CNI plugins implement Kubernetes networking. Different plugins have different features.
Flannel: Simple overlay using VXLAN. Easy to deploy. Limited policy support.
Calico: BGP for routing. No overlay by default. Network policies via iptables. High performance.
Cilium: eBPF instead of iptables. Layer policies. Built-in observability.
Weave: Encrypted overlay. Automatic mesh.
Choosing:
- Performance: Calico or Cilium
- Simplicity: Flannel
- Policies: Calico or Cilium
- Encryption: Weave or Cilium