Kubernetes: Weave Net CNI Plugin
Weave Net is a CNI plugin that creates a virtual network for Kubernetes clusters. It installs a Weave Net container on each node, creating a virtual switch for containers. If a packet is sent to a container on the same node, it is routed through the virtual switch. However, if the packet is sent to a container on a different node, it is sent to the Weave Net container on the local node, encapsulated in a VXLAN header, and then sent to the Weave Net container on the destination node. The destination Weave Net container then decapsulates the packet and sends it to the destination container.
How Weave Net’s CNI Plugin Works at a High Level
Weave Net is a popular CNI plugin that provides a simple and flexible network for Kubernetes clusters. Weave Net creates a virtual network that spans all nodes in the cluster, allowing containers to communicate with each other within and across hosts, without requiring any manual configuration.
Here’s a step-by-step explanation of how Weave Net sets up agents on each node and sends packets across different nodes:
- Weave Net installs a daemonset on each node in the cluster. The daemonset creates a Weave Net container that runs alongside other containers on the node.
- When the Weave Net container starts up, it creates a virtual network interface on the host system, which acts as a virtual switch for the containers on the node.
- When a pod is created on the node, the kubelet invokes the Weave Net CNI plugin to configure the network for the pod.
- The Weave Net plugin creates a virtual interface for the pod, and configures it to use the virtual switch created by the Weave Net container.
Send a packet to another container on the same node
- When a container in the pod sends a packet to another container on the same node, the packet is routed through the virtual switch.
Send a packet to another container on a different node
- When a container in the pod sends a packet to a container on a different node, the packet is sent to the Weave Net container on the local node.
- The Weave Net container encapsulates the packet in a VXLAN header, which is used to tunnel the packet across the virtual network.
- The Weave Net container sends the encapsulated packet to the Weave Net container on the destination node.
- The destination Weave Net container decapsulates the packet, and sends it to the destination container.
- The destination container receives the packet, and can send a response back to the source container in a similar fashion.
A Restaurant Chain Analogy for Weave Net’s Seamless Communication
Imagine you are the manager of a chain of restaurants located in different cities, each with its own kitchen staffed by chefs and waiters. To ensure smooth communication between these teams, you hire Weave Net, a company that specializes in seamless communication within and across restaurants.
Weave Net representatives are sent to each restaurant, working closely with chefs to prepare and deliver food correctly. If the food is to be served within the same restaurant, it is sent directly to the waiter. However, if it needs to be served in another location, the Weave Net representative at the local restaurant packages it in a delivery box labeled with the destination restaurant.
The packaged food is then sent to the Weave Net representative at the destination restaurant, who delivers it to the correct waiter. The customer receives their food as if it were cooked in their own kitchen, and the chef and waiter can communicate with ease.
These are my personal notes for CKA exam preparation on Kubernetes. Please feel free to correct me if you notice any errors. 😊
Related story:
Reference: