Skip to main content

Kube-OVN

Kube-OVN is a Kubernetes-native Container Network Interface (CNI) project that integrates Open Virtual Switch (vSwitch) and Open Virtual Network (OVN) to provide SDN-based Network Virtualization (NV) and management for Kubernetes clusters (container networking / Software Defined Networking (SDN)).

  • Kubernetes-native CNI plugin integrating OVN/OVS for SDN-based pod networking (container networking / SDN).
  • Logical network abstraction with virtual switches, routers, and subnets for multi-tenant isolation (network segmentation / multi-tenancy).
  • Support for static and dynamic IP address management, subnet allocation, and IP conflict avoidance (IP address management).
  • Network policy control with ACLs, security groups, and traffic control for pods and namespaces (network security / traffic control).
  • Integration with standard Kubernetes APIs and CRDs for network orchestration and automation (infrastructure automation / Kubernetes networking).

More About Kube-Ovn

Kube-OVN addresses Kubernetes networking by combining Kubernetes-native CNI integration with Open vSwitch (OVS) and OVN to provide SDN capabilities for containerized workloads (container networking / SDN).

The project introduces logical networking constructs such as virtual switches, routers, and subnets that Marketing Automation Platform (MAP) onto Kubernetes resources, enabling multi-tenant isolation and flexible network topologies for clusters that run multiple teams or applications (network segmentation / multi-tenancy).

Kube-OVN provides IP Address Management (IPAM) functions, including automatic and static IP allocation for pods, subnet-level configuration, and mechanisms to avoid IP conflicts across namespaces and virtual networks (IP address management).

Through Kubernetes Custom Resource Definitions (CRDs), Kube-OVN exposes configuration for virtual networks, subnets, Quality of Service (QoS), and related policies, allowing operators to define and manage network behavior using standard Kubernetes tools and workflows (infrastructure automation / Kubernetes networking).

The system uses OVN and Open vSwitch (OVS) datapath capabilities to implement features such as Layer 2 and Layer 3 connectivity, logical routing, and access control lists, so traffic between pods, namespaces, and external networks follows centrally defined rules (network virtualization / Traffic Engineering (TE)).

Enterprises use Kube-OVN to provide a unified network layer for Kubernetes clusters that require tenant isolation, controlled IP planning, and integration with existing SDN practices, including scenarios where clusters run in on-premises (on-prem) data centers or hybrid environments (enterprise infrastructure / hybrid cloud networking).

Network policies and ACLs in Kube-OVN enable security zoning between applications and namespaces, while QoS and bandwidth controls help manage traffic characteristics for workloads with different performance requirements (network security / traffic control).

The project integrates with core Kubernetes APIs and controllers, enabling GitOps workflows, declarative configuration, and automation for network setup, update, and teardown alongside application deployment (infrastructure as code / DevOps tooling).

Within an enterprise technical taxonomy, Kube-OVN fits into categories such as Kubernetes CNI plugin, SDN-based virtual networking, IP address management, and Network Policy Enforcement (NPE) for container platforms (container networking / network security).