What’s New in Kube-OVN? Traffic Mirroring, IPv6 Beta, and More

Kube-OVN is an open‑source Kubernetes networking system built on OVN, bringing mature OpenStack networking functions to Kubernetes clusters.

1. Traffic Mirroring Support Enabling the mirror option during installation creates a mirror0 interface on each node that duplicates all container traffic, allowing administrators to monitor and audit network flows for replay or analysis.

2. IPv6 Beta Support Subnets can be configured with IPv6 address pools, automatically assigning IPv6 addresses to containers. Note that Kubernetes does not yet support dual‑stack; using IPv6 subnets may limit health checks, service discovery, gateway, and DNS functionality if the control‑plane network differs.

3. IP Conflict Prevention via Webhook An AdmissionController webhook validates pod IP assignments; if a static IP conflicts with an existing one, pod creation is rejected, preventing address collisions.

4. Subnet Management with CRD A new Subnet Custom Resource Definition (CRD) replaces previous namespace‑based annotations for subnet configuration, streamlining subnet lifecycle management.

5. Go Module Dependency Management The project now uses go mod to handle Go dependencies, simplifying builds and version control.

Kube-OVN’s five major functions include namespace‑subnet binding with inter‑subnet access control, static IP allocation, dynamic QoS, distributed and centralized gateways, and an embedded LoadBalancer, addressing gaps in native Kubernetes networking. OVN also adds extensive features such as CNI, kube‑proxy, LoadBalancer, NetworkPolicy, and DNS enhancements, and runs on multiple platforms including Linux, Windows, KVM, XEN, Hyper‑V, and DPDK.

For more details, refer to the linked articles and the project’s repository.