►
Description
In this lightboard video, Steve Tegeler explains Kubernetes networking requirements by comparing the open source model and the VMware networking solution.
A
Take
a
look
at
these,
the
two
different
options
and
I'll
just
say:
well:
is
it
either
NSX
or
is
it
a
technology
called
flannel
and
because
that
basically
is
kind
of
de
facto
networking
that
that
is
with
kubernetes
today?
The
problem
with
that
comparison
here
is
that
this
is
really
only
layer,
2
connectivity
between
the
actual
pods
within
kubernetes.
So
if
I
have
a
pod
here
and
a
pod
here
within
the
same
kubernetes,
cluster
flannel
basically
provides
the
connectivity
between
those
pods.
A
Of
course,
NSX
can
do
that
function
as
well,
but
normally
what
you'll
need
to
do
is
you'll
need
to
get
out.
You'll
need
some
north-south
traffic,
so
to
speak
in
and
out
of
the
cluster
and
out
of
the
network
for
these
pods.
So
all
I
have
to
do
is
I'll
provide
some
north-south
connectivity
and
then
it
goes
out
to
some
network
somewhere,
and
so
we
call
that
layer,
3
connectivity,
and
in
that
case,
what
you
will
need
on
the
open
source
side
is
a
technology
called
calico
and,
of
course,
on
the
VMware
side.
A
We're
gonna
continue
to
leverage
nsx
here,
because
not
only
can
it
provide
layer
2,
but
it
can
also
provide
layer,
3
and
so
that'll
get
will
get
me
out
of
the
pods
next
up,
we're
gonna
do
layer,
4
and
my
layer,
4
I'm,
really
talking
about
the
security
policy.
You
know
on
kubernetes.
Of
course
it
gives
you.
These
great
constructs
to
you
know
provide
the
connectivity
for
the
workloads
themselves
and,
namely
security
policy
is
one,
but
it
doesn't
provide
you
an
implementation
detail.
So,
of
course
that's
when
you
need
a
technology
again.
A
A
Of
course,
nsx
continues
to
provide
that
functionality
as
well,
so
you
can
see
for
the
basic
kubernetes
networking
within
the
same
cluster,
so
to
speak.
I
can
provide
this
connectivity
now
beyond.
Just
kubernetes
connectivity.
You
may
have
some
requirements
to
bring
in
external
workloads,
and
those
external
workloads
could
be
virtual
machines.
They
could
be
another
kubernetes,
cluster
or
workloads
inside
other
other
kubernetes
clusters.
So
what
we'll
need
to
do?
What
might
be
nice
to
do
here
is
really
to
like
Security's
great
examples,
maybe
in
see
if
these
are
virtual
machines.
A
Here,
I
have
a
security
policy
that
not
only
encompasses
the
pods
in
kubernetes,
but
it
could
also
encompass
these
virtual
machines
as
well
and
with
nsx.
I
have
the
ability
to
provide
micro
segmentation,
not
only
at
the
virtual
machine
level,
but
also
at
the
pod
level
as
well.
So
in
this
case
you
know,
let's
just
call
this
external
connectivity
and
nsx
can
definitely
provide
that
on
the
open
source
side,
it's
going
to
be
something
that
lives
outside
of
like
the
core
kubernetes
Network
networking
piece,
and
so
this
is
yo.
A
A
Configuration
and
even
something
simple
like
metrics
or
stats
collection,
and
the
big
thing
which
you'll
see
here
is
that
on
the
NSX
side,
I
have
a
single
API
I
go
to
to
get
that
information.
It
is
the
single
source
of
truth
for
all
networking
happening,
potentially
in
your
in
your
data
center,
whereas
on
the
open
source
side
again,
we've
got
the
because
we
have
to
leverage
different
technologies.
A
So
hopefully,
this
shed
some
light
on
kind
of
the
real
difference
again
a
lot
of
time.
We
get
the
NSX
versus
a
flannel
discussion
happening,
but
the
reality
is
you've
got
to
look
at
the
entire
networking
stack
of
kubernetes
and
you
have
to
look
at
the
apps
and
what
they're
going
to
require,
and
generally
it's
layer,
two
layer,
three
there's
security
policy
and
load
balancing.
So
you
got
to
go
figure
out
to
get
that
done
in
a
sec,
single
solution
versus
maybe
some
open
source,
three
different
open
source
methods,
thanks
for
watching.