This mode is suitable for scenarios that rely on static container IP addresses, for example, migrating a traditional architecture to a container platform and performing security policy restrictions on IP addresses. The static IP address mode is not recommended for services without IP address limits.
You can enable the static IP address using either of the following methods:
Note:If you use this method to enable VPC-CNI, when you create a workload on the console or through YAML, all Pods will use ENIs by default.
Note:
- Enable VPC-CNI Mode with static IP address for GlobalRouter, that is, when creating a cluster, you select the Global Router network add-on, and then enable the VPC-CNI mode (both modes can be used at the same time by default) on the basic information page of the cluster.
- If you use this method to enable VPC-CNI, the Pods cannot use ENIs by default.
Note:
- For scenarios that use static IP addresses, when enabling VPC-CNI, you need to set the IP reclaiming policy to specify when to reclaim the IP addresses after Pods are terminated.
- Pods with non-static IP addresses are not affected by these settings because their IP addresses are immediately released upon Pod termination. These IP addresses are not returned to the VPC, but returned to the IP address pool managed by the container.
In GlobalRouter mode with VPC-CNI enabled, if you have applications to deploy in TKE, which need to use the static Pod IP addresses, you can create a StatefulSets with static IP addresses. Pod created by this type of StatefulSet are assigned with an actual IP address in the VPC through an ENI. The IP addresses are assigned by TKE VPC-CNI add-on. So that when the Pod is restarted or migrated, the IP address can be unchanged.
By using StatefulSets with static IP addresses, you can:
Note:When StatefulSets with static IP addresses are used, the static IP addresses survive only within the lifecycle of their StatefulSets.
You can create the static IP address using either of the following methods:
Creating StatefulSets with Static IP Addresses via TKE console
Creating via YAML
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
k8s-app: busybox
name: busybox
namespace: default
spec:
replicas: 3
selector:
matchLabels:
k8s-app: busybox
qcloud-app: busybox
serviceName: ""
template:
metadata:
annotations:
tke.cloud.tencent.com/networks: "tke-route-eni"
tke.cloud.tencent.com/vpc-ip-claim-delete-policy: Never
creationTimestamp: null
labels:
k8s-app: busybox
qcloud-app: busybox
spec:
containers:
- args:
- "10000000000"
command:
- sleep
image: busybox
imagePullPolicy: Always
name: busybox
resources:
limits:
tke.cloud.tencent.com/eni-ip: "1"
requests:
tke.cloud.tencent.com/eni-ip: "1"
tke.cloud.tencent.com/networks: "tke-route-eni"
indicates that the Pod uses the VPC-CNI mode with shared ENI. If you use the VPC-CNI mode with independent ENI, please modify the value to "tke-direct-eni"
.tke.cloud.tencent.com/vpc-ip-claim-delete-policy
. Its default value is “Immediate”, that is, when a Pod is terminated, the associated IP address is also terminated. To use a static IP address, set it to “Never”, that is, a Pod is terminated, but the associated IP address will be retained. When a Pod with the same name as the terminated Pod is pulled the next time, the original IP address is used.tke.cloud.tencent.com/eni-ip
. If you are using the VPC-CNI mode with independent ENI, add tke.cloud.tencent.com/direct-eni
.
Apakah halaman ini membantu?