Today, Cloud Native applications have very simple network requirements: discoverable service endpoints with routable IP addresses. This allows Kubernetes to be deployed easily on any network, including public and private IaaS, and even across the Internet. However, as Kubernetes looks to introduce multi-tenancy, and as applications require more sophisticated access control and traffic management policies, network segmentation for isolation and traffic control will be necessary.
One common approach for multi-tenant networking is to deploy a virtual network using VXLAN overlays and an SDN controller. VXLAN segmentation provides the isolation necessary for network multi-tenancy and enables policy based security and traffic management. However, building and managing overlay virtual networks is complex and introduces a number of difficult operational challenges.
In this session, we introduce Romana, a new open source SDN solution that lets operators build Cloud Native Networks without the complexity of virtual network overlays. Romana networks provide multi-tenancy directly on the physical network, which makes them easier to operate and perform better than overlay virtual networks.
We will also show Kubernetes with multi-tenant networks and how to apply network security policies using CNI and the new NetworkPolicy Third Party Resource in Kubernetes 1.2.
The inaugural KubeCon event in San Francisco last year was a tremendous success and every indication is that there’s even more interest today. If you want to learn more about Kubernetes and where Cloud Native apps are headed, as well as all ways it’s being deployed in production, KubeCon is where you need to be.
Hope to see you there!