antrea

module
v1.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 23, 2023 License: Apache-2.0

README

Antrea

Antrea Logo

Build Status Go Report Card CII Best Practices License GitHub release FOSSA Status

Overview

Antrea is a Kubernetes networking solution intended to be Kubernetes native. It operates at Layer 3/4 to provide networking and security services for a Kubernetes cluster, leveraging Open vSwitch as the networking data plane.

Antrea Overview

Open vSwitch is a widely adopted high-performance programmable virtual switch; Antrea leverages it to implement Pod networking and security features. For instance, Open vSwitch enables Antrea to implement Kubernetes Network Policies in a very efficient manner.

Prerequisites

Antrea has been tested with Kubernetes clusters running version 1.16 or later.

  • NodeIPAMController must be enabled in the Kubernetes cluster.
    When deploying a cluster with kubeadm the --pod-network-cidr <cidr> option must be specified. Alternately, NodeIPAM feature of Antrea Controller should be enabled and configured.
  • Open vSwitch kernel module must be present on every Kubernetes node.

Getting Started

Getting started with Antrea is very simple, and takes only a few minutes. See how it's done in the Getting started document.

Contributing

The Antrea community welcomes new contributors. We are waiting for your PRs!

Community

Also check out @ProjectAntrea on Twitter!

Features

  • Kubernetes-native: Antrea follows best practices to extend the Kubernetes APIs and provide familiar abstractions to users, while also leveraging Kubernetes libraries in its own implementation.
  • Powered by Open vSwitch: Antrea relies on Open vSwitch to implement all networking functions, including Kubernetes Service load-balancing, and to enable hardware offloading in order to support the most demanding workloads.
  • Run everywhere: Run Antrea in private clouds, public clouds and on bare metal, and select the appropriate traffic mode (with or without overlay) based on your infrastructure and use case.
  • Comprehensive policy model: Antrea provides a comprehensive network policy model, which builds upon Kubernetes Network Policies with new features such as policy tiering, rule priorities and cluster-level policies.
  • Windows Node support: Thanks to the portability of Open vSwitch, Antrea can use the same data plane implementation on both Linux and Windows Kubernetes Nodes.
  • Troubleshooting and monitoring tools: Antrea comes with CLI and UI tools which provide visibility and diagnostics capabilities (packet tracing, policy analysis, flow inspection). It exposes Prometheus metrics and supports exporting network flow information to collectors and analyzers.
  • Network observability and analytics: Antrea + Theia enable fine-grained visibility into the communication among Kubernetes workloads. Theia provides visualization for Antrea network flows in Grafana dashboards, and recommends Network Policies to secure the workloads.
  • Network Policies for virtual machines: Antrea native policies can be enforced on non-Kubernetes Nodes including VMs and baremetal servers. Project Nephe implements security policies for VMs across clouds, leveraging Antrea native policies.
  • Encryption: Encryption of inter-Node Pod traffic with IPsec or WireGuard tunnels.
  • Easy deployment: Antrea is deployed by applying a single YAML manifest file.

To explore more Antrea features and their usage, check the Getting started document and user guides in the Antrea documentation folder. Refer to the Changelogs for a detailed list of features introduced for each version release.

Adopters

For a list of Antrea Adopters, please refer to ADOPTERS.md.

Roadmap

We are adding features very quickly to Antrea. Check out the list of features we are considering on our Roadmap page. Feel free to throw your ideas in!

