filmov
tv
Cilium Kubernetes CNI Provider: Part 4, IP Routing Modes (Direct and Encapsulated)
Показать описание
In this episode, we will learn about Cilium’s supported IP routing modes. IP routing essentially means how the PODs on one node communicate with PODs on other nodes.
To start with, we will discuss the default mode which uses L2 VXLAN encapsulation. We will then discuss situations where all nodes are on the same subnet, and how to set up Direct routing (no encapsulation).
Next, we will discuss how to leverage Border Gateway Protocol (BGP) to set up a hybrid mode where nodes exchange routes through BGP and use Direct IP routing for nodes on the same L2 domain, and IPinIP encapsulations for nodes on different subnets.
Finally, we will set up a cluster mesh between two clusters leveraging Direct IP routing.
*** Please note: There is a typo in the slide @ 0.6:40, the Dst IP in the center should read "10.107.72.75", NOT "10.101.79.42" . My apologies and thank you to viewer @SuperBitbucket to point it out. **
Links:
Timecodes
0:00 - Intro
4:37 - Overview of VXLAN encapsulated POD traffic.
15:44 - Demo: Capture VXLAN POD network traffic.
25:35 - Examine node routes when VXLAN encapsulation is used.
28:53 - Direct IP routing overview.
31:07 - Demo: Set up L2 Direct IP routing in a brand-new cluster.
34:11 - Cilium's helm settings to enable L2 Direct IP routing.
49:50 - L3 Direct IP routing overview.
50:34 - Overview of Border Gateway Protocol (BGP).
53:39 - How BGP is implemented in the Kubernetes environment.
55:12 - Demo: Set up L3 BGP-based Direct IP routing in a brand-new cluster.
1:05:19 - Cluster Mesh and Direct IP routing.
1:10:17 - Demo: Set up a Cluster Mesh between two clusters leveraging L2 Direct IP routing.
1:17:58 - Final Thoughts.
My Other Videos:
►Cilium Kubernetes CNI Provider, Part 2: Security Policies and Observability Leveraging Hubble
► Cilium Kubernetes CNI Provider, Part 3: Cluster Mesh
► What is VXLAN and How It is Used as an Overlay Network in Kubernetes?
► Managing Linux Log-ins, Users, and Machines in Active Directory (AD): Part 2- Join Linux Machines to AD:
► Managing Linux Log-ins, Users, and Machines in Active Directory (AD): Part 1- Setup AD:
► Sharing Resources between Windows and Linux:
► Kubernetes kube-proxy Modes: iptables and ipvs, Deep Dive:
►Kubernetes: Configuration as Data: Environment Variables, ConfigMaps, and Secrets:
►Configuring and Managing Storage in Kubernetes:
► Istio Service Mesh – Securing Kubernetes Workloads:
► Istio Service Mesh – Intro
► Understanding Kubernetes Networking. Part 6: Calico Network Policies:
► Understanding Kubernetes Networking. Part 5: Intro to Kubernetes Network Policies:
► Understanding Kubernetes Networking. Part 4: Kubernetes Services:
► Understanding Kubernetes Networking Part 3: Calico Kubernetes CNI Provider in depth:
► Setup a Linux-Windows (Calico based) Hybrid Kubernetes Cluster to Host .NET Containers:
► A Docker and Kubernetes tutorial for beginners:
A Docker and Kubernetes tutorial for beginners. - YouTube
► Setup a "Docker-less" Multi-node Kubernetes Cluster on Ubuntu Server:
► Detailed Windows Terminal, (WSL 2), Linux, Docker, and Kubernetes Install Guide on Windows 10:
To start with, we will discuss the default mode which uses L2 VXLAN encapsulation. We will then discuss situations where all nodes are on the same subnet, and how to set up Direct routing (no encapsulation).
Next, we will discuss how to leverage Border Gateway Protocol (BGP) to set up a hybrid mode where nodes exchange routes through BGP and use Direct IP routing for nodes on the same L2 domain, and IPinIP encapsulations for nodes on different subnets.
Finally, we will set up a cluster mesh between two clusters leveraging Direct IP routing.
*** Please note: There is a typo in the slide @ 0.6:40, the Dst IP in the center should read "10.107.72.75", NOT "10.101.79.42" . My apologies and thank you to viewer @SuperBitbucket to point it out. **
Links:
Timecodes
0:00 - Intro
4:37 - Overview of VXLAN encapsulated POD traffic.
15:44 - Demo: Capture VXLAN POD network traffic.
25:35 - Examine node routes when VXLAN encapsulation is used.
