github.com/imran-kn/cilium-fork@v1.6.9/Documentation/gettingstarted/cni-chaining-portmap.rst

github.com/imran-kn/cilium-fork@v1.6.9/Documentation/gettingstarted/cni-chaining-portmap.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      http://docs.cilium.io
     6  
     7  ******************
     8  Portmap (HostPort)
     9  ******************
    10  
    11  If you want to use the Kubernetes HostPort feature, you must enable CNI
    12  chaining with the portmap plugin which implements HostPort. This guide
    13  documents how to do so.  For more information about the Kubernetes HostPort
    14  feature , check out the upstream documentation:
    15  `Kubernetes hostPort-CNI plugin documentation
    16  <https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/#support-hostport>`_.
    17  
    18  .. note::
    19  
    20     Before using HostPort, read the `Kubernetes Configuration Best Practices
    21     <https://kubernetes.io/docs/concepts/configuration/overview/>`_ to
    22     understand the implications of this feature.
    23  
    24  Deploy Cilium with the portmap plugin enabled
    25  =============================================
    26  
    27  .. include:: k8s-install-download-release.rst
    28  
    29  Generate the required YAML file and deploy it:
    30  
    31  .. code:: bash
    32  
    33      helm template cilium \
    34        --namespace=kube-system \
    35        --set global.cni.chainingMode=portmap \
    36        > cilium.yaml
    37      kubectl create -f cilium.yaml
    38  
    39  .. note::
    40  
    41     You can combine the ``global.cni.chainingMode=portmap`` option with any of
    42     the other installation guides.
    43  
    44  As Cilium is deployed as a DaemonSet, it will write a new CNI configuration
    45  ``05-cilium.conflist`` and remove the standard ``05-cilium.conf``. The new
    46  configuration now enables HostPort. Any new pod scheduled is now able to make
    47  use of the HostPort functionality.
    48  
    49  Restart existing pods
    50  =====================
    51  
    52  The new CNI chaining configuration will *not* apply to any pod that is already
    53  running the cluster. Existing pods will be reachable and Cilium will
    54  load-balance to them but policy enforcement will not apply to them and
    55  load-balancing is not performed for traffic originating from existing pods.
    56  You must restart these pods in order to invoke the chaining configuration on
    57  them.