Skip to content

Instantly share code, notes, and snippets.

@andreppires

andreppires/k8-net_plugins.md

Created February 14, 2019 14:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save andreppires/084d2be5465ac7f1f70aeb8f2ded7589 to your computer and use it in GitHub Desktop.
Save andreppires/084d2be5465ac7f1f70aeb8f2ded7589 to your computer and use it in GitHub Desktop.
Download ZIP
[Kubernetes Network Plugins and Policies]
Raw
k8-net_plugins.md

Kubernetes allow various flavours:

  • Kubenet: the default one, implements basic cbr0 using the bridge and host-local CNI plugins;
  • Calico: your default choice since it is good for various purposes. Don’t forget to set the MTU in the ConfigMap if you are using jumbo frames.
  • Cilium: for security reasons this could be your option. Also it seems to be more easy to configure network policies than calico.
  • Flannel: You have low resource nodes in your cluster (only few GB of RAM, few cores) and you don’t need security features, go with flannel.
  • Weave Net: if you need to encrypt your network for security reasons, go with WeaveNet. Don’t forget to set your MTU size if you are using jumbo frames and activate encryption by giving a password in an environment variable. But then again, forget about performance, this is the price for encryption.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment