Weaveworks, profile picture
Uploaded byWeaveworks
PPTX, PDF12,345 views

Introduction to the Container Network Interface (CNI)

The document presents an overview of the Container Network Interface (CNI), highlighting its significance as a simple interface between container runtimes and network implementations. It discusses recent developments such as plugin chaining and IPv6 support, and emphasizes CNI's open-source nature with numerous implementations and contributions. The document encourages community involvement in the CNI specification ahead of its version 1.0 release.

Embed presentation

Downloaded 242 times
Introduction to August 24, 2017 Webinar Series
Your Presenters 2 Ken Owens VP Digital Native Architecture Mastercard Bryan Boreham Director of Engineering, WeaveWorks @bboreham
Agenda What is CNI? Who uses CNI - runtimes and plugins Recent developments The Future 3
CNI in the CNCF Reference Architecture 4 • Resource Management • Image Management • Container Management • Compute Resources • Cloud Native – Network • Network Segmentation and Policy • SDN & APIs (eg CNI, libnetwork) • Cloud Native- Storage • Volume Drivers/Plugins • Local Storage Management • Remote Storage Access Application Definition/ Development Orchestration & Management Runtime Provisioning Infrastructure (Bare Metal/Cloud)
What is CNI? • The simplest possible interface between container runtime and network implementation • Originated at CoreOS as part of Rkt • Now a CNCF project 5
What is CNI? 6 Net Plugin Runtime CNI commands and network config Config Configures Network
What does a CNI call look like? Set some environment variables and go! CNI_COMMAND=ADD CNI_CONTAINERID=$id CNI_NETNS=/proc/$pid/ns/net CNI_PATH=/opt/cni/bin CNI_IFNAME=eth0 my-plugin < my-config 7 Can be either ADD, DEL or VERSION A JSON document defining the network
{ "cniVersion": "0.3.0", "name": "mynet", "type": "my-plugin", "some-parameter": "foo", "ipam": { "type": "host-local", "subnet": "10.42.0.0/24", } } What does a CNI config look like? 8 Tells the plugin what version the caller is using The caller should look for a plugin with this name First plugin will call a second plugin with this name
Network plugin calls IPAM plugin 9 Net Plugin Runtime IPAM Plugin CNI params and network config Passes same params and network config Config
CNI project repo https://github.com/containernetworking/cni • CNI Specification: the API between runtimes and network plugins • Conventions: extensions to the API that are not required for all plugins • Library: a Go implementation of the CNI specification that plugins and runtimes can use •5 maintainers •63 contributors from 10+ companies •785 stars 10
CNI plugins repo https://github.com/containernetworking/plugins Main: interface-creating • bridge • ipvlan • loopback • macvlan • ptp • vlan IPAM: IP address allocation • dhcp • host-local 11 Meta: other plugins •flannel •tuning •portmap Sample •The sample plugin provides an example for building your own plugin.
3rd party plugins Weave Net Project Calico Contiv SR-IOV Cilium Infoblox Multus Romana CNI-Genie Container runtimes rkt - container engine Kubernetes Kurma - container runtime Cloud Foundry - a platform for cloud applications Mesos - a distributed systems kernel Ecosystem 12
Quote “Our forthcoming ECS Task Networking capabilities are written as a CNI plugin, and we expect CNI to be the basis for all container-based networking on AWS.” - Adrian Cockroft, VP of Cloud Architecture, AWS 13
Recent developments • Chaining (new in 0.5) – Configure a list of plugins, not just one – Runtime will call each one in turn – Capability arguments give extra info to the runtime • IPv6 (completed in 0.6) – Spec now allows multiple addresses to be returned – All base plugins support IPv6 14
Chaining config list example { "cniVersion": "0.3.0", "name": "weave", "plugins": [ { "type": "weave-net", "hairpinMode": true }, { "type": "portmap", "capabilities": { "portMappings": true }, "snat": true } ] } 15
Chaining multiple plugins 16 Net Plugin Runtime portmap Plugin Includes result from previous plugin Config list
Looking forward GET command – For runtime to query the status of an interface Kubernetes kubenet as pure CNI – Currently part CNI and part embedded inside kubelet CNI v1.0 – Stable spec, with strategy and tooling for backwards compatibility – Complete test coverage – Release from CI 17
Summary CNI is a simple interface based on environment variables and JSON Open Source, lots of runtimes and plugins use it We welcome new implementers Please comment on the spec before 1.0! 18
Thank You 19 https://github.com/containernetworking/cni Email: cni-dev@googlegroups.com IRC: #containernetworking channel on freenode.org Slack: containernetworking.slack.com