License

Antrea is licensed under the Apache License, version 2.0

FOSSA Status

Directories

Path Synopsis
cmd
antrea-agent
Package main under directory cmd parses and validates user input, instantiates and initializes objects imported from pkg, and runs the process.
Package main under directory cmd parses and validates user input, instantiates and initializes objects imported from pkg, and runs the process.
antrea-agent-simulator
The simulator binary is responsible to run simulated nodes for antrea agent.
The simulator binary is responsible to run simulated nodes for antrea agent.
antrea-controller
Package main under directory cmd parses and validates user input, instantiates and initializes objects imported from pkg, and runs the process.
Package main under directory cmd parses and validates user input, instantiates and initializes objects imported from pkg, and runs the process.
flow-aggregator
Package main under directory cmd parses and validates user input, instantiates and initializes objects imported from pkg, and runs the process.
Package main under directory cmd parses and validates user input, instantiates and initializes objects imported from pkg, and runs the process.
hack
netpol Module
multicluster
apis/multicluster/v1alpha1
Package v1alpha1 is the v1alpha1 version of the API.
Package v1alpha1 is the v1alpha1 version of the API.
apis/multicluster/v1alpha2
Package v1alpha2 is the v1alpha2 version of the API.
Package v1alpha2 is the v1alpha2 version of the API.
controllers/multicluster/commonarea
Package commonarea is a generated GoMock package.
Package commonarea is a generated GoMock package.
controllers/multicluster/leader
memberclusterannounce_controller is for leader cluster only.
memberclusterannounce_controller is for leader cluster only.
pkg/client/clientset/versioned
This package has the automatically generated clientset.
This package has the automatically generated clientset.
pkg/client/clientset/versioned/fake
This package has the automatically generated fake clientset.
This package has the automatically generated fake clientset.
pkg/client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
This package contains the scheme of the automatically generated clientset.
pkg/client/clientset/versioned/typed/multicluster/v1alpha1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
pkg/client/clientset/versioned/typed/multicluster/v1alpha1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
pkg/client/clientset/versioned/typed/multicluster/v1alpha2
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
pkg/client/clientset/versioned/typed/multicluster/v1alpha2/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
test/mocks
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.
pkg
agent
Package agent contains the libraries that drive the antrea-agent binary.
Package agent contains the libraries that drive the antrea-agent binary.
agent/cniserver/ipam/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/cniserver/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/consistenthash
Package consistenthash provides an implementation of a ring hash.
Package consistenthash provides an implementation of a ring hash.
agent/flowexporter/connections/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/interfacestore/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/ipassigner/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/memberlist/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/multicast
nolint: unused // a lot of this code is unused for Windows since the multicast feature is not implemented yet
nolint: unused // a lot of this code is unused for Windows since the multicast feature is not implemented yet
agent/multicast/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/nodeportlocal/portcache
portcache maintains the state about all current NodePortLocal port mappings for this Node and takes care of configuring the host accordingly.
portcache maintains the state about all current NodePortLocal port mappings for this Node and takes care of configuring the host accordingly.
agent/nodeportlocal/portcache/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/nodeportlocal/rules/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/openflow/cookie
Package cookie implements a cookie allocator.
Package cookie implements a cookie allocator.
agent/openflow/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/proxy/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/querier/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/route/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/secondarynetwork/ipam/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/secondarynetwork/podwatch/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/servicecidr/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/types/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/util
Package util contains utility functions which are used in the agent implementation.
Package util contains utility functions which are used in the agent implementation.
agent/util/ethtool
Package ethtool provides Go wrappers for ioctl ethtool system calls on Linux
Package ethtool provides Go wrappers for ioctl ethtool system calls on Linux
agent/util/ipset/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/util/iptables/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/util/ndp
Package ndp contains functions to send NDP neighbor advertisement on Linux.
Package ndp contains functions to send NDP neighbor advertisement on Linux.
agent/util/netlink/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
agent/util/sysctl
Package systcl contains utility functions to read and write sysctl configuration on Linux.
Package systcl contains utility functions to read and write sysctl configuration on Linux.
agent/util/winfirewall
Package winfirewall contains utility functions to configure the Windows firewall.
Package winfirewall contains utility functions to configure the Windows firewall.
antctl
Package antctl provides the antctl framework and antctl command implementations.
Package antctl provides the antctl framework and antctl command implementations.
apis
Package apis contains API definitions used to interface with the different Antrea components, along with files auto-generated from these API definitions.
Package apis contains API definitions used to interface with the different Antrea components, along with files auto-generated from these API definitions.
