K8s Policies

Kubernetes network policies specify how groups of pods are allowed to communicate with each other and other network endpoints. Each policy is represented as an instance of the K8s resource NetworkPolicy. A policy uses labels to select a grouping of pods and specifies a list of rules that determine which traffic is allowed to and from the selected pods. Contivpp.io implements the Kubernetes Network API, including egress policies and IP blocks.

Read More
K8s Services

Service is a Kubernetes abstraction providing a convenient single entry point of access to a group of pods. In other words, a service can be thought of as a dynamic loadbalancer for a set of pods (and the containers living inside them), automatically managed by the K8s framework itself. The set of Pods targeted by a Service is (usually) determined by a Label Selector. Contivpp.io supports the mapping of k8s services to the VPP dataplane.

Read More
Networking

This section describes the network functionality of Contiv-VPP. It elaborates on the operation and config options of the IPAM, as well as details on how VPP is programmed by the control plane.

Read More