What’s New in Kube‑OVN 0.7.0? Features, IPv6, and TCP Performance Insights

Release Highlights

IPAM : Optimized for StatefulSet so that the virtual network interface persists for the lifetime of the set, enabling name‑based reuse similar to PVC binding. Added an IP CRD; allocated IPs can be listed with kubectl get ip.

Subnet : New Subnet CRD includes a status field that shows IP allocation and health status. Default network configuration is automatically filled for user‑defined subnets. When a namespace is bound to a subnet, previous bindings are cleared and subnet information is written back to the namespace as annotations. Operations now verify that the corresponding virtual switch exists before proceeding.

Security : Traffic mirroring is enabled by default for easier audit. NetworkPolicy now supports selecting all rules. Private subnet handling has been improved by applying ACLs to all switch ports.

IPv6 : Control‑plane components can communicate over IPv6.

Compatibility : Tested on CentOS 7.5, Ubuntu 16.04 and Ubuntu 18.04. Installation is supported via Kubespray and kube‑asz.

TCP Performance Test

Test environment (public cloud, North China region):

Three ecs.c5.2xlarge instances (8 vCPU, 16 GiB, I/O‑optimized).

OS: CentOS 7.5.1804, Kernel 3.10.0‑957.27.2.el7.x86_64.

Kubernetes 1.13.4 with three nodes; the master runs workloads, 300 background Pods (100 per node) generate no network traffic.

Kube‑OVN version v0.7.0.

Benchmark tool: iperf3.

Method (executed as DaemonSets) :

Deploy 300 background Pods distributed across the three nodes.

Run an iperf3 server ( iperf3 -s) inside a container on one node.

From another node, run the client ( iperf3 -c <server> -t 30 -l <packet‑size>) and vary the -l parameter to test different packet sizes.

Repeat the same steps using host network mode as the baseline.

Repeat the test with Kube‑OVN as the CNI and record throughput.

Results (throughput measured in Gbit/s, ratio = Kube‑OVN / Host):

128 KB: 2.42 Gbit/s (Kube‑OVN) vs 2.52 Gbit/s (Host) – 96%.

64 KB: 2.42 Gbit/s vs 2.52 Gbit/s – 96%.

16 KB: 2.42 Gbit/s vs 2.52 Gbit/s – 96%.

4 KB: 2.42 Gbit/s vs 2.52 Gbit/s – 96%.

2 KB: 2.39 Gbit/s vs 2.51 Gbit/s – 95%.

1 KB: 1.57 Gbit/s vs 2.40 Gbit/s – 57%.

500 B: 0.923 Gbit/s vs 1.32 Gbit/s – 70%.

250 B: 0.534 Gbit/s vs 0.677 Gbit/s – 79%.

For packet sizes ≥ 2 KB, Kube‑OVN incurs roughly a 4 % throughput loss compared with host networking. Smaller packets cause higher loss, with the most pronounced drop around 1 KB. Very small packets also expose a performance bottleneck in the host network, reducing the relative loss.

Source code and additional details are available at the GitHub repository: https://github.com/alauda/kube-ovn