Operations¶
Scope
Production deployment patterns, operational procedures, performance tuning, and troubleshooting for Flannel.
Deployment¶
Installation¶
# Apply Flannel manifest
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
Backend Selection¶
| Backend | Overhead | Performance | Encryption | Use Case |
|---|---|---|---|---|
| VXLAN | Medium | Good | No | Default, most clusters |
| host-gw | None | Best | No | L2-adjacent nodes only |
| WireGuard | Low | Good | Yes | Cross-DC with encryption |
// net-conf.json
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan",
"VNI": 1,
"DirectRouting": true
}
}
Operations¶
# Check Flannel pods
kubectl get pods -n kube-flannel
# Check subnet allocation
cat /run/flannel/subnet.env
# Check VXLAN interface
ip -d link show flannel.1
Troubleshooting¶
| Issue | Diagnosis | Fix |
|---|---|---|
| Pod network unreachable | ip route show |
Check flannel.1 interface, VXLAN |
| Subnet conflict | /run/flannel/subnet.env |
Delete flannel.1, restart pod |
| flanneld crash | kubectl logs -n kube-flannel |
Check etcd connectivity |
| MTU issues | ip link show flannel.1 |
Set MTU to 1450 (VXLAN overhead) |
Commands & Recipes¶
Installation¶
# Install Flannel on K8s (standard)
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
# Install with custom CIDR
kubectl apply -f - <<EOF
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-flannel
data:
net-conf.json: |
{
"Network": "10.244.0.0/16",
"EnableIPv6": false,
"Backend": {
"Type": "vxlan"
}
}
EOF
Backend Configuration¶
// VXLAN (default)
{ "Type": "vxlan" }
// host-gw (best performance, requires same L2)
{ "Type": "host-gw" }
// WireGuard (encrypted)
{ "Type": "wireguard" }
Diagnostics¶
# Check flannel pods
kubectl get pods -n kube-flannel
# View subnet allocation
kubectl get nodes -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.spec.podCIDR}{"\n"}{end}'
# Flannel logs
kubectl logs -n kube-flannel -l app=flannel -f
# Check VXLAN interface
ip -d link show flannel.1
# Check routes
ip route show | grep flannel