Member-only story
What is CNI
CNI stands for Container Network Interface. It is a specification and a set of tools to configure network interfaces in Linux containers.
K8s uses CNI as an interface between network providers and K8s networking. When you set up a K8s cluster, you need to select a CNI plugin, and this plugin is responsible for setting up networking for the Pods. For example, the following shows a K8s cluster uses Flannel plugin:
$ kubectl get pods -n kube-flannel
NAME READY STATUS RESTARTS AGE
kube-flannel-ds-6dmrm 1/1 Running 0 71d
kube-flannel-ds-8t5lx 1/1 Running 0 64d
kube-flannel-ds-9sg4q 1/1 Running 0 71d
kube-flannel-ds-flfm9 1/1 Running 0 64d
kube-flannel-ds-fnm9b 1/1 Running 0 69d
kube-flannel-ds-frfmr 1/1 Running 0 71dCNI gives you a great deal of flexibility and allows K8s to not be bound to any specific networking implementation. You can choose from a variety of CNI plugins, each offering different features. Some popular CNI plugins include Calico, Flannel, Weave, Cilium, and many others.
The responsibilities of a CNI plugin in a K8s cluster include:
- Assigning IP addresses to Pods and their containers.
- Setting up routes in the cluster network for efficient communication.
- Implementing policies, such as network policies in K8s.
- Taking care of services, load balancing, and other network-related functionalities, depending on the complexity of the plugin.
The CNI specification outlines a straightforward framework for CNI plugins, requiring them to support four essential operations:
- ADD: This operation is used to connect a container to the network.
- DEL: This operation is responsible for removing a container from the network.
- CHECK: This operation verifies the network status of a container and returns an error if a problem is detected.
- VERSION: This operation provides version information related to the plugin.
For full specs, checkout…
