Skip to content
Murali Reddy edited this page May 21, 2017 · 22 revisions

Welcome to the kube-router wiki!

Kube-router consist of 3 core components

Network Services Controller

Network services controller is responsible for reading the services and endpoints information from Kubernetes API server and configure IPVS on each cluster node accordingly.

Please read blog for design details and pros and cons compared to iptables based Kube-proxy https://cloudnativelabs.github.io/post/2017-05-10-kube-network-service-proxy/

Demo of Kube-router's IPVS based Kubernetes network service proxy

asciicast

Features:

  • round robin load balancing
  • client IP based session persistence
  • source IP is preserved if service controller is used in conjuction with network routes controller (kube-router with --run-router flag)
  • option to explicitly masquerade (SNAT) with --masquerade-all flag

Network Policy Controller

Network policy controller is responsible for reading the namespace, network policy and pods information from Kubernetes API server and configure iptables accordingly to provide ingress filter to the pods.

Please read blog for design details of Network Policy controller https://cloudnativelabs.github.io/post/2017-05-1-kube-network-policies/

Demo of Kube-router's iptables based implementaton of network policies

asciicast

Network Routes Controller

Network routes controller is responsible for reading pod CIDR allocated by controller manager to the node, and advertises the routes to the rest of the nodes in the cluster (BGP peers). Use of BGP is transperent to user for basic pod-to-pod networking.

asciicast

However BGP can be leveraged to other use cases like advertising the cluster ip, routable pod ip etc. Only in such use-cases understanding of BGP and configuration is required. Please see below demo how kube-router advertises cluster IP and pod codes to external BGP router asciicast

Clone this wiki locally