CODEWITHSUNDEEP
kuberneteshostnetwork
Mohan Parthasarathy
Mohan Parthasarathy

Reputation: 31

Setting hostNetwork:true does not expose the host interfaces

I have a very simple program:

package main

import (
    "fmt"
    "github.com/vishvananda/netlink"
    )

func main() {
    _, err := netlink.LinkByName("wlp164s0")
    if err != nil {
        fmt.Println("error finding VIP Interface, for building DHCP Link : %v", err)
        return
    }
    fmt.Println("Worked..")
}

If I create a docker image and run it with "--net host", this program prints "Worked". It is able to find the interface wlp164s0.

If I create a k8s deployment like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: netlink-example
  labels:
    app: netlink-example
spec:
  replicas: 1
  selector:
    matchLabels:
      app: netlink-example
  template:
    metadata:
      labels:
        app: netlink-example
    spec:
      hostNetwork: true
      containers:
      - name: netlink
        image: suruti94/netlink:0.1
        imagePullPolicy: IfNotPresent
      hostNetwork: true
      nodeSelector:
        kubernetes.io/os: linux

This program prints the error indicating that it can't lookup the interface which means the "hostNetwork: true" is not taking effect. From all my research, this looks right. Any help would be appreciated. I am running this program on Ubuntu 21.04, k8s version 1.22.

Upvotes: 1

Views: 3391

Answers (1)

Mohan Parthasarathy
Mohan Parthasarathy

Reputation: 31

After some experimentation, I have come to an understanding that the docker option "--net host" is not the same as "hostNetwork: true" in k8s. I wrongly assumed they produce similar behavior.

  • docker --net host option makes the host interfaces available in the container which is useful for some applications
  • When you deploy a pod with hostNetwork:true, it means the host network is reachable from the pod. By default when a pod is deployed (I verified this on my local machine using Kind) the host network is reachable. I can see the veth interface connected to the bridge on the host. Even with hostNetwork: false, I was able to update packages on my pod.So, not sure what to make out of this setting. At this stage, I am concluding that there is no option to expose the host interface directly on the pod.

Upvotes: 1

Related Questions