Chapter 13. Linkerd CNI Versus Init Containers
In Chapter 2, we mentioned the init container a couple of times without ever talking about it in detail. The init container is one of the two mechanisms Linkerd provides for handling mesh networking in Kubernetes, with the other being the Linkerd CNI plugin. To understand what these do and why you’d choose one over the other, you need to understand what happens when a meshed Pod starts running.
As it happens, that’s a much bigger, thornier issue than you might expect. We’ll start by looking at vanilla Kubernetes, without Linkerd.
Kubernetes sans Linkerd
At its core, Kubernetes has a straightforward goal: manage user workloads so that developers can concentrate on Pods and Services without needing to worry too much about the underlying hardware. This is one of those things that’s easy to describe, and fairly easy to use, but extremely complex to implement. Kubernetes relies on several different open source technologies to get it all done. Remember that we’re talking about Kubernetes without Linkerd at this point—this is essentially your standard Kubernetes functionality.
Nodes, Pods, and More
The first area that Kubernetes has to manage is orchestrating the actual execution of workloads within a cluster. It relies extensively on OS-level isolation mechanisms for this task. Here are some key points to keep in mind:
-
Clusters comprise one or more Nodes, which are physical or virtual machines running Kubernetes itself. We’ll discuss ...
Get Linkerd: Up and Running now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
