logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Antonio Ojea Garcia, Fernando Gont
2023-04-21

Kubernetes is a scalable distributed system and networking is a central part of it. IPv6 is an important protocol for Kubernetes, because it solves the problem about IP address exhaustion. The project has been working on implementing it for a long time, supporting IPv6 single-stack clusters since its version 1.18, and dual-stack clusters since version 1.23 March 2020. Kubernetes is also an Open Source project, driven by the community, and the development doesn’t follow a strict and well documented process, with architectural decisions and implementation details not being well documented at times. However, the project is very serious abouts its APIs, with a strong commitment to not breaking compatibility. This allows the project to have a quick feedback loop delivering new features, and allows other projects to have an opportunity to add. During this talk Antonio Ojea, Kubernetes maintainer and developer, and Fernando Gont, author of multiple IETF IPv6 protocol specifications , will do an exhaustive analysis of the Kubernetes IPv6 architecture and take a look “under the hood” to explain the myths, legends and realities of IPv6 in Kubernetes.
Authors: Daniel Borkmann, Nikolay Aleksandrov
2022-10-27

tldr - powered by Generative AI

The talk is about the possibility of IPv6-only clusters addressing scale and performance requirements in data center networks.
  • Psyllium experiment started in 2016 with IPv6-only container networking using EBPF and XDP
  • IPv6 adoption has progressed in Kubernetes and hyperscale environments
  • IPv6 offers more IPAM flexibility and larger cluster scale
  • IPv6-only clusters unlock new Linux kernel innovations in networking and EBPF for data intensive workloads
  • Cilium's networking data plane enables a low-latency architecture suitable for BIG TCP-based workloads requiring IPv6 for 100Gbit/s transfers and beyond for a single socket
  • Cilium developed a new veth driver replacement for the kernel to achieve host networking performance characteristics for Pods
  • With the resulting EBPF forwarding architecture, most unneeded parts of the stack are bypassed, drastically improving networking
Authors: Cynthia Thomas
2022-10-25

tldr - powered by Generative AI

The presentation discusses IP management challenges faced by Kubernetes cluster operators and the solutions introduced by the Kubernetes networking team to mitigate these challenges.
  • Kubernetes clusters require IP addressing for network communication between pods and agents on nodes.
  • Assigning large IP blocks for Kubernetes constructs can cause fragmentation problems within organizations and make it difficult to migrate workloads to new clusters.
  • The Kubernetes networking team has introduced solutions such as single stack IPv6 and IPv4 only support, dual stack IPv4 and IPv6 support, and multiple cluster ciders support for node ipam to address these challenges.
  • Upcoming solutions include multiple service ciders and reserving static and dynamic allocation for service IP ranges.
  • Best practices for Kubernetes IP management include starting with a smaller application allocation for IP address ciders and gradually building up, and moving towards IPv6.
  • The networking community is being asked for feedback on the possibility of mixed mode services.
Authors: Rags Srinivas, Bridget Kromhout, Lachie Evenson, Tim Hockin, Dinesh Majrekar
2022-05-20

tldr - powered by Generative AI

The presentation discusses the implementation of IPv6 in Kubernetes and its potential benefits for end-users and developers.
  • Kubernetes can abstract the challenges of IPv6 addressing and make it easier for developers to adopt
  • IPv6 implementation in Kubernetes can make pods addressable and routable on the internet, which can be dangerous without proper education and resources
  • The addition of optional APIs in Kubernetes allows for more control over IPv6 implementation
  • The goal is to have more end-users up on stage discussing their experiences with IPv6 implementation in Kubernetes
Authors: Justin Santa Barbara, John Gardiner Myers, Ciprian Hacman, Ole Markus
2022-05-18

kOps has been adding support for IPv6 clusters. Learn about the design of and challenges faced in providing a turnkey IPv6 Kubernetes infrastructure, including on AWS and other clouds. kOps maintainers will describe the use cases they are targeting, the network architecture they chose, and how they are managing address allocation. They will give details on the components, both internal and in upstream projects, that needed changes to support IPv6 and the bugs and limitations they had to work around. They will also reveal trivia, such as why the kOps service network is fd00:5e4f:ce::/108.Click here to view captioning/translation in the MeetingPlay platform!
Authors: Tim Hockin, Bowei Du
2021-10-13

tldr - powered by Generative AI

Updates and directions on Kubernetes Network Components presented at SIG-NETWORK conference
  • SIG-NETWORK is responsible for Kubernetes network components such as pod networking, ingress and egress traffic, service abstractions, and network policies
  • The SIG is focused on major projects such as dual stack support, gateway API for L4 and L7, and network policy improvements
  • IPv4 v6 dual stack is now GA and services and pods now support both IPv4 and IPv6
  • Gateway API has made significant progress towards v1 alpha 2 and aims to be role-oriented and extensible
  • Reference policy governs whether or not a given resource is allowed to be referenced from another namespace
  • A CVE was discovered in the 122-123 cycle regarding endpoint or endpoint slice APIs directing traffic with unintended effects
  • The mitigation for this issue is to treat the ability to create, modify endpoint and endpoint slices as a privileged operation and remove this capability from the ordinary users of your cluster