流量限制原创
# kubelet启动参数:
--cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --network-plugin=cni
systemctl cat kubelet | grep network-plugin
1
# calico配置
[root@localhost ~]# cat /etc/cni/net.d/10-calico.conflist | grep bandwidth
{ "type": "bandwidth", "capabilities": { "bandwidth": true } }
1
2
2
# 流量限制验证
apiVersion: v1
kind: Pod
metadata:
name: netperf-server
annotations:
kubernetes.io/egress-bandwidth: 1M
kubernetes.io/ingress-bandwidth: 1M
spec:
containers:
- image: sirot/netperf-latest
command: ["/bin/sh","-c","netserver -p 4444 -4; iperf3 -s -i 1;"]
imagePullPolicy: IfNotPresent
name: netperf
ports:
- name: netperf-port
containerPort: 4444
- name: iperf-port
containerPort: 5210
restartPolicy: Always
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
注: pod创建后修改annotation无效,需要重启pod才生效 如果不是docker而是使用containerd作为runtime,需要containerd 1.4版本才能支持。
tc qdisc show
...
qdisc tbf 1: dev cali90ab6b94883 root refcnt 2 rate 1000Kbit burst 27917286b lat 1924.2s
qdisc ingress ffff: dev cali90ab6b94883 parent ffff:fff1 ----------------
qdisc tbf 1: dev 31b3 root refcnt 2 rate 1000Kbit burst 27917286b lat 1924.2s
root@netperf-server:/# iperf3 -c 10.19.0.13
Connecting to host 10.19.0.13, port 5201
[ 4] local 10.242.235.108 port 46514 connected to 10.19.0.13 port 5201
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 4] 0.00-1.00 sec 26.2 MBytes 220 Mbits/sec 1 274 KBytes
[ 4] 1.00-2.00 sec 0.00 Bytes 0.00 bits/sec 0 275 KBytes
[ 4] 2.00-3.00 sec 0.00 Bytes 0.00 bits/sec 0 278 KBytes
[ 4] 3.00-4.00 sec 331 KBytes 2.71 Mbits/sec 0 285 KBytes
[ 4] 4.00-5.00 sec 0.00 Bytes 0.00 bits/sec 0 295 KBytes
[ 4] 5.00-6.00 sec 382 KBytes 3.13 Mbits/sec 0 312 KBytes
[ 4] 6.00-7.00 sec 0.00 Bytes 0.00 bits/sec 0 332 KBytes
[ 4] 7.00-8.00 sec 0.00 Bytes 0.00 bits/sec 0 361 KBytes
[ 4] 8.00-9.00 sec 446 KBytes 3.65 Mbits/sec 0 389 KBytes
^C[ 4] 9.00-9.55 sec 0.00 Bytes 0.00 bits/sec 0 405 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-9.55 sec 27.4 MBytes 24.1 Mbits/sec 1 sender
[ 4] 0.00-9.55 sec 0.00 Bytes 0.00 bits/sec receiver
iperf3: interrupt - the client has terminated
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
上次更新: 2022/08/24, 18:07:47