This topic describes how to use the Terway network plug-in in a Kubernetes cluster.

Terway introduction

Terway is a network plug-in developed by Alibaba Cloud Container Service. Fully compatible with Flannel, Terway supports the following operations:
  • Assign Elastic Network Interfaces (ENIs) and secondary IP addresses to containers.
  • Define access policies between containers based on standard Kubernetes network policies. Terway is compatible with Calico network policies.
Terway network plug-in

With Terway, you can assign each pod a network stack and an IP address. Pods on the same ECS instance communicate by forwarding packets directly within the server. Pods on different ECS instances communicate by forwarding packets through ENIs within the VPC. This improves the performance of the communication system because packets do not need to be encapsulated by using tunneling technologies such as VXLAN.

Use Terway

  1. Log on to the Container Service console.
  2. In the left-side navigation pane under Container Service - Kubernetes, choose Clusters > Clusters.
  3. In the upper-right corner, click Create Kubernetes Cluster. The Create Kubernetes Cluster page appears.
    Create a clusterBy default, the Kubernetes cluster configuration page appears.
    Note This example creates a dedicated Kubernetes cluster. For more information, see Create an ACK cluster.
    Cluster configuration page
  4. Select Terway as the network plug-in.
    Set the network plug-in

Flannel and Terway

When you create a Kubernetes cluster, you can select either Terway or Flannel as the network plug-in.
Note For more information, see Use Terway.
  • Flannel: a simple and stable container network interface (CNI) plug-in developed by the community. When combined with Alibaba Cloud VPC, Flannel provides a high-performance and stable container network for clusters. However, Flannel only provides a few simple features and does not support standard Kubernetes network policies.
  • Terway: the network plug-in developed by Alibaba Cloud Container Service. Terway enables you to assign Alibaba Cloud ENIs to containers, and define access policies between containers based on standard Kubernetes network policies. Besides, Terway supports bandwidth throttling on individual containers. If you do not need to use network policies, you can select Flannel as the network plug-in. Otherwise, we recommend that you select Terway.
    Note
    • Terway integrates the Felix component of Calico to implement network policies. Therefore, you can use Terway to create network policies as you do with Calico. If you used Calico in self-created clusters, you can now use Terway to create the same network policies and migrate your applications to Kubernetes clusters in Container Service.
    • Currently, Terway is integrated with Felix V3.5.2.