More Related Content

PDF
Introduction to kubernetes
byGabriel Carro
 
PDF
Hands-On Introduction to Kubernetes at LISA17
byRyan Jarvinen
 
PDF
Cloud Native Networking & Security with Cilium & eBPF
byRaphaël PINSON
 
PDF
Free GitOps Workshop + Intro to Kubernetes & GitOps
byWeaveworks
 
PDF
Kubernetes Networking
byCJ Cullen
 
PDF
Deep dive into Kubernetes Networking
bySreenivas Makam
 
PDF
Replacing iptables with eBPF in Kubernetes with Cilium
byMichal Rostecki
 
PPTX
OpenvSwitch Deep Dive
byrajdeep
 
Introduction to kubernetes
byGabriel Carro
 
Hands-On Introduction to Kubernetes at LISA17
byRyan Jarvinen
 
Cloud Native Networking & Security with Cilium & eBPF
byRaphaël PINSON
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
byWeaveworks
 
Kubernetes Networking
byCJ Cullen
 
Deep dive into Kubernetes Networking
bySreenivas Makam
 
Replacing iptables with eBPF in Kubernetes with Cilium
byMichal Rostecki
 
OpenvSwitch Deep Dive
byrajdeep
 

What's hot

PDF
Introduction to Kubernetes Workshop
byBob Killen
 
PPTX
Introduction to kubernetes
byRishabh Indoria
 
PDF
Kubernetes Networking with Cilium - Deep Dive
byMichal Rostecki
 
PDF
Kubernetes Architecture - beyond a black box - Part 1
byHao H. Zhang
 
PPTX
Adopting OpenTelemetry
byVincent Behar
 
PDF
Kubernetes - A Comprehensive Overview
byBob Killen
 
PPTX
Kubernetes for Beginners: An Introductory Guide
byBytemark
 
PDF
OpenShift Kubernetes Native Infrastructure for 5GC and Telco Edge Cloud
byHidetsugu Sugiyama
 
PDF
Kubernetes security
byThomas Fricke
 
PDF
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
byEdureka!
 
PPTX
Service Discovery In Kubernetes
byKnoldus Inc.
 
PPTX
Kubernetes Cluster vs Nodes vs Pods vs Containers Comparison
byjeetendra mandal
 
PDF
An Introduction to Kubernetes
byImesh Gunaratne
 
PDF
Kubernetes 101
byCrevise Technologies
 
PDF
Distributed tracing using open tracing &amp; jaeger 2
byChandresh Pancholi
 
PPTX
OpenTelemetry For Operators
byKevin Brockhoff
 
PPTX
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
byvivekkonnect
 
PPTX
The Basic Introduction of Open vSwitch
byTe-Yen Liu
 
PDF
Istio service mesh introduction
byKyohei Mizumoto
 
PDF
Linux Networking Explained
byThomas Graf
 
Introduction to Kubernetes Workshop
byBob Killen
 
Introduction to kubernetes
byRishabh Indoria
 
Kubernetes Networking with Cilium - Deep Dive
byMichal Rostecki
 
Kubernetes Architecture - beyond a black box - Part 1
byHao H. Zhang
 
Adopting OpenTelemetry
byVincent Behar
 
Kubernetes - A Comprehensive Overview
byBob Killen
 
Kubernetes for Beginners: An Introductory Guide
byBytemark
 
OpenShift Kubernetes Native Infrastructure for 5GC and Telco Edge Cloud
byHidetsugu Sugiyama
 
Kubernetes security
byThomas Fricke
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
byEdureka!
 
Service Discovery In Kubernetes
byKnoldus Inc.
 
Kubernetes Cluster vs Nodes vs Pods vs Containers Comparison
byjeetendra mandal
 
An Introduction to Kubernetes
byImesh Gunaratne
 
Kubernetes 101
byCrevise Technologies
 
Distributed tracing using open tracing &amp; jaeger 2
byChandresh Pancholi
 
OpenTelemetry For Operators
byKevin Brockhoff
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
byvivekkonnect
 
The Basic Introduction of Open vSwitch
byTe-Yen Liu
 
Istio service mesh introduction
byKyohei Mizumoto
 
Linux Networking Explained
byThomas Graf
 

Similar to Introduction to the Container Network Interface (CNI)

