Sunday Blog

人生是一场刻意练习

Kubernetes Network Policies 网络策略

Kubernetes Network Policies

https://kubernetes.io/docs/concepts/services-networking/network-policies/ Network Policy提供了基于策略的网络控制,用于隔离应用并减少攻击面。它使用标签选择器模拟传统的分段网络,并通过策略控制它们之间的流量以及来自

Posted by BlueFat on Wednesday, November 25, 2020

网络插件 Calico 安装

Calico Install

安装 # 直接etcd认证更高性能 curl https://raw.githubusercontent.com/projectcalico/calico/v3.24.5/manifests/calico-etcd.yaml -O # https://docs.projectcalico.org/getting-started/kubernetes/installation/config-options 这里以apiserver认证方式安装 wget https://docs.projectcalico.org/manifests/calico.yaml --no-check-certificate 修改pod网段 vim calico.yaml POD_CIDR="172.16.0.0/12" sed -i 's@# - name: CALICO_IPV4POOL_CIDR@- name: CALICO_IPV4POOL_CIDR@' calico.yaml sed -i 's@# value: "192.168.0.0/16"@ value: '"$POD_CIDR"'@' calico.yaml kubectl apply

Posted by BlueFat on Thursday, January 23, 2020

Linxu在NAT或SLB负载环境配置内核tcp_tw_recycle参数导致SYN重传

Tcp_tw_recle_syn_repeat

公司的网络环境下打开App加载奇慢或者无响应,各路排查是当时优化了内核net.ipv4.tcp_tw_recycle快速回收time_wai

Posted by BlueFat on Thursday, May 24, 2018

avatar

开心的蓝胖

QUICK LINKS
FEATURED TAGS
ansible bash calico containerd docker grpc https kernel kubernetes linux lvs mysql network nginx prometheus python rabbitmq rocketmq shell sort ssh tcp tcpdump 性能 排序 正则表达式 算法 递归 闭包
FRIENDS