Network Checker Application

With the deploy_netchecker var enabled (defaults to false), Kubespray deploys aNetwork Checker Application from the 3rd side l23network/k8s-netchecker dockerimages. It consists of the server and agents trying to reach the server by usualfor Kubernetes applications network connectivity meanings. Therefore, thisautomatically verifies a pod to pod connectivity via the cluster IP and checksif DNS resolve is functioning as well.

The checks are run by agents on a periodic basis and cover standard and host networkpods as well. The history of performed checks may be found in the agents’ applicationlogs.

To get the most recent and cluster-wide network connectivity report, run fromany of the cluster nodes:

  1. curl http://localhost:31081/api/v1/connectivity_check

Note that Kubespray does not invoke the check but only deploys the application, ifrequested.

There are related application specific variables:

  1. netchecker_port: 31081
  2. agent_report_interval: 15
  3. netcheck_namespace: default

Note that the application verifies DNS resolve for FQDNs comprising only thecombination of the netcheck_namespace.dns_domain vars, for example thenetchecker-service.default.svc.cluster.local. If you want to deploy the applicationto the non default namespace, make sure as well to adjust the searchdomains varso the resulting search domain records to contain that namespace, like:

  1. search: foospace.cluster.local default.cluster.local ...
  2. nameserver: ...