PDF
Writing the Container Network Interface(CNI) plugin in golang
byHungWei Chiu
 
PPTX
Comparison of existing cni plugins for kubernetes
byAdam Hamsik
 
PDF
Container Networking Deep Dive
byOpen Networking Summit
 
PDF
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
byJuraj Hantak
 
PPTX
Introduction to CNI (Container Network Interface)
byHungWei Chiu
 
PDF
Network plugins for kubernetes
byinwin stack
 
PDF
Demystfying container-networking
byBalasundaram Natarajan
 
PDF
Container Network Interface: Network Plugins for Kubernetes and beyond
byKubeAcademy
 
PDF
Overlay/Underlay - Betting on Container Networking
byLee Calcote
 
PDF
Packet walks in_kubernetes-v4
byInfraEngineer
 
PDF
Cloud Native Networking for Containers in AWS using CNI Plugins
byaniait
 
PDF
Practical CNI
byLinuxCon ContainerCon CloudOpen China
 
PPTX
Container world hybridnetworking_rev2
byPrem Sankar Gopannan
 
PPTX
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
byCynthia Thomas
 
PDF
KubernetesNetworkingAndImplementation-Lecture.pdf
byAnkitShukla661141
 
PDF
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
byNETWAYS
 
PDF
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
byNETWAYS
 
PDF
Azure meetup cloud native concepts - may 28th 2018
byJim Bugwadia
 
PPTX
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
byinwin stack
 
PDF
poster
byNimay Desai
 
Writing the Container Network Interface(CNI) plugin in golang
byHungWei Chiu
 
Comparison of existing cni plugins for kubernetes
byAdam Hamsik
 
Container Networking Deep Dive
byOpen Networking Summit
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
byJuraj Hantak
 
Introduction to CNI (Container Network Interface)
byHungWei Chiu
 
Network plugins for kubernetes
byinwin stack
 
Demystfying container-networking
byBalasundaram Natarajan
 
Container Network Interface: Network Plugins for Kubernetes and beyond
byKubeAcademy
 
Overlay/Underlay - Betting on Container Networking
byLee Calcote
 
Packet walks in_kubernetes-v4
byInfraEngineer
 
Cloud Native Networking for Containers in AWS using CNI Plugins
byaniait
 
Practical CNI
byLinuxCon ContainerCon CloudOpen China
 
Container world hybridnetworking_rev2
byPrem Sankar Gopannan
 
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
byCynthia Thomas
 
KubernetesNetworkingAndImplementation-Lecture.pdf
byAnkitShukla661141
 
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
byNETWAYS
 
OSDC 2017 | The evolution of the Container Network Interface by Casey Callend...
byNETWAYS
 
Azure meetup cloud native concepts - may 28th 2018
byJim Bugwadia
 
Integrate Kubernetes into CORD(Central Office Re-architected as a Datacenter)
byinwin stack
 
poster
byNimay Desai
 

More from Weaveworks

PDF
GitOps Testing in Kubernetes with Flux and Testkube.pdf
byWeaveworks
 
PDF
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
byWeaveworks
 
PDF
Six Signs You Need Platform Engineering
byWeaveworks
 
PDF
Intro to GitOps with Weave GitOps, Flagger and Linkerd
byWeaveworks
 
PDF
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
byWeaveworks
 
PDF
Building internal developer platform with EKS and GitOps
byWeaveworks
 
PDF
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
byWeaveworks
 
PDF
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
byWeaveworks
 
PDF
Implementing Flux for Scale with Soft Multi-tenancy
byWeaveworks
 
PDF
Flux Beyond Git Harnessing the Power of OCI
byWeaveworks
 
PDF
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
byWeaveworks
 
PDF
The Story of Flux Reaching Graduation in the CNCF
byWeaveworks
 
PDF
Weave AI Controllers (Weave GitOps Office Hours)
byWeaveworks
 
PDF
Flux’s Security & Scalability with OCI & Helm Slides.pdf
byWeaveworks
 
PDF
Flamingo: Expand ArgoCD with Flux (Office Hours)
byWeaveworks
 
PDF
Flux Security & Scalability using VS Code GitOps Extension
byWeaveworks
 
PDF
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
byWeaveworks
 
PDF
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
byWeaveworks
 
PDF
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
byWeaveworks
 
PDF
How to Avoid Kubernetes Multi-tenancy Catastrophes
byWeaveworks
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
byWeaveworks
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
byWeaveworks
 
Six Signs You Need Platform Engineering
byWeaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
byWeaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
byWeaveworks
 
Building internal developer platform with EKS and GitOps
byWeaveworks
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
byWeaveworks
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
byWeaveworks
 
