Skip to content

_index.md

Latest commit

 

History

History
100 lines (75 loc) · 7.55 KB

_index.md

File metadata and controls

100 lines (75 loc) · 7.55 KB
title CNI
description The Container Networking Interface Specification
date 2020-10-31
draft false
toc true

Why develop CNI?

Application containers on Linux are a rapidly evolving area, and within this area networking is not well addressed as it is highly environment-specific. We believe that many container runtimes and orchestrators will seek to solve the same problem of making the network layer pluggable.

To avoid duplication, we think it is prudent to define a common interface between the network plugins and container execution: hence we put forward this specification, along with libraries for Go and a set of plugins.

Who is using CNI?

Container runtimes

  • Kubernetes - a system to simplify container operations
  • HashiCorp Nomad - a simple and flexible scheduler and orchestrator to deploy and manage containers and non-containerized applications across on-prem and clouds at scale
  • Containerd - a CRI-compliant container runtime
  • cri-o - a lightweight container runtime
  • OpenShift - Kubernetes with additional enterprise features
  • Cloud Foundry - a platform for cloud applications
  • Apache Mesos - a distributed systems kernel
  • Amazon ECS - a highly scalable, high performance container management service
  • Singularity - a container platform optimized for HPC, EPC, and AI
  • OpenSVC - an orchestrator for legacy and containerized application stacks

3rd party plugins

  • Project Calico - a layer 3 virtual network
  • Weave - a multi-host Docker network
  • Contiv Networking - policy networking for various use cases
  • SR-IOV
  • Cilium - BPF & XDP for containers
  • Infoblox - enterprise IP address management for containers
  • Multus - a Multi plugin
  • Romana - Layer 3 CNI plugin supporting network policy for Kubernetes
  • CNI-Genie - generic CNI network plugin
  • Nuage CNI - Nuage Networks SDN plugin for network policy kubernetes support
  • Silk - a CNI plugin designed for Cloud Foundry
  • Linen - a CNI plugin designed for overlay networks with Open vSwitch and fit in SDN/OpenFlow network environment
  • Vhostuser - a Dataplane network plugin - Supports OVS-DPDK & VPP
  • Amazon ECS CNI Plugins - a collection of CNI Plugins to configure containers with Amazon EC2 elastic network interfaces (ENIs)
  • Bonding CNI - a Link aggregating plugin to address failover and high availability network
  • ovn-kubernetes - a container network plugin built on Open vSwitch (OVS) and Open Virtual Networking (OVN) with support for both Linux and Windows
  • Juniper Contrail / TungstenFabric - provides an overlay SDN solution, delivering multicloud networking, hybrid cloud networking, simultaneous overlay-underlay support, network policy enforcement, network isolation, and service chaining and flexible load balancing
  • Knitter - a CNI plugin supporting multiple networking for Kubernetes
  • DANM - a CNI-compliant networking solution for TelCo workloads running on Kubernetes
  • VMware NSX – a CNI plugin that enables automated NSX L2/L3 networking and L4/L7 Load Balancing; network isolation at the pod, node, and cluster level; and zero-trust security policy for your Kubernetes cluster.
  • cni-route-override - a meta CNI plugin that override route information
  • Terway - a collection of CNI Plugins based on alibaba cloud VPC/ECS network product
  • Cisco ACI CNI - on-premise and cloud container networking with a consistent policy and security model
  • Kube-OVN - a CNI plugin that bases on OVN/OVS and provides advanced features like subnet, static ip, ACL, QoS, etc.
  • Project Antrea - an Open vSwitch Kubernetes CNI
  • OVN4NFV-K8S-Plugin - a OVN based CNI controller plugin to provide cloud native based Service function chaining (SFC), Multiple OVN overlay networking

The CNI team also maintains some core plugins in a separate repository.

Contributing to CNI

We welcome contributions, including bug reports, code, and documentation improvements. If you intend to contribute to code or documentation, please read the CONTRIBUTING page and see the contact section of this page.

How do I use CNI?

Requirements

The CNI spec is language agnostic. To use the Go language libraries in this repository, you'll need a recent version of Go.

Reference Plugins

The CNI project maintains a set of reference plugins that implement the CNI specification.

What might CNI do in the future?

CNI currently covers a wide range of needs for network configuration due to its simple model and API. However, in the future CNI might want to branch out into other directions:

  • Dynamic updates to existing network configuration
  • Dynamic policies for network bandwidth and firewall rules

If these topics are of interest, please contact the team via the mailing list or IRC and find some like-minded people in the community to put a proposal together.

Where are the binaries?

The plugins have been moved to a separate repo: https://github.com/containernetworking/plugins, and the releases there include binaries and checksums.

Prior to release 0.7.0 the cni release also included a cnitool binary; as this is a developer tool we suggest you build it yourself.

Contact

For any questions about CNI, please reach out via:

  • Email: cni-dev
  • IRC: #containernetworking channel on freenode.net
  • Slack: #cni on the CNCF slack. NOTE: the previous CNI Slack (containernetworking.slack.com) has been sunsetted.

If you have a security issue to report, please do so privately to the email addresses listed in the MAINTAINERS file.