Skip to main content

Connecting a Kubernetes Pod to a Secondary VLAN Network

Connecting a Kubernetes Pod to a Secondary VLAN Network

Objective

Our solutions offer separate and VLANs for customer to connect via VPN. In some cases there is the need to connect from a customer Kubernetes cluster pods running in “Nebul Serverless kubernetes” and some other services that are in the customer VLAN.

For example, consider the following scenario:

Customer VLAN1002 with pre-existing services (Address: 192.168.100.X) Consider an RandomApp application running on 192.168.100.10:8080 in the VLAN1002 Customer Kubernetes Cluster in a separate Network 10.10.0.X

We offer a CNI capable of attaching multiple IP’s from different VLANS into Kubernetes pods. To achieve that we need to add this annotation to the pod spec:

annotations:
  k8s.v1.cni.cncf.io/networks: '[
    { "name": "vlan1002", "interface": "net1" }
  ]'

Annotate the Pod Deployment to Use the VLAN 1002 Network

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  annotations:
    k8s.v1.cni.cncf.io/networks: '[{ "name": "vlan1002", "interface": "net1" }]'
spec:
  containers:
  - name: nginx
    image: nginx:latest 
    ports:
    - containerPort: 8080

Verifying the Additional Interface

After the pod starts, exec into it and run:

kubectl exec -it -n <namespace> <podname> -- sh 
# ip addr

You should see an additional interface (e.g., net1) with an IP from VLAN 1002.

You can also verify via:

Check External Connectivity

From the pod, try reaching the RandomApp system:

curl http://192.168.100.10:8080