Implementing Flux for Scale with Soft Multi-tenancy
byWeaveworks
 
Flux Beyond Git Harnessing the Power of OCI
byWeaveworks
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
byWeaveworks
 
The Story of Flux Reaching Graduation in the CNCF
byWeaveworks
 
Weave AI Controllers (Weave GitOps Office Hours)
byWeaveworks
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
byWeaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
byWeaveworks
 
Flux Security & Scalability using VS Code GitOps Extension
byWeaveworks
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
byWeaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
byWeaveworks
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
byWeaveworks
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
byWeaveworks
 

Recently uploaded

PDF
Princeton RSE: What's new in Python π (3.14)
byHenry Schreiner
 
PDF
Princeton 2026: Tools That Help You
 Write Better Code
byHenry Schreiner
 
PDF
How Fireworks AI Achieves 1TB_s+ Throughput for Model Deployment Across Multi...
byAlluxio, Inc.
 
PPTX
Architectural Styles in Software Engineering
byM Munim
 
PPTX
Instrumentation.Instrumentation.Instrumentation.pptx
byDavid Kurtz
 
PDF
IT Estate Modernization Solutions for Cloud-Ready Businesses.pdf
byAstuteBusiness
 
PDF
Software Development Life Cycle (SDLC).pdf
byflutterlyuser
 
PPTX
Project System Presentation details process presentation
bytejpratappandey4
 
PPTX
NetworkMediaWireless (1).pptxunsnsndjdjdjjdnd
byre7022
 
PPTX
Feasibility Analysis in System Development Using Data Flow Diagrams
byM Munim
 
PDF
The Future of Microsoft Project Management Tools - Connecting Teams, Work, an...
byOnePlan Solutions
 
PDF
828275126-INTUNE-Instructor-Handout-Part2.pdf
byamdusias67
 
PDF
our environment ppt made by many people name rarang yadav
byrarang180
 
PDF
Enterprise Software’s Role in Data-Driven Decisions
byShiv Technolabs Pvt. Ltd.
 
PDF
Healthcare Mobile App Development: Features & Benefits
byjoealwyn38
 
PPTX
Business Central and Copilot pitch deck ppt
byjonbravetti
 
PDF
Problem Solving_20241203_220045_0000.pdf
bythakurayush00991
 
PDF
Incident Management Roles & Responsibilities.pdf
byTaskCall
 
PPTX
ONLINE TRAVEL BUSINESS SOFTWARE | BUSINESS TRAVEL SOFTWARE
byphilipnathen82
 
PPTX
Free AI Paraphrasing Tool to Rewrite Sentences – SENTENCIFY
bySENTENCIFY
 
Princeton RSE: What's new in Python π (3.14)
byHenry Schreiner
 
Princeton 2026: Tools That Help You
 Write Better Code
byHenry Schreiner
 
How Fireworks AI Achieves 1TB_s+ Throughput for Model Deployment Across Multi...
byAlluxio, Inc.
 
Architectural Styles in Software Engineering
byM Munim
 
Instrumentation.Instrumentation.Instrumentation.pptx
byDavid Kurtz
 
IT Estate Modernization Solutions for Cloud-Ready Businesses.pdf
byAstuteBusiness
 
Software Development Life Cycle (SDLC).pdf
byflutterlyuser
 
Project System Presentation details process presentation
bytejpratappandey4
 
NetworkMediaWireless (1).pptxunsnsndjdjdjjdnd
byre7022
 
Feasibility Analysis in System Development Using Data Flow Diagrams
byM Munim
 
The Future of Microsoft Project Management Tools - Connecting Teams, Work, an...
byOnePlan Solutions
 
828275126-INTUNE-Instructor-Handout-Part2.pdf
byamdusias67
 
our environment ppt made by many people name rarang yadav
byrarang180
 
Enterprise Software’s Role in Data-Driven Decisions
byShiv Technolabs Pvt. Ltd.
 