28:53 - Direct IP routing overview.
31:07 - Demo: Set up L2 Direct IP routing in a brand-new cluster.
34:11 - Cilium's helm settings to enable L2 Direct IP routing.
49:50 - L3 Direct IP routing overview.
50:34 - Overview of Border Gateway Protocol (BGP).
53:39 - How BGP is implemented in the Kubernetes environment.
55:12 - Demo: Set up L3 BGP-based Direct IP routing in a brand-new cluster.
1:05:19 - Cluster Mesh and Direct IP routing.
1:10:17 - Demo: Set up a Cluster Mesh between two clusters leveraging L2 Direct IP routing.
1:17:58 - Final Thoughts.
My Other Videos:
►Cilium Kubernetes CNI Provider, Part 2: Security Policies and Observability Leveraging Hubble
► Cilium Kubernetes CNI Provider, Part 3: Cluster Mesh
► What is VXLAN and How It is Used as an Overlay Network in Kubernetes?
► Managing Linux Log-ins, Users, and Machines in Active Directory (AD): Part 2- Join Linux Machines to AD:
► Managing Linux Log-ins, Users, and Machines in Active Directory (AD): Part 1- Setup AD:
► Sharing Resources between Windows and Linux:
► Kubernetes kube-proxy Modes: iptables and ipvs, Deep Dive:
►Kubernetes: Configuration as Data: Environment Variables, ConfigMaps, and Secrets:
►Configuring and Managing Storage in Kubernetes:
► Istio Service Mesh – Securing Kubernetes Workloads:
► Istio Service Mesh – Intro
► Understanding Kubernetes Networking. Part 6: Calico Network Policies:
► Understanding Kubernetes Networking. Part 5: Intro to Kubernetes Network Policies:
► Understanding Kubernetes Networking. Part 4: Kubernetes Services:
► Understanding Kubernetes Networking Part 3: Calico Kubernetes CNI Provider in depth:
► Setup a Linux-Windows (Calico based) Hybrid Kubernetes Cluster to Host .NET Containers:
► A Docker and Kubernetes tutorial for beginners:
A Docker and Kubernetes tutorial for beginners. - YouTube
► Setup a "Docker-less" Multi-node Kubernetes Cluster on Ubuntu Server:
► Detailed Windows Terminal, (WSL 2), Linux, Docker, and Kubernetes Install Guide on Windows 10:
1:04:28
Cilium Kubernetes CNI Provider, Part 1: Overview of eBPF and Cilium and the Installation Process
1:21:54
Cilium Kubernetes CNI Provider: Part 4, IP Routing Modes (Direct and Encapsulated)
0:52:44
Cilium Kubernetes CNI Provider, Part 3: Cluster Mesh
0:41:51
Cilium Kubernetes CNI Provider, Part 2: Security Policies and Observability Leveraging Hubble
0:06:12
Learn Cilium CNI for Kubernetes!
1:02:59
Kubernetes networking and Cilium - Part 1
0:11:23
From Zero to Cluster Mesh: Installing and Configuring Cilium CNI on Kubernetes
0:01:04
What is Cilium?
0:21:15
Kubernetes Networking, Security, And Observability With eBPF And Cilium
0:00:58
Leveraging Cilium as a CNI for your Kubernetes clusters
0:06:23
Container Network Interface (CNI) Explained in 7 Minutes
0:55:11
Understanding Kubernetes Networking Part 3: Calico Kubernetes CNI Provider in depth.
0:18:53
Cilium | Getting started | deployment in KinD cluster (jmos/kube/120)
1:32:08
TGI Kubernetes 047: Cilium (CNI)
0:03:31
Container Network Security - Kubernetes Network Policies in Action with Cilium (Cloud Native)
0:56:11
Understanding Kubernetes Networking. Part 1: Container Networking
0:33:38
Keeping It Simple: Cilium Networking for Multicloud Kubernetes - Liz Rice, Isovalent
0:36:20
Cilium: Welcome, Vision and Updates - Thomas Graf & Liz Rice, Isovalent; Laurent Bernaille, Data...
0:05:19
Strengthen Security with an eBPF-based Kubernetes CNI - Shruti Chaturvedi, MeetKlara
0:20:29
Effortless Mutual Authentication with Cilium | Liz Rice
0:16:38
Deploy Kubernetes in AKS with Cilium!
0:43:31
Cilium - Container Security and Networking Using BPF and XDP - Thomas Graf, Covalent
0:04:53
What is Cilium?
0:52:27
Kubernetes networking and Cilium - Part 2
Комментарии