Today, we are happy to release a preview of Romana v2.0, which includes important architectural advances that increase deployment flexibility and simplify operations. This is a major update and we are all anxious for users to try it out as soon as possible, which is why we made a preview release of Romana v2.0 available in its own code branch.
Romana v2.0 includes new topology aware IPAM and network advertisement for deployment in routed networks. This preview release focuses on the parts of Romana that enable new deployment options in EC2 including native VPC networking for large, multi-zone and HA clusters.
Topology aware IPAM and network advertisement
Fundamental to Romana is intelligent IP address management that lets real network CIDRs define isolation boundaries for microsegmentation. This has numerous advantages including eliminating overlays and the ability to use route aggregation to minimize network updates, which enables higher performance and simpler, more secure operations.
Romana v1.x IPAM provided simple IP address allocation, which in some circumstances could result in inefficient use of addresses. Furthermore, v1.x IPAM was not topology aware: It could not maintain shared CIDRs for workload addresses across parts of the network topology.
Romana v2.0 with topology-aware IP Address Management and network advertisement support solves both of these problems.
Topology-aware IPAM lets operators capture network topology so that Kubernetes has the flexibility it needs to schedule pods anywhere on the network, even across different subnets.
Romana uses real network CIDRs for entire sections of the network topology. Simple network advertisements automatically configure upstream network devices with routes to those CIDRs. New endpoints (for example pods) are immediately reachable without requiring individual route updates or announcements.
Without network advertisement, Romana v1.0 when deployed on routed networks was limited to run as configured when first installed. Updating the cluster required manual network configuration. Network advisement now allows routers to learn new routes for hands-off automated operation. Romana v2.0 supports both BGP and OSPF protocols for network advertisement.
Network advertisement in EC2
For network advertisement in EC2, Romana v2.0 updates the VPC route table directly via the API in a manner similar to kubnet’s EC2 cloud provider function. This lets applications use native VPC networking, avoid an overlay and deliver the highest network performance possible.
In addition, unlike kubnet, Romana aggregates routes. This means that large clusters can be built without running out of VPC routes. Romana v2.0 will configure Kubernetes nodes to forward traffic to other nodes, effectively turning them into routers. More details are available here.
Romana performs healthchecks and configures a failover route on instance failure. Robust routing with automatic failover allows users to confidently build HA clusters across availability zones that use native VPC networking.
Together, these new features enable native VPC networking on clusters of any size deployed on one or more zones.
Romana v2.0 available now
Romana v2.0 preview is available today, here on GitHub. See release notes for details on supported capabilities and configurations.