更新时间:2025-09-12 GMT+08:00
为Pod绑定已有EIP
为Pod指定EIP的ID
创建Pod时,填写yangtse.io/eip-id的annotation后,EIP会随Pod自动完成绑定。
以下示例创建一个名为nginx的Pod,EIP将随Pod创建自动绑定至Pod。具体字段含义见表1。
kind: Pod
apiVersion: cci/v2
metadata:
name: nginx
namespace: ns-test
annotations:
yangtse.io/eip-id: 65eb3679-7a8d-4b24-b681-0b661axxxxcb
spec:
containers:
- name: container1
image: nginx:stable-alpine-perl
resources:
limits:
cpu: '1'
memory: 2G
requests:
cpu: '1'
memory: 2G
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: Default
securityContext: {}
imagePullSecrets:
- name: imagepull-secret
Pod的EIP准备就绪
Pod业务容器的启动时间可能早于EIP分配结果返回成功时间,在Pod启动过程中EIP可能会绑定失败。
通过在init container中可检查EIP是否已经分配成功。容器网络控制器会在Pod IP分配后,为Pod绑定EIP并返回分配结果至Pod的Annotation(yangtse.io/allocated-ipv4-eip),通过Pod配置init container并使用downwardAPI,把yangtse.io/allocated-ipv4-eip annotation通过volume挂载到init container里,可检查EIP是否已经分配成功。具体您可以参考以下示例配置init container:
kind: Pod
apiVersion: cci/v2
metadata:
name: nginx
namespace: ns-test
annotations:
yangtse.io/eip-id: 65eb3679-7a8d-4b24-b681-0b661axxxxcb
spec:
initContainers:
- name: init
image: busybox:latest
command: ['timeout', '60', 'sh', '-c', "until grep -E '[0-9]+' /etc/eipinfo/allocated-ipv4-eip; do echo waiting for allocated-ipv4-eip; sleep 2; done"]
volumeMounts:
- name: eipinfo
mountPath: /etc/eipinfo
volumes:
- name: eipinfo
downwardAPI:
items:
- path: "allocated-ipv4-eip"
fieldRef:
fieldPath: metadata.annotations['yangtse.io/allocated-ipv4-eip']
...
父主题: 为Pod配置EIP
