Antrea: Kubernetes Networking and Security
Shriira Press
A complete Kubernetes network on Open vSwitch. Pod connectivity, rich network policies, deep observability (Traceflow), and multi-cluster networking — secure and performant.
Welcome to Antrea: Kubernetes Networking and Security.
Antrea is the CNCF Kubernetes-native networking and security solution — a CNI built on Open vSwitch that provides pod networking plus rich network policies, deep observability (Traceflow), and advanced features (encryption, egress, load balancing, multi-cluster), all performant and cross-platform. This free book teaches it from the ground up: the Kubernetes networking problem and what Antrea is, Kubernetes networking and CNI concepts, Antrea's architecture (Controller, Agents, Open vSwitch), pod networking (connecting pods, the OVS bridge, traffic modes), network policies (Kubernetes and Antrea-native), observability (Traceflow, flow visibility), services and load balancing (AntreaProxy), advanced features (encryption, egress, FQDN policies, Windows), multi-cluster networking, and using Antrea in practice. Ten focused chapters with clear diagrams that make Kubernetes networking concrete — connect pods on a flat network, secure them with least-privilege policies, trace packets to debug connectivity, and span clusters — a complete, secure, observable, performant network built on the proven foundation of Open vSwitch.
This title is part of the ShriIra library and is free to read in full, right here — our small contribution to making world-class knowledge easy to reach.
A note on reading it: open the Contents menu at the top of the reader to jump between chapters, use the Aa menu to set a comfortable text size, theme (light, sepia, or night), and single- or two-page layout. Your place is saved automatically, so you can always pick up where you left off.
We hope it serves you well.
— Shriira Press