Healthcare Mobile App Development: Features & Benefits
byjoealwyn38
 
Business Central and Copilot pitch deck ppt
byjonbravetti
 
Problem Solving_20241203_220045_0000.pdf
bythakurayush00991
 
Incident Management Roles & Responsibilities.pdf
byTaskCall
 
ONLINE TRAVEL BUSINESS SOFTWARE | BUSINESS TRAVEL SOFTWARE
byphilipnathen82
 
Free AI Paraphrasing Tool to Rewrite Sentences – SENTENCIFY
bySENTENCIFY
 

Introduction to the Container Network Interface (CNI)

  • 1.
    Introduction to August 24,2017 Webinar Series
  • 2.
    Your Presenters 2 Ken Owens VPDigital Native Architecture Mastercard Bryan Boreham Director of Engineering, WeaveWorks @bboreham
  • 3.
    Agenda What is CNI? Whouses CNI - runtimes and plugins Recent developments The Future 3
  • 4.
    CNI in theCNCF Reference Architecture 4 • Resource Management • Image Management • Container Management • Compute Resources • Cloud Native – Network • Network Segmentation and Policy • SDN & APIs (eg CNI, libnetwork) • Cloud Native- Storage • Volume Drivers/Plugins • Local Storage Management • Remote Storage Access Application Definition/ Development Orchestration & Management Runtime Provisioning Infrastructure (Bare Metal/Cloud)
  • 5.
    What is CNI? •The simplest possible interface between container runtime and network implementation • Originated at CoreOS as part of Rkt • Now a CNCF project 5
  • 6.
    What is CNI? 6 NetPlugin Runtime CNI commands and network config Config Configures Network
  • 7.
    What does aCNI call look like? Set some environment variables and go! CNI_COMMAND=ADD CNI_CONTAINERID=$id CNI_NETNS=/proc/$pid/ns/net CNI_PATH=/opt/cni/bin CNI_IFNAME=eth0 my-plugin < my-config 7 Can be either ADD, DEL or VERSION A JSON document defining the network
  • 8.
    { "cniVersion": "0.3.0", "name": "mynet", "type":"my-plugin", "some-parameter": "foo", "ipam": { "type": "host-local", "subnet": "10.42.0.0/24", } } What does a CNI config look like? 8 Tells the plugin what version the caller is using The caller should look for a plugin with this name First plugin will call a second plugin with this name
  • 9.
    Network plugin callsIPAM plugin 9 Net Plugin Runtime IPAM Plugin CNI params and network config Passes same params and network config Config
  • 10.
    CNI project repo https://github.com/containernetworking/cni •CNI Specification: the API between runtimes and network plugins • Conventions: extensions to the API that are not required for all plugins • Library: a Go implementation of the CNI specification that plugins and runtimes can use •5 maintainers •63 contributors from 10+ companies •785 stars 10
  • 11.
    CNI plugins repo https://github.com/containernetworking/plugins Main:interface-creating • bridge • ipvlan • loopback • macvlan • ptp • vlan IPAM: IP address allocation • dhcp • host-local 11 Meta: other plugins •flannel •tuning •portmap Sample •The sample plugin provides an example for building your own plugin.
  • 12.
    3rd party plugins WeaveNet Project Calico Contiv SR-IOV Cilium Infoblox Multus Romana CNI-Genie Container runtimes rkt - container engine Kubernetes Kurma - container runtime Cloud Foundry - a platform for cloud applications Mesos - a distributed systems kernel Ecosystem 12
  • 13.
    Quote “Our forthcoming ECSTask Networking capabilities are written as a CNI plugin, and we expect CNI to be the basis for all container-based networking on AWS.” - Adrian Cockroft, VP of Cloud Architecture, AWS 13
  • 14.
    Recent developments • Chaining(new in 0.5) – Configure a list of plugins, not just one – Runtime will call each one in turn – Capability arguments give extra info to the runtime • IPv6 (completed in 0.6) – Spec now allows multiple addresses to be returned – All base plugins support IPv6 14
  • 15.
    Chaining config listexample { "cniVersion": "0.3.0", "name": "weave", "plugins": [ { "type": "weave-net", "hairpinMode": true }, { "type": "portmap", "capabilities": { "portMappings": true }, "snat": true } ] } 15
  • 16.
    Chaining multiple plugins 16 NetPlugin Runtime portmap Plugin Includes result from previous plugin Config list
  • 17.
    Looking forward GET command –For runtime to query the status of an interface Kubernetes kubenet as pure CNI – Currently part CNI and part embedded inside kubelet CNI v1.0 – Stable spec, with strategy and tooling for backwards compatibility – Complete test coverage – Release from CI 17
  • 18.
    Summary CNI is asimple interface based on environment variables and JSON Open Source, lots of runtimes and plugins use it We welcome new implementers Please comment on the spec before 1.0! 18
  • 19.
    Thank You 19 https://github.com/containernetworking/cni Email: cni-dev@googlegroups.com IRC:#containernetworking channel on freenode.org Slack: containernetworking.slack.com