Course Overview
Containerized applications are accessed over the network, but how are they connected to the network while staying isolated from each other? Participants of this training will learn about the different types of networking resources that facilitates the connectivity for containers, the Container Network Interface (CNI) as well as CNI plugins. Besides in-depth theoretical coverage students also do hands-on exercises in their own Kubernetes lab system.
Structure
50% theory 50% hands on lab exercises
Target Audience
System administrators, developers and Devops who want to understand and use Kubernetes network features.
Prerequisites
Linux container (e.g. Docker) and Kubernetes administration skills, for instance by participating in our Docker and Kubernetes administration courses.
Course Modules
Module 1: Network connectivity for containers
- Isolating network resources
- Connecting network namespaces – veth pairs
- Connecting network namespaces – linux bridge
- Connecting network namespaces – Open vSwitch
- Connecting network namespaces – routing
- Iptables introduction
- IPVS introduction
- Connecting network namespaces – macvlan
- Connecting network namespaces – ipvlan
- Connecting network namespaces – SR-IOV
- Lab 1
Module 2: CNI - Container network interface
- CNI Specification - Concepts
- CNI – Network configuration format
- CNI – Execution protocol
- CNI – Operations
- CNI – Plugin delegation
- CNI – Conventions
- Lab 2
Module 3: CNI plugins
- CNI – Reference Plugins
- Third Party Plugins – Calico
- Third Party Plugins – Multus CNI
- Third Party Plugins – Whereabouts
- Third Party Plugins – sriov-cni
- Third Party Plugins – ovs-cni
- Lab 3
Module 4: Services deep dive
- Kubernetes service implementation with iptables
- Kubernetes service implementation with ipvs
- Dual stack services