Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CNI provider post #1

Merged
merged 2 commits into from Nov 12, 2017
Merged

CNI provider post #1

merged 2 commits into from Nov 12, 2017

Conversation

chrislovecnm
Copy link
Owner

@chrislovecnm chrislovecnm commented Nov 10, 2017

@justinsb @bboreham et al please take a look

@chrislovecnm chrislovecnm force-pushed the cni-provider-post branch 2 times, most recently from 40fd3d8 to 77af2bf Compare Nov 10, 2017
---

Container Network Interface(CNI), is a library, under the umbrella of the Cloud
Native Computinmake -f NG.mk test version-distg Foundation project. Kubernetes
Copy link

@alrs alrs Nov 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NG.mk snuck in here.

Copy link
Owner Author

@chrislovecnm chrislovecnm Nov 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OMG ... ROTFL

Copy link
Owner Author

@chrislovecnm chrislovecnm Nov 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Multi-tasking .. yay


> Which CNI provider should I use?

The above question is repeatedly ask on the #kops Kuberentes slack channel.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ask should be asked

works anywhere VXLAN default, can be layered with Calico policy engine (Canal).
Oh, and lots of users.

Techtonics, CoreOS's Commercial Kuberentes product, uses a combination of

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo in Tectonic and Kubernetes


### kube-router

Kuber-router is a purpose-built network solution for Kuberentes ground up. It

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kuber-router -> kube-router, Kuberentes -> Kubernetes

Kuber-router is a purpose-built network solution for Kuberentes ground up. It
aims to provide operational simplicity and performance. Kube-router delivers a
pod networking solution, a service proxy, and network policy enforcer as
all-in-one solution, with single daemon set. Kuber-router uses Kubernetes native

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

kuber-router -> kube-router

Kubernetes Network Policy APIs and never uses an overlay, even when a cluster is
split across network availability zones. Romana is the only CNI provider that
uses native VPC networking across availability zones for HA clusters, delivering
a high-performance CNI solution. The current release uses its Etcd cluster, but

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does "its Etcd cluster" mean "its own dedicated etcd cluster"?

<th>Network <br>Policies</th>
<th>Mesh</th>
<th>External <br>Database</th>
<th>Encyption</th>

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Encyption -> Encryption

Justin Santa Barbara the founder of kope-vxlan provided this:

Pioneered the model that everyone is now using, No baggage, with Minimal CNI
dependencies. Currently, there is lower adoption.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah well, if we're doing marketing speak.

"kopeio-networking provides kubernetes-first networking. It was purpose built for Kubernetes, making full use of the Kubernetes API, and because of that is much simpler and more reliable than alternatives that were retrofitted. The VXLAN approach is the most commonly used mode (as used in weave & flannel), but it also supports layer 2 (as used in calico), with more experimental support for GRE (the replacement for IPIP), and for IPSEC (for secure configurations). It does all of this with a very simple codebase."

<tr>
<th>Provider</th>
<th>Network <br>Model</th>
<th>BGP</th>

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommend dropping BGP from the comparison table - it's a bug, not a feature.

Copy link
Owner Author

@chrislovecnm chrislovecnm Nov 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ROTFL ... I may have to do a funny comments section

<th>BGP</th>
<th>Network <br>Policies</th>
<th>Mesh</th>
<th>External <br>Database</th>

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one's tricky, because this a negative, right? I guess I would put "Datastore" and have 3 options "Kubernetes", "Mesh", or "BYO etcd".


## Summary

Pick one. Make a decision quickly, don't spend days deciding, and test with

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't rule out kubenet. For most users, it remains the best choice.

Copy link
Owner Author

@chrislovecnm chrislovecnm Nov 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed


### kopeio-vxlan

Justin Santa Barbara the founder of kope-vxlan provided this:

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might as well call it founder of kopeio for consistency.

categories: kuberentes cni
---

Container Network Interface(CNI), is a library, under the umbrella of the Cloud

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's an interface specification in the first place, which comes with a reference implementation in Go, and that consists of a library and a set of CLI utils.

@chrislovecnm chrislovecnm merged commit fa9a5d7 into master Nov 12, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants