WeaveNet CNI

WeaveNet CNI is a Container Network Interface (CNI) plugin developed by Weaveworks. It is a simple and easy-to-use networking solution for Docker and Kubernetes that allows containers to communicate with each other across hosts.

Features

• Fast and lightweight
• Supports both Docker and Kubernetes
• Easy to deploy and manage
• Seamless integration with other Weave products
• Secure by default with built-in encryption and authentication

How it Works

WeaveNet CNI creates a virtual network overlay using VXLAN to connect containers across different hosts. When a container is launched, WeaveNet assigns it a unique IP address within the virtual network, making it reachable by other containers in the same network.

Here is an example of how to deploy WeaveNet in a Kubernetes cluster:

apiVersion: v1
kind: ConfigMap
metadata:
  name: weave
  namespace: kube-system
data:
  weave.yaml: |
    apiVersion: weave.works/v1alpha1
    kind: Configuration
    spec:
      IPAllocationMethod: "can-reclaim"
      Password: "{{weave-password}}"
      EncryptionConfig:
        peers:
        - name: "{{NodeName}}"
          publicKey: "{{NodePublicKey}}"
          cert: "{{NodeCert}}"
          trustedCAs: ["{{CA}}"]
        trustedPeers:
        - name: "{{NodeName}}"
          publicKey: "{{NodePublicKey}}"
          cert: "{{NodeCert}}"

---

kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: weave-net
  namespace: kube-system
  labels:
    name: weave-net
spec:
  selector:
    matchLabels:
      name: weave-net
  template:
    metadata:
      labels:
        name: weave-net
    spec:
      hostNetwork: true
      containers:
      - name: weave
        image: weaveworks/weave-kube:2.8.1
        command: ["/home/weave/launch.sh", "kube-launch"]
        env:
        - name: HOSTNAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: WEAVE_PASSWORD
          valueFrom:
            secretKeyRef:
              name: weave-passwd
              key: password
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: IPALLOC_RANGE
          value: 10.24.0.0/13
        - name: WEAVE_CIDR
          value: 10.32.0.0/12
        securityContext:
          privileged: true
        volumeMounts:
        - name: lib-modules
          mountPath: /lib/modules
          readOnly: true
        - name: weave-net-cfg
          mountPath: /host/etc/weave.conf
          readOnly: true
      volumes:
      - name: lib-modules
        hostPath:
          path: /lib/modules
      - name: weave-net-cfg
        configMap:
          name: weave
          items:
            - key: weave.yaml
              path: weave.conf

This YAML file creates a ConfigMap that defines the WeaveNet configuration and a DaemonSet that deploys the WeaveNet container to each node in the Kubernetes cluster.

Conclusion

WeaveNet CNI is a simple and powerful networking solution for Docker and Kubernetes that makes it easy to connect containers across different hosts. With its fast performance, easy deployment, and powerful features, WeaveNet is a great choice for any container-based environment.