通过 AWS VP 对等连接路由 Flannel 覆盖网络

2024-5-30 • tag-icon

我在 AWS 上有 2 个 VPC VPC-A 172.31.0.016，VPC-B 172.17.0.0/24

我已经创建了 VPC 对等互连，并且可以访问正在运行的所有服务，VPC-B反之亦然VPC-A。

VPC-B现在我创建了一个带有地址的flannel 虚拟网络172.17.0.0/16

etcdctl set /coreos.com/network/config '{ "Network": "10.17.0.0/16", "Backend": {"Type": "aws-vpc"} }'

后端aws-vpc正在运行，因为路由VPC-B表中出现了路由，并且 VPC 中的机器可以访问托管在 flannel 网络上的服务，但我无法从访问172.17.0.0/16主机VPC-A。

VPC-A路由表：

$ aws ec2 describe-route-tables --route-table-id rtb-f6e7e59d
------------------------------------------------------------------------------------------------------
|                                         DescribeRouteTables                                        |
+----------------------------------------------------------------------------------------------------+
||                                            RouteTables                                           ||
|+------------------------------------------------+-------------------------------------------------+|
||                  RouteTableId                  |                      VpcId                      ||
|+------------------------------------------------+-------------------------------------------------+|
||  rtb-f6e7e59d                                  |  vpc-ffe7e594                                   ||
|+------------------------------------------------+-------------------------------------------------+|
|||                                          Associations                                          |||
||+-------------+---------------------------------------------------+------------------------------+||
|||    Main     |              RouteTableAssociationId              |        RouteTableId          |||
||+-------------+---------------------------------------------------+------------------------------+||
|||  True       |  rtbassoc-f5e7e59e                                |  rtb-f6e7e59d                |||
||+-------------+---------------------------------------------------+------------------------------+||
|||                                             Routes                                             |||
||+-----------------------+---------------+-------------------+---------+--------------------------+||
||| DestinationCidrBlock  |   GatewayId   |      Origin       |  State  | VpcPeeringConnectionId   |||
||+-----------------------+---------------+-------------------+---------+--------------------------+||
|||  172.31.0.0/16        |  local        |  CreateRouteTable |  active |                          |||
|||  172.17.0.0/16        |               |  CreateRoute      |  active |  pcx-ea7ea083            |||
|||  10.17.0.0/16         |               |  CreateRoute      |  active |  pcx-ea7ea083            |||
|||  0.0.0.0/0            |  igw-f3e7e598 |  CreateRoute      |  active |                          |||
||+-----------------------+---------------+-------------------+---------+--------------------------+||

VPC-B路由表：

$ aws ec2 describe-route-tables --route-table-id rtb-c0729da4
-------------------------------------------------------------------------------------------------------------------------------------------------------------
|                                                                    DescribeRouteTables                                                                    |
+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
||                                                                       RouteTables                                                                       ||
|+---------------------------------------------------------------------------+-----------------------------------------------------------------------------+|
||                               RouteTableId                                |                                    VpcId                                    ||
|+---------------------------------------------------------------------------+-----------------------------------------------------------------------------+|
||  rtb-c0729da4                                                             |  vpc-79a3991c                                                               ||
|+---------------------------------------------------------------------------+-----------------------------------------------------------------------------+|
|||                                                                     Associations                                                                      |||
||+-----------------+---------------------------------------------------------+---------------------------------+-----------------------------------------+||
|||      Main       |                 RouteTableAssociationId                 |          RouteTableId           |                SubnetId                 |||
||+-----------------+---------------------------------------------------------+---------------------------------+-----------------------------------------+||
|||  False          |  rtbassoc-8a48e7ee                                      |  rtb-c0729da4                   |  subnet-e655b982                        |||
|||  False          |  rtbassoc-8b48e7ef                                      |  rtb-c0729da4                   |  subnet-ddfde9aa                        |||
|||  False          |  rtbassoc-8948e7ed                                      |  rtb-c0729da4                   |  subnet-5f725e06                        |||
||+-----------------+---------------------------------------------------------+---------------------------------+-----------------------------------------+||
|||                                                                        Routes                                                                         |||
||+----------------------+---------------+-------------+------------------+---------------------+-------------------+----------+--------------------------+||
||| DestinationCidrBlock |   GatewayId   | InstanceId  | InstanceOwnerId  | NetworkInterfaceId  |      Origin       |  State   | VpcPeeringConnectionId   |||
||+----------------------+---------------+-------------+------------------+---------------------+-------------------+----------+--------------------------+||
|||  172.17.0.0/24       |  local        |             |                  |                     |  CreateRouteTable |  active  |                          |||
|||  10.17.75.0/24       |               |  i-5a19fdd6 |  616776393312    |  eni-ad3930f7       |  CreateRoute      |  active  |                          |||
|||  172.31.0.0/16       |               |             |                  |                     |  CreateRoute      |  active  |  pcx-ea7ea083            |||
|||  0.0.0.0/0           |  igw-b3eb9ad6 |             |                  |                     |  CreateRoute      |  active  |                          |||
||+----------------------+---------------+-------------+------------------+---------------------+-------------------+----------+--------------------------+||

相关内容