摘要
云原生网络是容器云的核心,部署在公有云、私有数据中心或混合云。不同基础设施环境导致底层网络存在差异,会对安全管控造成挑战。不同的云原生网络方案具有不同的容器适配成本,如NAT、负载均衡、低延时通信。CNI开源项目分为Overlay和Underlay两种流派:Overlay通过隧道技术构建独立容器网络,利用NAT实现通信转换,适用大多数场景,但对传统主机直用适配成本高;Underlay直接使用主机网络,限制较多但性能好、对传统主机应用的适配成本低。因此,设计一种基于开源CNI项目的多种Underlay CNI协同解决容器集群通信问题。实践表明优化设计可降低30%网络运维工作量。解决Underlay场景下IP分配、多网卡路由、宿主机连通性等问题,加强各Underlay CNI项目。协同多种CNI确保了集群网络连通性,利用物理网卡可降低通信延时约30%。
Cloud-native network is the core of containerized clouds,deployed in public,private,or hybrid environments.Diverse infrastructure environments result in varying underlying network configurations,posing security management challenges.Different Cloud-native network schemes increase container adaptation costs,such as NAT,load balancing,and low-latency communication.Container Network Interface(CNI)open-source projects are categorized into Overlay and Underlay approaches.Overlay constructs an independent container network through tunnel technology and uses NAT to implement communication translation,which is suitable for most scenarios but with high adaptation costs for traditional host applications.Underlay directly utilizes the host network,offering better performance and lower adaptation costs but with more constraints.Therefore,a multi-Underlay CNI collaborative approach based on open-source CNI projects is proposed to address container cluster communication challenges.Practical implementations show that optimized designs can reduce network maintenance workload by 30%.Key issues in Underlay scenarios,such as IP allocation,multi-network routing,and host connectivity,are addressed to enhance various Underlay CNI projects.Coordinating multiple CNIs ensures cluster network connectivity,while leveraging physical NICs can reduce communication latency by approximately 30%.
作者
张红兵
侯玲玉
蓝维洲
ZHANG Hongbing;HOU Lingyu;LAN Weizhou(DaoCloud Network Technology Co.,Ltd.,Shanghai 200000,China)
出处
《微型电脑应用》
2024年第7期138-143,共6页
Microcomputer Applications
