Using Weave Net for NetworkPolicy in Kubernetes

February 09, 2017

FOSDEM is a free conference for Open Source developers, held each year in Brussels. In the Lightning Talk stream I gave a whistle-stop tour of the motivation, definition and implementation of Kubernetes NetworkPolicy using Weave Net. In...

Related posts

Liquid Metal is Here: Supported, Multi-Cluster Kubernetes on micro-VMs and Bare Metal

You aren't Doing GitOps without Drift Detection

KubeCon and GitOpsCon EU, 2022 - Git Involved!

FOSDEM is a free conference for Open Source developers, held each year in Brussels. In the Lightning Talk stream I gave a whistle-stop tour of the motivation, definition and implementation of Kubernetes NetworkPolicy using Weave Net.

  • In order to scale services across tens or hundreds of servers, Kubernetes requires a container network where all points are connected.
  • As cluster admin, you would like to restrict malicious or accidental intrusion by locking down network traffic to specific paths.
  • Kubernetes NetworkPolicy documents let you state which pods of containers are allowed to talk to which other pods, based on labels that you apply.
  • Weave Net Policy Controller (Weave-npc) reads those policies and applies firewall rules dynamically on every node.
  • Weave-npc is designed to have minimal impact on performance as the number of containers grows.

Watch the full talk below:


Related posts

Liquid Metal is Here: Supported, Multi-Cluster Kubernetes on micro-VMs and Bare Metal

You aren't Doing GitOps without Drift Detection

KubeCon and GitOpsCon EU, 2022 - Git Involved!