apis/controlplane
Package controlplane contains the latest (or "internal") version of the Antrea NetworkPolicy API messages.
Package controlplane contains the latest (or "internal") version of the Antrea NetworkPolicy API messages.
apis/controlplane/v1beta2
Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages.
Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages.
apis/stats
Package stats is the internal version of the Antrea Stats API.
Package stats is the internal version of the Antrea Stats API.
apis/stats/v1alpha1
Package v1alpha1 is the v1alpha1 version of the Antrea Stats API.
Package v1alpha1 is the v1alpha1 version of the Antrea Stats API.
apis/system
Package system contains the Antrea "system" API group definitions.
Package system contains the Antrea "system" API group definitions.
apis/system/v1beta1
Package v1beta1 contains the v1beta1 version of the Antrea "system" API group definitions.
Package v1beta1 contains the v1beta1 version of the Antrea "system" API group definitions.
apiserver
Package apiserver contains code to create kubernetes-like API server for antrea-controller.
Package apiserver contains code to create kubernetes-like API server for antrea-controller.
apiserver/storage
Package storage contains storage interfaces and implementations for the apiserver.
Package storage contains storage interfaces and implementations for the apiserver.
client/clientset/versioned
This package has the automatically generated clientset.
This package has the automatically generated clientset.
client/clientset/versioned/fake
This package has the automatically generated fake clientset.
This package has the automatically generated fake clientset.
client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
This package contains the scheme of the automatically generated clientset.
client/clientset/versioned/typed/controlplane/v1beta2
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/controlplane/v1beta2/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
client/clientset/versioned/typed/crd/v1alpha1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/crd/v1alpha1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
client/clientset/versioned/typed/crd/v1alpha2
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/crd/v1alpha2/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
client/clientset/versioned/typed/crd/v1alpha3
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/crd/v1alpha3/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
client/clientset/versioned/typed/crd/v1beta1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/crd/v1beta1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
client/clientset/versioned/typed/stats/v1alpha1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/stats/v1alpha1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
client/clientset/versioned/typed/system/v1beta1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
client/clientset/versioned/typed/system/v1beta1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
cni
Package cni contains the libraries that drive the antrea-cni binary.
Package cni contains the libraries that drive the antrea-cni binary.
controller
Package controller contains the libraries that drive the antrea-controller binary.
Package controller contains the libraries that drive the antrea-controller binary.
controller/ipam
Package networkpolicy provides AntreaIPAMController implementation to manage and synchronize the GroupMembers and Namespaces affected by Network Policies and enforce their rules.
Package networkpolicy provides AntreaIPAMController implementation to manage and synchronize the GroupMembers and Namespaces affected by Network Policies and enforce their rules.
controller/networkpolicy
Package networkpolicy provides NetworkPolicyController implementation to manage and synchronize the Pods and Namespaces affected by Network Policies and enforce their rules.
Package networkpolicy provides NetworkPolicyController implementation to manage and synchronize the Pods and Namespaces affected by Network Policies and enforce their rules.
controller/networkpolicy/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
controller/querier/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
controller/types
Package types contains common types in the antrea-controller.
Package types contains common types in the antrea-controller.
flowaggregator/exporter/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
flowaggregator/querier/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
ipfix/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
log
Package log processes the klog flags, and enforces the maximum log file size and maximum log file number limits.
Package log processes the klog flags, and enforces the maximum log file size and maximum log file number limits.
ovs
Package ovs contains ovsdb and openflow interfaces and implementations.
Package ovs contains ovsdb and openflow interfaces and implementations.
ovs/openflow/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
ovs/ovsconfig/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
ovs/ovsctl/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
querier/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.
signals
Package signals contains utilities for dealing with signals.
Package signals contains utilities for dealing with signals.
util/k8s
Package k8s contains utilities for Antrea interactions with Kubernetes.
Package k8s contains utilities for Antrea interactions with Kubernetes.
version
Package version provides information about the current semantic version for the Antrea project.
Package version provides information about the current semantic version for the Antrea project.
plugins
octant Module
test
e2e
integration
Package integration provides integration tests that require a running OVS or invoking external calls on the system.
Package integration provides integration tests that require a running OVS or invoking external calls on the system.
third_party
dns
networkpolicy
This whole file is from https://github.com/digitalocean/go-openvswitch/blob/master/ovs/portrange.go
This whole file is from https://github.com/digitalocean/go-openvswitch/blob/master/ovs/portrange.go
proxy/testing
Package testing is a generated GoMock package.
Package testing is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL