Kubernetes networking with Edera

1 min read · Intermediate

Developer Platform Engineer Security

Kubernetes networking with Edera

For Edera-managed pods, Edera should seamlessly use your existing cluster CNI configuration to set up networking for Edera pods.

The following CNIs have been tested with Edera:

  • cilium in IPv4 and IPv6 mode.
  • flannel in IPv4 and IPv6 mode.
  • AWS vpc-cni in IPv4 and IPv6 mode.
  • ipvlan in L2, L3, and L3s modes, under both IPv4 and IPv6.

Currently, Edera does not support Multus or CNI configurations that configure multiple links for a single pod.

If there is a CNI misconfiguration, the protect-cri systemd service should report the error and fail to start.

You can check the status of protect-cri with sudo systemctl status protect-cri on an Edera-enabled node.

Note that if your CNI setup uses nonstandard CNI plugin binary or configuration paths, you will need to update /var/lib/edera/protect/cri.toml with the nonstandard paths, and restart the protect-cri service via sudo systemctl restart protect-cri.

See also

cri.toml - to configure Edera with nonstandard CRI config/plugin paths.

Last updated on