Add on: Multus

This feature is currently only available in the ‘edge’ channel

Multus is a CNI manager which enables attaching multiple network interfaces to pods in Kubernetes (details here).

The install is transparent and the current CNI plugin is carried forward as the default in Multus. With Multus enabled, users can easily add multiple interfaces to pods using varying CNI plugins (like bridge, macvlan, ipvlan, ptp, etc.).

This is handy for small local cases where you want to attach to local networks/vlans or in much more complex setups where multiple more fully featured CNI plugins can be used simultaneously.

Enable the Multus add-on by running the command:

microk8s enable multus

You can confirm it’s installed by verifying the daemonset is running:

microk8s kubectl get pods -n kube-system --selector=app=multus

Which should return output similar to the following:

NAME                         READY   STATUS    RESTARTS   AGE
kube-multus-ds-amd64-gtxq2   1/1     Running   0          2m36s

Once enabled you can create network attachment definitions for various networks you want your pods to connect to. Here is an example that creates two networks that attach to Linux bridges (br100 & br200) on the host machine:

---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: home-network
spec:
  config: '{
    "cniVersion": "0.3.1",
    "name": "home-network",
    "type": "bridge",
    "bridge": "br100",
    "isDefaultGateway": false,
    "forceAddress": false,
    "ipMasq": false,
    "hairpinMode": false,
    "ipam": {
      "type": "host-local",
      "subnet": "192.168.1.0/24",
      "rangeStart": "192.168.1.201",
      "rangeEnd": "192.168.1.250",
      "routes": [
        { "dst": "0.0.0.0/0" }
      ],
      "gateway": "192.168.1.1"
    }
  }'
---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
  name: home-network
spec:
  config: '{
    "cniVersion": "0.3.1",
    "name": "work-network",
    "type": "bridge",
    "bridge": "br200",
    "isDefaultGateway": false,
    "forceAddress": false,
    "ipMasq": false,
    "hairpinMode": false,
    "ipam": {
      "type": "host-local",
      "subnet": "192.168.2.0/24",
      "rangeStart": "192.168.2.201",
      "rangeEnd": "192.168.2.250",
      "routes": [
        { "dst": "0.0.0.0/0" }
      ],
      "gateway": "192.168.2.1"
    }
  }'

Then you can create pods that attach to those networks using annotations. Here is an example of an alpine image that connects to the two above networks:

---
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: multus-alpine
  name: multus-alpine
  namespace: default
  annotations:
    k8s.v1.cni.cncf.io/networks: '[
      {
         "name" : "home-network",
         "interface": "eth1",
         "ips": ["192.168.1.205"]
      },
      {
         "name" : "work-network",
         "interface": "eth2",
         "ips": ["192.168.2.210"]
      }
    ]'
spec:
  containers:
    - name: multus-alpine
      image: alpine:latest
      command: ["sh"]
      args: ["-c", "while [ true ]; do ifconfig; sleep 3; done"]
  restartPolicy: Always

This example uses an assigned IP but if you leave it out one will be assigned from the network range.

Should you need to disable the plugin you can do so by running:

microk8s disable multus

More details can be found at the Multus page. In particular here:
Network Attachment Definitions
Network Annotaions


Last updated 4 months ago.