This is a fork of the main CNI plugins that I'm working on to fix a number of deficiencies in DHCP+Bridge mode so I can run Kubernetes pods on the same layer2 network as my home network.
Features:
- Persistence of DHCP leases across daemon restarts
- Deployable as a K8s DaemonSet
- Greatly improved bridge CNI
- IPv6 support
Read more in my blog series: https://www.technowizardry.net/series/home-lab/
Some CNI network plugins, maintained by the containernetworking team. For more information, see the CNI website.
Read CONTRIBUTING for build and test instructions.
bridge
: Creates a bridge, adds the host and the container to it.ipvlan
: Adds an ipvlan interface in the container.loopback
: Set the state of loopback interface to up.macvlan
: Creates a new MAC address, forwards all traffic to that to the container.ptp
: Creates a veth pair.vlan
: Allocates a vlan device.host-device
: Move an already-existing device into a container.
win-bridge
: Creates a bridge, adds the host and the container to it.win-overlay
: Creates an overlay interface to the container.
dhcp
: Runs a daemon on the host to make DHCP requests on behalf of the containerhost-local
: Maintains a local database of allocated IPsstatic
: Allocate a single static IPv4/IPv6 address to container. It's useful in debugging purpose.
tuning
: Tweaks sysctl parameters of an existing interfaceportmap
: An iptables-based portmapping plugin. Maps ports from the host's address space to the container.bandwidth
: Allows bandwidth-limiting through use of traffic control tbf (ingress/egress).sbr
: A plugin that configures source based routing for an interface (from which it is chained).firewall
: A firewall plugin which uses iptables or firewalld to add rules to allow traffic to/from the container.
The sample plugin provides an example for building your own plugin.
For any questions about CNI, please reach out via:
- Email: cni-dev
- Slack: #cni on the CNCF slack.
If you have a security issue to report, please do so privately to the email addresses listed in the OWNERS file.