Skip to content
An OVN-based Kubernetes Network Fabric for Enterprises
Branch: master
Clone or download
oilbeater Merge pull request #50 from alauda/docs/update-readme
docs: update mirror feature to readme
Latest commit a013fcd Jun 18, 2019

README.md

Kube-OVN

License Build Tag Go Report Card

Kube-OVN integrates the OVN-based Network Virtualization with Kubernetes. It offers an advanced Container Network Fabric for Enterprises.

Features

  • Namespaced Subnets: Each Namespace can have a unique Subnet (backed by a Logical Switch). Pods within the Namespace will have IP addresses allocated from the Subnet. It's also possible for multiple Namespaces to share a Subnet.
  • Subnet Isolation: Can configure a Subnet to deny any traffic from source IP addresses not within the same Subnet. Can whitelist specific IP addresses and IP ranges.
  • Network Policy: Kube-OVN implements networking.k8s.io/NetworkPolicy API by ovn ACL.
  • Static IP Addresses for Workloads: Allocate random or static IP addresses to workloads.
  • Dynamic QoS: Configure Pod Ingress/Egress traffic rate limits on the fly.
  • Embedded Load Balancers: Replace kube-proxy with the OVN embedded distributed L2 Load Balancer.
  • Distributed Gateways: Every Node can act as a Gateway to provide external network connectivity.
  • Namespaced Gateways: Every Namespace can have a dedicated Gateway for Egress traffic.
  • Direct External Connectivity:Pod IP can be exposed to external network directly.
  • Traffic Mirror: Duplicated container network traffic for monitoring and diagnosing.

Planned Future Work

  • Hardware Offloading and DPDK Support
  • Policy-based QoS
  • More Metrics and Traffic Graph
  • More Diagnosis and Tracing Tools

Network Topology

The Switch, Router, Firewall showed in the diagram below are all distributed on all Nodes. There is no single point of failure for in cluster network.

alt text

Quick Start

Kube-OVN is easy to install with all necessary components/dependencies included. Please refer to the Installation Guide.

Documents

Contact

Mail: mengxin#alauda.io

WeChat: liumengxinfly

You can’t perform that action at this time.