Kubernetes (sometimes referred to as K8s) is an open-source platform that is used to manage and automate the deployment, scheduling, monitoring, maintenance, and operation of application containers across a cluster of machines.
Developed by Google, networking with Kubernetes allows administrators to move workloads across private, public, and hybrid cloud infrastructures. Developers use Kubernetes to package software applications with their required infrastructure and deploy new versions quickly.
Kubernetes networking allows Kubernetes components to communicate with each other and with other applications. The Kubernetes platform is different from other networking platforms because it is based on a flat network structure that eliminates the need to map host ports to container ports. The Kubernetes platform provides a way to run distributed systems, sharing machines between applications without dynamically allocating ports.
A Kubernetes Pod network connects several interrelated components:
The different components in the Kubernetes platform (Pods, containers, nodes, applications) use different networking methods to communicate. There is container-to-container communication, Pod-to-Pod communication, Pod-to-service communication, and external-to-service communication.
Pod-to-Pod communication is the foundation of Kubernetes. Pods communicate with each other following network policies set by the network plugin, communicating with other Pods without explicitly creating links between them or mapping container ports to host ports. Because Pods share the same network namespace and have their own IP addresses, they can find and communicate with all other Pods on all nodes using localhost, without using network address translation (NAT).
One of the challenges of Kubernetes networking is addressing how internal (east-west) traffic and external (north-south) traffic interact, because the internal network is isolated from the external network. However, traffic that flows between nodes can also flow to and from nodes and an external physical or virtual machine. There are a few different ways of getting external traffic into a Kubernetes cluster:
One more important aspect of Kubernetes networking is the Container Networking Interface, or CNI. The CNI connects Pods across nodes, acting as an interface between a network namespace and a network plug-in or a network provider and a Kubernetes network. There are many different CNI providers and plug-ins to choose from with different sets of features and functionality. CNI plug-ins have the ability to dynamically configure a network and resources as Pods are provisioned and destroyed. They provision and manage IP addresses as containers are created and deleted. Kubernetes is the default networking provider for Kubernetes, but CNI plug-ins such as Flannel, Calico, Canal, and Weave Net offer additional features.
Network administrators can implement the Kubernetes networking model in a wide variety of different ways. Gartner recognized the following Kubernetes networking examples as “Visionary” in its 2019 Magic Quadrant for Data Center Networking report: