English
Our Service
Other service

CNI

Overview

CNI (Container Network Interface) is a standard set of tools that provides networking capabilities to containers in a Kubernetes cluster. Simply put, CNI is an abstraction layer that helps Kubernetes manage and configure networking for pods (a collection of containers sharing the same network) in a flexible and efficient way.

How does CNI work?

When you create a new pod, Kubernetes calls CNI to create a network interface for that pod. The CNI plugin performs the following tasks:

  • Assign IP address: Assign a unique IP address to the pod.

  • Routing configuration: Set up routing rules that allow communication between pods,...

Additionally, the connections work as follows:

  • Connecting within the same VPC : Nodes within the same VPC will connect directly to each other.

  • Connecting between different VPCs : Use VPC Peering to connect nodes between different VPCs.

  • Connect to external infrastructure: Use networking solutions such as site-to-site VPN or Direct Connect to connect from nodes in VPC to external infrastructures (On Cloud, On-premise).

This helps maintain a continuous, flexible, and secure network infrastructure in a multi-cloud or hybrid-cloud environment.

Comparison between CNI plugins

Currently, VKS is providing 3 popular CNI plugins: Calico Overlay, Cilium Overlay, Cilium VPC Native Routing. In which:

  • Calico Overlay : Uses overlay model through tunneling ( IP-in-IP ). Compatible with many infrastructures but performance can be affected by tunnel overhead .

  • Cilium Overlay : Also uses the overlay model but has strong integration with eBPF , which improves performance, security, and scalability.

  • Cilium VPC Native Routing : Uses eBPF and no overlay required , leveraging the routing capabilities of the VPC infrastructure, providing the best performance and scalability.

When to use Calico Overlay : simple to use, does not require too high performance.

When to use Cilium Overlay : simple to use, does not require too high performance but requires intensive monitoring (Hubble).

When to use Cilium VPC Native Routing : high performance requirements, easy connectivity to external systems , and in-depth monitoring needs (Hubble).

PreviousNLB LimitationNextUsing CNI Calico Overlay

Last updated

Logo

Address

VNG Corporation

Contact us

support@vngcloud.vn1900 1549

About us

About VNG CloudGet started our cloud