Kube-OVN: Bringing OpenStack Network Infrastructure into Kubernetes – Design Principles and Architecture

On November 4, 2019, the Shanghai Open Source Infrastructure Summit was held in mainland China, gathering thousands of open‑source users and contributors. Liu Mengxin, a Kubernetes expert from Lingque Cloud, delivered a talk titled “Kube‑OVN: Bring OpenStack Network Infra into Kubernetes,” detailing the project’s progress and future plans.

He explained that Kubernetes networking consists of many concepts scattered across different projects, making it difficult for SREs and developers to maintain and troubleshoot in production. In contrast, OpenStack networking has matured over many years. Kube‑OVN aims to migrate these mature OpenStack network functions to Kubernetes, providing a complete solution that greatly reduces the pain of learning and maintaining Kubernetes networking.

Kube‑OVN has released version 0.8, with the 1.0 stable version imminent. The project is part of the CNCF Cloud‑Native Landscape, and its source code is available at https://github.com/alauda/kube-ovn .

Kube‑OVN Design Principles

1. Port OpenStack network concepts and functions to Kubernetes. Many designs and concepts from OpenStack have become SDN standards (e.g., VPC, Subnet, multi‑tenant, FIP, SecurityGroup), enhancing Kubernetes networking capabilities.

2. Unified data‑plane: Kubernetes serves as the control plane while all data‑plane functions (Service, DNS, NetworkPolicy, etc.) are implemented via OVN, simplifying maintenance.

3. Comprehensive coverage: Aim to provide a single, all‑in‑one network solution that matches or exceeds the features of other open‑source network plugins.

4. Ease of installation and use: Reduce the complexity and high entry barrier of OVN/OVS to lower the adoption threshold.

Overall Architecture and Functional Implementation

Kube‑OVN implements five major functions: binding of Namespace to Subnet with inter‑subnet access control, static IP allocation, dynamic QoS, distributed and centralized gateways, and an embedded LoadBalancer. These address the current fragmentation of Kubernetes networking components and fill gaps in native capabilities.

OVN brings many features absent in current Kubernetes networking, covering CNI, kube‑proxy, LoadBalancer, NetworkPolicy, DNS, and more, with enhancements. It also supports multiple platforms, running on Linux, Windows, KVM, XEN, Hyper‑V, and DPDK environments.

The above is an abstract of the presentation PPT. To obtain the full Kube‑OVN PPT, reply with “Kube‑OVN” to the official WeChat account to receive the download link.