Managed Kubernetes
Latest
Frequently Asked Questions
Solutions
How Tos
Internal Only
Templates
Powered By
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
How-To: Identify The Virtual Interface of a Pod in the Root Namespace Using Flannel as the Network Backend
Copy Markdown
Open in ChatGPT
Open in Claude
Problem
Identify the virtual interface of a particular pod in the root namespace of the node using flannel as Network backend.
Environment
- Platform9 Managed Kubernetes - All Versions
- Flannel
Procedure
- Use the docker command to identify the pause container for the pod as it holds the network namespace for the pod.
x
# docker ps | grep -i busybox2 | grep pause f15ae72287e0 k8s.gcr.io/pause:3.1 "/pause" 2 minutes ago Up 2 minutes k8s_POD_mybusybox2_default_2a12aac4-ed54-4c99-aa0e-be32f793f41d_0- Run docker inspect on the container Id obtained from the above command and look for the SandboxKey to get the namespace created for the pod.
xxxxxxxxxx# docker inspect f15ae72287e0 | grep -i sandboxkey "SandboxKey": "/var/run/docker/netns/5048a1a60e3b",- Use nsenter to get the interface details within the pod namespace.
xxxxxxxxxx# nsenter --net=/var/run/docker/netns/5048a1a60e3b ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft forever 3: eth0@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1472 qdisc noqueue state UP group defaultlink/ether 86:5f:a6:c3:8a:61 brd ff:ff:ff:ff:ff:ff link-netnsid 0inet 10.20.88.6/24 brd 10.20.88.255 scope global eth0valid_lft forever preferred_lft foreverip netns command can not be used for the docker namespaces as it only knows about namespaces listed in /var/run/netns/
- Run ethtool on the interface with the pod's IP in the namespace above to obtain the peer index of the Veth-pair for the interface
xxxxxxxxxx# nsenter --net=/var/run/docker/netns/5048a1a60e3b ethtool -S eth0 | grep -i peer peer_ifindex: 27 - List the network interface on the node (root namespace) using ip command, the interface listed at the index obtained in the above step ( 27 in this case ) is the virtual interface for the pod in the root namespace.
xxxxxxxxxx# ip a..27: vetha2fb55e7@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1472 qdisc noqueue master cni0 state UP group defaultlink/ether b6:76:f3:c9:a4:3c brd ff:ff:ff:ff:ff:ff link-netnsid 2inet6 fe80::b476:f3ff:fec9:a43c/64 scope linkvalid_lft forever preferred_lft foreverVariableType to search · ESC to discard
GlossaryType to search · ESC to discard
InsertType to search · ESC to discard
No matches
Last updated on
Was this page helpful?
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message