Skip to main content

OpenStack Kuryr

OpenStack Kuryr is an OpenStack networking project that integrates OpenStack Neutron with container orchestration platforms to provide container networking and load balancing using Neutron and Octavia.

  • Container networking integration with OpenStack Neutron (container networking)
  • Use of Neutron networks and subnets for containers and pods (virtual networking)
  • Load balancing for containers via OpenStack Octavia (load balancing)
  • Support for container orchestration systems such as Kubernetes (container orchestration integration)
  • Bridging OpenStack networking and container ecosystems for unified network management (cloud networking)

More About OpenStack Kuryr

OpenStack Kuryr is an OpenStack networking project focused on connecting container workloads to OpenStack’s existing networking and load-balancing infrastructure. It addresses the problem of operating separate networking stacks for virtual machines and containers in the same cloud, allowing operators to reuse OpenStack Neutron networks, subnets, and security constructs for containerized applications.

Kuryr provides (container networking) capabilities by mapping container networking primitives, such as pods and services in platforms like Kubernetes, onto OpenStack Neutron (virtual networking) resources. Instead of maintaining parallel container-specific networking plugins, Kuryr enables containers to attach directly to Neutron networks, so they use the same IP addressing, routing, and security group policies as virtual machines. This alignment helps operators manage network configuration and policy through a single OpenStack-based control plane.

For traffic distribution, Kuryr integrates with OpenStack Octavia (load balancing) to implement container service load balancers using Neutron Load Balancer as a Service (LBaaS) constructs. When a container service requires load balancing, Kuryr can create and manage Octavia load balancers that front container endpoints, allowing reuse of existing L4/L7 load-balancing capabilities and operational practices already in place for Virtual Machine (VM) workloads.

Kuryr is often deployed in OpenStack-based private or public clouds that also run Kubernetes or other container orchestration platforms (container orchestration integration). It acts as a bridge between the orchestration system’s networking abstractions and the OpenStack networking backend, typically Neutron with plugins for technologies such as Open Virtual Switch (vSwitch) or other Software Defined Networking (SDN) drivers. In this architecture, the container platform delegates networking operations to Kuryr, which interacts with Neutron APIs to provision ports, security groups, and load balancers.

From an enterprise perspective, Kuryr is relevant in environments that want unified network management for both virtual machines and containers (cloud networking). It allows use of consistent IP address management, network segmentation, Quality of Service (QoS), and security policies across mixed workloads. Because Kuryr relies on standard OpenStack APIs and services, it fits into existing OpenStack ecosystem tooling, including monitoring, billing, and compliance workflows associated with Neutron and Octavia resources.

Within a technical taxonomy, OpenStack Kuryr is categorized primarily as a container networking integration layer for OpenStack clouds, positioned at the intersection of virtual infrastructure networking, container orchestration integration, and load balancing services.