Networking among kubernetes minions

I installed an 8-node kubernetes cluster (1 master + 7 minion) but I faced a networking problem among minions.

I installed my cluster according to this step-by-step Fedora manual, so I use Fedora 20 with its testing repository to get kubernetes binaries.

  • Docker for Mac: x509: certificate signed by unknown authority error
  • udevadm does not show all attributes inside a docker container
  • I have no overlayfs driver in /var/lib/docker
  • Using Docker Kitematic, how can I switch to different docker machine?
  • Exception occuring when updating database schema in symfony
  • Can't start docker
  • After installing, I wanted to try the guestbook example, but it seems to me there is a problem with the inter-container networking.

    Although containers/PODs are in running state and I can reach my 3 frontend containers (via browser) and the redis containers as well (via natcat), but the frontend, which not on the same host with the redis, cannot reach redis master. The frontend’s PHP give back network exception.

    Can anybody help me why the containers cannot reach each other among the hosts?

    I hope I could describe my setup enough accurately and thanks in advance.

  • How to create docker image for postgis that will enable extension at build time or before container fully running?
  • PHP 7 install on Ubuntu 14.04 now fails due to libssl dependency that cant be resolved?
  • PULL Docker container/image
  • Can't reach Asp.Net Core inside Docker
  • Deploy to JBoss from Docker Jenkins Container
  • Integrating Docker into the existing TFS-based infrastructure (not web-apps) [closed]
  • One Solution collect form web for “Networking among kubernetes minions”

    The Fedora guide you followed will only get you running on a single machine. It avoids the issues around setting up networking across nodes.

    For kubernetes to work, the following network set up must be satisfied:

    1. Every container should be able to talk to every other container, even across nodes. This means also that the bridge IP range for those containers must not overlap.
    2. Code running on any node that isn’t in a container should be able to reach every container (and vise-versa), even across nodes.
    3. It is not necessary (but useful) if computers on the network that aren’t part of the cluster can reach the containers directly.

    There are a lot of ways to achieve this — for instance the set up for vagrant sets up GRE tunnels between each node. On GCE we use features of the platform to do the routing. If you are on physical machines on a switch you can probably just do a big layer 2 network w/ bridges. A bulletproof way to get started (but perhaps not the most performant, depending on your set up) is to use something like flannel.

    We are working on making this stuff easier to start up (without using a mess of shell scripts) and are thinking of building something like flannel in so that there is a reasonable default.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.