Open AceHack opened 6 years ago
Yes this is in the works. Is this an on premise (standalone) deployment you need this for?
Why is this closed if it's in the works? Is there some way to track it, should this be labeled roadmap? I don't understand why this was closed. It's for both, some deployments are on-premise and some are in Azure.
Could you elaborate on the scenario where you need it to be CNI on Azure?
Yes, looking to allow for automation of infrastructure as native part of app development, using native app development tools to express repeatable, re-deployable, networking topologies. Auto setting up LB rules, multiple different ingresses with different routing rules, powerful label based network policy, cryptographic node, container, service, network namespace based identity, service mesh, automatic fast kernel level iptables like routing of services with consistent immutable IPs, automatic correlated tracing of communications, network namespaces that can be shared by multiple containers i.e. pods, immutable infrastructure, software-defined networking (SDN), software load balancers inside the cluster that don't need any Azure or external load balancers, consistency between on-premises and Azure environment, software-defined security, cheap, external resource discovery, egress, host protection, ability to use standard tools like wireshare for debugging container network traffic, the list goes on and on.
Also, I would just like to say I don't care if in Auze there is an azure specific CNI plugin used and on-premises I use a calico based CNI plugin, I just want to have a consistent application development, deployment, and management experience no matter where I run my portable application. The Azure-based CNI plugin should not overuse cloud infrastructure and make it more expensive than needed, wherever an in cluster solution makes sense it should be used instead, like in cluster load balancing. Basically, I want Layer 2-7 SDN built-in Service Fabric that only calls out to external out of cluster devices where absolutely necessary but all of that should be automated through a consistent development experience.
Oh, I hope it all goes without saying but all of this needs to support IPv6 not just IPv4 since we are in the IoT age. :)
Most container orchestrators have started using CNI, please follow suit. https://github.com/containernetworking/cni
Calico would be a great provider of CNI to use as a first class plugin https://www.projectcalico.org/