Skip to the content.

Patu

Patu is a lightweight networking solution for low footprint (CPU, Memory, Disk) container orchestrators targeted to manage resource constrained compute devices, such as Edge Devices.

Motivation

It’s an attempt to build CNI that is driven by the Edge related use cases and targeted for resource constraint deployment environment. Please read here for more details about the challenge and the goal.

Deploying Patu

Currently Patu CNI supports Pod-to-Pod networking and Cluster IP implementation. Pod-to-Pod networking is enabled through Bridge CNI with eBPF based socket redirection. Cluster IP support is provided through the Kube Proxy Next Generation eBPF based backend. If you want to use Patu CNI binary with the existing kube-proxy implementation, please refer to the instructions for specific cluster environment in /deploy/ directory. Node Port service and Networking Policy support is currently under development and will land soon.

Kubernetes

These instructions are to deploy Patu CNI with single node kubernetes, but if you are looking for detail instructions to setup Patu CNI to different environment (Kind, Microshift), please refer to the relevant documents in the ./deploy/ directory.

CNI Deployment

Easiest way to deploy and play with Patu CNI is to deploy a single node kubernetes with --pod-network-cidr=10.200.0.0/16. Currently Patu CNI is tested with kernel version 5.15 (specifically Ubuntu 22.04), so we would recommend to create a Ubuntu 22.04 VM/server as your playground.

Verification

Once you deploy patu, coredns pods should be in the running state and should have IP address from the provide cidr. On your kubernetes node, install the bpftool (ensure you install the tool for the kernel version currently running), and run the following command

#bpftool prog list
...
...
393: cgroup_sock_addr  name sock4_connect  tag 59372233301aea77  gpl
	loaded_at 2022-08-22T19:08:10+0000  uid 0
	xlated 1000B  jited 625B  memlock 4096B  map_ids 28,29
	btf_id 102
397: sock_ops  name patu_sockops  tag a11096f06c210cab  gpl
	loaded_at 2022-08-22T19:08:11+0000  uid 0
	xlated 1248B  jited 727B  memlock 4096B  map_ids 31
	btf_id 108
401: sk_msg  name patu_skmsg  tag 6736c050a3a25de2  gpl
	loaded_at 2022-08-22T19:08:12+0000  uid 0
	xlated 952B  jited 595B  memlock 4096B  map_ids 31
	btf_id 114
405: cgroup_sock_addr  name patu_sendmsg4  tag d439a92f479811d9  gpl
	loaded_at 2022-08-22T19:08:13+0000  uid 0
	xlated 336B  jited 203B  memlock 4096B
	btf_id 120
409: cgroup_sock_addr  name patu_recvmsg4  tag 06b0a415da0c17e5  gpl
	loaded_at 2022-08-22T19:08:13+0000  uid 0
	xlated 336B  jited 203B  memlock 4096B
	btf_id 126
  ...
  ...
  

CNI Cleanup


  ./deploy/kubernetes/patu-installer delete all
  

It will remove all the resources deployed through Patu and KPNG manifest.

Workload Deployment

Notes: Given that Patu CNI is targeted for single node, you need to remove the control-plane & master taint from the node to deploy any workload.


kubectl taint nodes --all node-role.kubernetes.io/control-plane- node-role.kubernetes.io/master-

Supported Kubernetes Platforms

Note

This project work is in incubation state, so there are multiple open questions on the design of various CNI features (e.g Ingress, Network Policy), and we will address those as we progress.