Introducing Kube-router

[Murali Reddy]

Hi All,

I would like to introduce Kube-router to the community.

What is Kube-router?

Kube-router is a distributed load balancer, firewall and router for Kubernetes. Kube-router runs as daemon set and can be configured to provide on each cluster node:

• an IPVS/LVS based service proxy on each node for ClusterIP and NodePort service types, providing service discovery and load balancing
• an ingress firewall for the pods running on the node as per the defined Kubernetes network policies using iptables and ipset
• a BGP router to advertise and learn the routes to the pod IP's for cross-node pod-to-pod connectivity

Motivation for Kube-router?

• one cohesive solution that deals with all aspects of east-west traffic needs of Kubernetes and enable unique use-cases (for e.g routing combined with service proxy etc)
  
• provides IPVS based service proxy for Kubernetes which many users have been asking for
• builds on standard Linux technologies, so you can verify the configuration and troubleshoot with standard Linux networking tools (ipvsadm, ip route, iptables, ipset, traceroute, tcpdump etc)

Very short (4 min) demo of end-to-end solution can be found here.

A few more detailed demos for each of the core functionality:

IPVS service proxy: https://asciinema.org/a/120312

Iptable based network policy enforcer: https://asciinema.org/a/120735 

BGP router for pod networking: https://asciinema.org/a/120885

Some of the design details can be found in the project wiki.

Core of Kube-router is extremely small (~2000 lines) and builds on the standard linux networking technolgies. I would greatly appriciate any inputs and comments.

Regards,

Murali Reddy