetes - how to upload .yaml file as Artifact
how to access the attribute with colon in attribute name in helm template

0 Answers