开源软件名称：

开源软件地址：

开源软件介绍：

Submariner

• Architecture
  • Network Path
• Prerequisites
• Installation
  • Installation using subctl
  • Installation using Helm
  • Validate Submariner is Working
• Building and Testing
• Known Issues
• Contributing

Submariner is a tool built to connect overlay networks of different Kubernetes clusters. While most testing is performed against Kubernetesclusters that have enabled Flannel/Calico/Canal/Weave/OpenShiftSDN, Submariner should be compatible with most CNI cluster networkproviders, as it utilizes off-the-shelf components to establish encrypted tunnels between each Kubernetes cluster.

Note that Submariner is in an early stage, and while we welcome usage and experimentation, it is quite possible that you could run intobugs.

Submariner is a Cloud Native Computing Foundation sandbox project.

Architecture

See the Architecture section of Submariner's website.

Network Path

The network path of Submariner varies depending on the origin/destination of the IP traffic. In all cases, traffic between two clusters willtransit between the leader elected (in each cluster) gateway nodes, through ip xfrm rules. Each gateway node has a running Charon daemonwhich will perform IPsec keying and policy management.

When the source Pod is on a worker node that is not the elected gateway node, the traffic destined for the remote cluster will transitthrough the submariner VXLAN tunnel (vx-submariner) to the local cluster gateway node. On the gateway node, traffic is encapsulated in anIPsec tunnel and forwarded to the remote cluster. Once the traffic reaches the destination gateway node, it is routed in one of two ways,depending on the destination CIDR. If the destination CIDR is a Pod network, the traffic is routed via CNI-programmed network. If thedestination CIDR is a Service network, then traffic is routed through the facility configured via kube-proxy on the destination gatewaynode.

Prerequisites

See the Prerequisites docs on Submariner's website.

Installation

Submariner is deployed and manged by its Operator. The Operator can be deployed directly, or by using Submariner's Helm Charts, or by usingSubmariner's subctl CLI helper utility. subctl is the recommended deployment method because it has the most refined deployment userexperience and additionally provides testing and bug-diagnosing capabilities.

Installation using subctl

Submariner provides the subctl CLI utility to simplify the deployment and maintenance of Submariner across your clusters.

See the subctl Deployment docs on Submariner's website.

Installation using Helm

See the Helm Deployment docs on Submariner's website.

Validate Submariner is Working

See the subctl verify docs and AutomatedTroubleshooting docs on Submariner's website.

Building and Testing

See the Building and Testing docs on Submariner's website.

Known Issues

See the Known Issues docs on Submariner's website.

Contributing

See the Development section of Submariner's website.