-
Notifications
You must be signed in to change notification settings - Fork 66
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Megalos: Allow devices to be reachable within the cluster #296
Comments
Currently the lines of code that isolate completely the devices are these: Kathara/src/Kathara/manager/kubernetes/KubernetesMachine.py Lines 49 to 55 in dcb48fa
Kathara/src/Kathara/manager/kubernetes/KubernetesMachine.py Lines 107 to 108 in dcb48fa
Kathara/src/Kathara/manager/kubernetes/KubernetesMachine.py Lines 463 to 464 in dcb48fa
Removing these lines the virtual devices would be able to access the Kubernetes cluster and the Internet allowing the use external tools to communicate with them through the |
Hi @GioBar00, I think that there are few caveats that we should take into account if we want to adapt the Here, there could be conflicts between the DNS of the scenario and the DNS of the Pod. For example, if in your scenario there is a device that has an IP which is included in the DNS solver, it could potentially point to the real device, possibly causing some "damage". That's why the original files were deleted/unmounted. Kathara/src/Kathara/manager/kubernetes/KubernetesMachine.py Lines 49 to 55 in dcb48fa
In some scenarios, there were devices setting the default route and nothing else. Having the k8s one was causing conflicts, i.e., it was selected as the first Kathara/src/Kathara/manager/kubernetes/KubernetesMachine.py Lines 107 to 108 in dcb48fa
Maybe, this is the only safe thing that can be changed. What I used to do was put a "dummy" DNS configuration so that I was sure that it wasn't causing problems in the Pod when it was deleted in KubernetesMachine.py#L49-L55. Kathara/src/Kathara/manager/kubernetes/KubernetesMachine.py Lines 463 to 464 in dcb48fa
I think that we should design how to have connectivity with external tools like Prometeus without changing most of these chunks of code. What are the requirements of such tools? Do you need to expose only the cluster subnet (the one associated to Thanks, |
Hi @Skazza94, Let's say we have a Prometheus Server deployed in Kubernetes in the namespace
I don't think that the scenarios with devices that use custom default routes also have the If instead we want to expose the devices to the cluster network without internet access then we would need to add a route to the cluster network on Regarding the default Kubernetes DNS, there exists other tools like Jaeger that instead of polling data from the devices, the devices need to push data to the server.
Let me know what you think could be the best solution. Thanks, |
Related Bug
No response
Feature Description
Currently in the
KubernetesMachine
the dns configuration and the default route are removed to isolate completely the scenario. The problem is that there is no way to actively monitor the scenario from within the cluster with external tools like Prometheus.Solution
A possible solution could be create a setting that allows external access to the devices or use the
bridged
option to allow a device access to the cluster network using the already presenteth0
interface.Alternative Solutions
No response
Additional Context
No response
The text was updated successfully, but these errors were encountered: