How to perform a CNI Live Migration from Flannel+Calico to Cilium

How to perform a CNI Live Migration from Flannel+Calico to Cilium

  • October 15, 2020
Table of Contents

How to perform a CNI Live Migration from Flannel+Calico to Cilium

Container Network Interface (CNI) is a big topic, but in short, CNI is a set of specifications that define an interface used by container orchestrators to set up networking between containers. In the Kubernetes space, the Kubelet is responsible for calling the CNI installed on the cluster so Pods are attached to the Kubernetes cluster network during creation, and its resources are properly released during deletion. CNIs can also be responsible for more advanced features than just setting up routes in the cluster, such as network policy enforcement, encryption, load balancing, etc.

There are many implementations of CNI for various use cases, each having their own advantages and disadvantages. Flannel is one such implementation, backed by iptables, and it is perhaps the most simple and popular in Kubernetes. Flannel is solely concerned with setting up routing between Pods in the Kubernetes cluster, which is achieved by creating an overlay network using the Virtual Extensible LAN (VXLAN) protocol.

Another project, Calico, can be run as either a standalone CNI solution or on top of Flannel (called Canal) to provide network policy enforcement.

Source: cilium.io

Tags :
Share :
comments powered by Disqus

Related Posts

How the U.S. Air Force Deployed Kubernetes and Istio on an F-16 in 45 days

How the U.S. Air Force Deployed Kubernetes and Istio on an F-16 in 45 days

Read More
Ingress for Anthos—Multi-cluster Ingress and Global Service Load Balancing

Ingress for Anthos—Multi-cluster Ingress and Global Service Load Balancing

Ingress for Anthos is a Google cloud-hosted multi-cluster ingress controller for Anthos GKE clusters. Ingress for Anthos supports deploying shared load balancing resources across clusters and across regions enabling users to use a same load balancer with an anycast IP for applications running in a multi-cluster and multi-region topology. In simpler terms this allows users to place multiple GKE clusters located in different regions under one LoadBalancer.

Read More
B-21 stealth bomber running Kubernetes for better SDLC experience

B-21 stealth bomber running Kubernetes for better SDLC experience

The new stealth U.S. Air Force B-21 bomber has taken yet another key technological step toward being ready for war, through integrated computer automation designed to streamline information, improve targeting and offer pilots organized warzone information in real-time. Air Force and Northrop Grumman developers recently completedan essential software-empowered process intended to bring greater levels of information processing, data management and new measures of computerized autonomy,according to published statements from Air Force Acquisition Executive Dr. William Roper. Through virtualization and software-hardware synergy, B-21 sensors, computers and electronics can better scale, deploy and streamline procedural functions such as checking avionics specifics, measuring altitude and speed and integrating otherwise disparate pools sensor information.

Read More