BestHub
Sign in
Cloud Native 6 min read

How to Set Up VPC Peering in Kube-OVN: Step‑by‑Step Guide

This guide explains how to configure VPC peering in Kube-OVN, covering prerequisites, YAML manifests for VPCs, subnets, peerings and static routes, pod deployment on each subnet, and verification of cross‑VPC connectivity using ping commands.

Cloud Native Technology Community
Cloud Native Technology Community
Cloud Native Technology Community
How to Set Up VPC Peering in Kube-OVN: Step‑by‑Step Guide

Prerequisites

Only works for user‑defined VPCs.

Subnet CIDRs in the two VPCs must not overlap.

Currently only two VPCs can be peered.

Usage

First create two independent VPCs, each with a non‑overlapping Subnet.

kind: Vpc
apiVersion: kubeovn.io/v1
metadata:
  name: vpc-1
spec: {}

---
kind: Subnet
apiVersion: kubeovn.io/v1
metadata:
  name: net1
spec:
  vpc: vpc-1
  cidrBlock: 10.0.0.0/16

---
kind: Vpc
apiVersion: kubeovn.io/v1
metadata:
  name: vpc-2
spec: {}

---
kind: Subnet
apiVersion: kubeovn.io/v1
metadata:
  name: net2
spec:
  vpc: vpc-2
  cidrBlock: 172.31.0.0/16

Add vpcPeerings and corresponding static routes to each VPC:

kind: Vpc
apiVersion: kubeovn.io/v1
metadata:
  name: vpc-1
spec:
  vpcPeerings:
  - remoteVpc: vpc-2
    localConnectIP: 169.254.0.1/30
  staticRoutes:
  - cidr: 172.31.0.0/16
    nextHopIP: 169.254.0.2
    policy: policyDst
---
kind: Vpc
apiVersion: kubeovn.io/v1
metadata:
  name: vpc-2
spec:
  vpcPeerings:
  - remoteVpc: vpc-1
    localConnectIP: 169.254.0.2/30
  staticRoutes:
  - cidr: 10.0.0.0/16
    nextHopIP: 169.254.0.1
    policy: policyDst
remoteVpc

: name of the peer VPC. localConnectIP: IP/CIDR used for the peering endpoint; must belong to the same /30 network and not clash with existing subnets. cidr: CIDR of the remote Subnet. nextHopIP: the localConnectIP of the opposite VPC.

Create a Pod in each Subnet and bind it to the logical switch:

apiVersion: v1
kind: Pod
metadata:
  annotations:
    ovn.kubernetes.io/logical_switch: net1
  name: vpc-1-pod
spec:
  containers:
  - name: vpc-1-pod
    image: nginx:alpine
---
apiVersion: v1
kind: Pod
metadata:
  annotations:
    ovn.kubernetes.io/logical_switch: net2
  name: vpc-2-pod
spec:
  containers:
  - name: vpc-2-pod
    image: nginx:alpine

Test connectivity with ping:

# kubectl exec -it vpc-1-pod -- ping $(kubectl get pod vpc-2-pod -o jsonpath='{.status.podIP}')
# kubectl exec -it vpc-2-pod -- ping $(kubectl get pod vpc-1-pod -o jsonpath='{.status.podIP}')

Kube-OVN is a cloud‑native CNI that brings mature OpenStack networking capabilities to Kubernetes, providing enhanced security, operability, and performance for container networks.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

KubernetesCNINetwork ConfigurationKube-OVNVPC Peering
Cloud Native Technology Community
Written by

Cloud Native Technology Community

The Cloud Native Technology Community, part of the CNBPA Cloud Native Technology Practice Alliance, focuses on evangelizing cutting‑edge cloud‑native technologies and practical implementations. It shares in‑depth content, case studies, and event/meetup information on containers, Kubernetes, DevOps, Service Mesh, and other cloud‑native tech, along with updates from the CNBPA alliance.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment