CNI (Container Network Interface)

3 min readMar 16, 2021

CNI is set of standard that defines how program(plugins) should be developed and how container runtime(docker , rkt) will invoke them so that everyone adhere to single set of standard solve the common networking challenges in container runtime environment.

CNI defines a set of Responsibilities for Container Runtime.

Container Runtime must create network namespace.
Identify network the container must attach to.
Container Runtime to invoke Network plugin(bridge) when container is Added.
Container Runtime to invoke Network plugin(bridge) when container is Deleted.
JSON format of the Network Configuration.

In plugin side it should Support-

Command line arguments- ADD/DEL/CHECK.
Parameters — container ids, network namespace etc..
Must manage IP address assignment to PODs.
Must return result in specific format.

CNI comes with set of supported plugins — BRIDGE , VLAN , IPVLAN , MACVLAN , WINDOWS

There are also third party solutions like — flannel , Calico , weaveworks

All these implements CNI standards.

Kubelet is the process that uses the cni plugin. Some of the configuration path are.

- Check which CNI plugin it’s using:

CNI Plugin.

- Check all the plugin binaries supported:

- CNI plugin configured to be used on this kubernetes cluster?

- What binary executable file will be run by kubelet after a container and its associated namespace are created.

Look at the type field in file /etc/cni/net.d/10-flannel.conflist

Sample shared in above screen.

POD may sometime fail of the Network is not configured properly.

- Deploy `weave-net` networking solution to the cluster:

Reference: — https://www.weave.works/docs/net/latest/kubernetes/kube-addon/

## Weave Net can be installed onto your CNI-enabled Kubernetes cluster with a single command. Use the below commandkubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"