There are a number of varieties of communication in Amazon EKS environments. Strains of communication embrace the next:

• Interpod communication between containers
• Communication between pods on the identical node or pods on completely different nodes
• Ingress connections from outdoors the cluster

In some circumstances, the default Kubernetes strategies are used. In different circumstances, particularly inter-node communication and ingress strategies particular to Amazon EKS are used.

Intrapod communication

Containers in a pod share a Linux namespace and may talk with one another utilizing localhost. In Kubernetes networking, the IP deal with with which a container identifies is identical IP deal with for all entities within the community. All containers can talk with all different containers in a pod with out NAT.

Intrahost communication

Along with every pod having a Linux namespace, the host node additionally has a Linux namespace. Every namespace has its personal routing desk. The pod namespace and host namespace are related by a Linux digital Ethernet (veth) machine. A pair of veths creates a tunnel between the default host namespace and the pod namespace.

Pod-to-pod communication within the host occurs by means of this veth tunnel. Every node is allotted a community vary for containers and every pod will get an IP deal with in that vary permitting containers on the identical host to speak.

Interhost communication

To simplify internode communication, Amazon EKS integrates Amazon VPC networking into Kubernetes by means of the Amazon VPC CNI plugin for Kubernetes. CNI permits Kubernetes pods to have the identical IP deal with contained in the pod as they do on the Amazon VPC community. 

This CNI plugin is an open-source challenge maintained within the amazon-vpc-cni-k8s repository on GitHub. CNI makes use of the Amazon EC2 means to provision a number of community interfaces to a number occasion—every with a number of secondary IP addresses—to get a number of IP addresses assigned from the Amazon VPC pool. It then distributes these IP addresses to pods on the host and connects the community interface to the veth port created on the pod. The Linux kernel manages the remainder. Subsequently, each pod has an actual, routable IP deal with from the Amazon VPC and may simply talk with different pods, nodes, or AWS providers.

On the host, CNI modifies each the default routing desk and the community interface routing desk. The default routing desk is used to route site visitors to pods. Every community interface has its personal routing desk that’s used to route outgoing pod site visitors. Every pod is assigned one of many community interface’s secondary IP addresses. For instance, if a pod sends community site visitors out of the occasion, the VPC-CNI plugin ensures that the site visitors routes by means of the right community interface.