Over the last few releases, we have been enhancing our support for container networking and security policies. We described the Nuage Networks VSP 4.0 functionality in previous blog posts, and here we will go into further detail on container-related capabilities.
Containers are well on their way to adoption in production environments, not only in startups, but also in enterprises and service providers. Over the past year, container orchestration has seen a lot of innovation across different platforms such as Kubernetes (K8S), Mesos and Docker.
There has been some standardization of container networking models, allowing networking plugins to be developed against stable APIs. For example, Kubernetes and Mesos have settled on the Container Network Interface (CNI), while Docker has chosen the Container Network Model (CNM). With our latest release we are introducing new plugins based on CNM & CNI, which will ensure that Nuage Networks can seamlessly integrate with different container orchestration platforms.
One of the main requests from our users has been to make the installation and setup of the container plugins easier. We have made several enhancements in this area and will continue our focus to improve the user experience in this area.
Admins of multi-tenant clusters want the ability to allow end users to manage security policies. In order to accommodate this we are introducing a new container policy framework that can work with different orchestrators like Kubernetes and Mesos.
What’s New: Support for K8S Policy API and K8S Deployment improvements:
– Streamlined installation: Once Kubernetes is installed, users can install Nuage Networks components using our Ansible repo, ./deploy-cluster.sh –tags=nuage.
– Kubernetes Policy API (Alpha): Kubernetes 1.3 introduced a beta Network Policy API. Support for the Network Policy API (which works with OpenShift as well) will allow end users to create security policies for the Pods. This is based on a new policy framework that will be reused for other container orchestrators as well. You can learn more about this from our SDxCentral webinar.
– OpenShift High-availability deployments: Admins of multi-tenanted clusters prefer the developer mode of operation which automatically creates virtual networks for new namespaces. This release introduces support for HA deployments with the developer mode.
Docker CNM/Libnetwork plugin:
– Containerized Plugin: The new plugin is packaged as a Docker container. This means that you can manage the plugin using the tools you use to manage container images.
Mesos CNI Plugin (Alpha):
– CNI Plugin (Alpha): Mesos uses CNI as the networking model with the Mesos/Unified Containerizer. We are releasing an Alpha CNI plugin for users who want to plan their transition to the Mesos Containerizer runtime for containers, which supports the Docker image format.
– Marathon Framework for easy installation: Using a Marathon framework, the CNI plugin is automatically deployed on all Mesos Agents (aka Slaves).
Interested in learning more?
– Email us at [email protected]