Skip to main content

Day-32 - Pod Networking & Linux Network Namespaces in Kubernetes

 Today’s deep dive was all about Pod Networking & Linux Network Namespaces in Kubernetes


Day-32 - Pod Networking & Linux Network Namespaces in Kubernetes 

We explored what actually happens behind the scenes when a Pod starts — and how containers inside a Pod share the same network namespace using a pause container.

Here’s what we covered:
1) Understood how the pause container manages the Pod’s shared network stack
2) Explored how veth pairs connect Pods to the host network
3) Used commands like ip netns, lsns, and ip link to inspect namespaces
4) Learned how to trace network interfaces between Pods and Nodes
5) Saw how different CNI plugins (like Calico, Flannel, etc.) create and manage virtual networks

Key takeaway:
Every Pod in Kubernetes gets its own isolated network namespace, but all containers inside that Pod share it — enabling communication via localhost. The pause container is the hidden hero that keeps this namespace alive even when app containers restart.

Pro Tip:
Use kubectl exec and ip netns exec to explore how Pods connect to the host it’s one of the best ways to truly understand Kubernetes networking in action.


Comments

Post a Comment

Popular posts from this blog

  "Cloud zone insights not available yet, please check after some time" message on Aria Automation https://knowledge.broadcom.com/external/article?articleNumber=314894 Products VMware Aria Suite Issue/Introduction Symptoms: The certificate for Aria operations has been replaced since it was initially added to Aria Automation as an integration. When accessing the Insights pane under  Cloud Assembly  ->  Infrastructure  ->  Cloud Zone  ->  Insights  the following message is displayed:   "Cloud zone insights not available yet, please check after some time." The  /var/log/services-logs/prelude/hcmp-service-app/file-logs/hcmp-service-app.log  file contains ssl errors similar to:   2022-08-25T20:06:43.989Z ERROR hcmp-service [host='hcmp-service-app-xxxxxxx-xxxx' thread='Thread-56' user='' org='<org_id>' trace='<trace_id>' parent='<parent_id>' span='<span_id>'] c.v.a.h.a.common.AlertEnu...
Post a Comment
Read more
  Scheduled workflows fail post upgrade of VMware Aria Automation/VMware Aria Orchestrator to version 8.18 Issue/Introduction Workflows scheduled in the VMware Aria Orchestrator fail after upgrading to VMware Aria Automation/VMware Aria Orchestrator version 8.18. The same workflows run successfully when executed manually (without scheduling). Environment   It affects both Standalone VMware Aria Orchestrator and embedded VMware Aria Orchestrator. Cause The issue is due to regressions in the VMware vCenter (VC) plugin on VMware Aria Automation/VMware Aria Orchestrator 8.18. Resolution This is a known issue with the VMware Aria Automation/VMware Aria Orchestrator 8.18 and the workaround is to update the VC plugin on VMware Aria Orchestrator with the latest version (attached with the KB). Alternatively, wait for the official fix in VMware Aria Automation/VMware Aria Orchestrator 8.18.1. Workaround :               Note: Take (non-memory)  sna...
Post a Comment
Read more

Top 10 high-level EC2 scenario-based questions to challenge your AWS & DevOps skills

 Here are 10 high-level EC2 scenario-based questions to challenge your AWS & DevOps skills 1. Your EC2 instance is running but you can’t connect via SSH. What troubleshooting steps will you take?  Check Security Group inbound rules (port 22 open to your IP).  Verify Network ACLs (NACLs not blocking inbound/outbound).  Confirm instance’s Public IP / Elastic IP.  Validate Key Pair and correct permissions on .pem.  Ensure SSM Agent is installed (Session Manager can help).  Check system logs on the console for OS-level issues. 2. You terminated an EC2 instance by mistake. How can you prevent this in the future? Enable Termination Protection in EC2 settings. Use IAM permissions to restrict TerminateInstances. Tag critical instances and set resource policies. 3. Your EC2 instance needs to access an S3 bucket securely. What’s the best way to configure this? Best practice: Attach an IAM Role with least privilege policy to the EC2 instance. Avoid hardcoding...
Post a Comment
Read more