• Actualités techniques
• Blockchain
• Business model and startup mistakes
• Devoxx
• Docker and Kubernetes
  • Docker
  • Kubernetes Admin
  • Kubernetes Core
  • Kubernetes Ecosystem
    • Build OCI image
    • Certificate management
    • CI - CD
    • CNI Providers
    • DB Schema
    • Dev environments
    • eBPF
    • GitOps
    • Helm
    • Infra as code
    • Knative
    • Local distributions
    • Manifests
    • misc
    • Observability
    • Operators
    • Registry
    • Service Mesh
    • Tooling
• GIT
• GitHub
• Jenkins
• Languages
• Legal aspects
• Management et RH
• Organisation
• Privacy
• RDF
• Reactive and microservices
• Rust
• Security
• Software Engineering
• Spring
• SQL and NoSQL
• UML
• Web Design

CNI Providers

2019 Comparing Kubernetes CNI Providers: Flannel, Calico, Canal, and Weave
2017 Choosing a CNI Network Provider for Kubernetes

CNI = technically a combination of multiple plugins

• Policy: Kubernetes network policies are implemented by network plugins rather than Kubernetes itself. Simply creating a network policy resource without a network plugin to implement it, will have no effect on network traffic.
• IPAM: How Kubernetes assigns IP address to pods is determined by the IPAM (IP Address Management) plugin being used.
• CNI: The CNI (Container Network Interface) plugin being used by Kubernetes determines the details of exactly how pods are connected to the underlying network.

Network layers

• Layer 2/switching: MAC
• Layer 3/routing: IPv4, IPv6, ICMP,...

Tunneling protocols

• IPIP IP in IP
• GRE Generic Routing Encapsulation

Concepts

• VXLAN: Stands for “virtual extensible LAN”. VXLAN virtualization is similar to VLAN, but offers more flexibility and power
• Overlay network: An overlay network is a virtual, logical network built on top of an existing network. It allows pods to communicate between nodes without the underlying network being aware of the pods or pod IP addresses. VXLAN does this very efficiently. Instead of an overlay network, bare BGP can be used.

CNI providers (network providers)

Project Calico
Website

• VXLAN
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Canal
Canal is a combination of Flannel and Calico.

• VXLAN
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Weave Net
Weave Net by Weave Works.

• VXLAN
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Flannel
Flannel is a project developed by CoreOS.

• VXLAN
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Romana
Romana

• VXLAN
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Kube-Router
Kube-Router

• VXLAN
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Kopeio

• VXLAN (Kopeio-networking)
• Layer 2
• Layer 3
• Network policies
• TCP and UDP encryption

Cilium
https://cilium.io/blog/2019/08/20/cilium-16/

Proudly Powered by Zim 0.75.2.

Template by Etienne Gandrille, based on ZeroFiveEight and using JQuery Toc Plugin.