1. What is CNI?
   CNI(Container Network Interface) is the container network interface, a standard designed to simplify the process of container network configuration.CNI allows containers to dynamically configure their networks at creation or destruction time.The CNI plug-in is responsible for configuring and managing IP addresses for containers and provides functionality related to IP management, per-container IP assignments, and multihost connectivity. The main role of the CNI is to define how containers should interact and communicate at the network level. It specifies a set of network configurations and interfaces through which the network can be configured for containers at runtime.
   2. CNI workflow
2. Pod IP Assignment: CNI plug-in is responsible for assigning IP addresses to pods, which is usually realized through IPAM (IP Address Management) service. 2.
3. Network Namespace Configuration: The CNI plug-in creates a network namespace for the Pod and configures the network interfaces in it. 3.
4. Routing Settings: Configure the routing of the Pod to ensure that the Pod can communicate with other Pods and external networks.
5. Network Interoperability: Ensure that Pods on the same node can communicate through the local network, and Pods on different nodes can communicate through the Overlay network or other mechanisms.
6. Commonly used K8s network plug-ins
7. Flannel:

o Flannel is a popular CNI plugin that is relatively easy to install and configure. It uses the existing etcd cluster of the Kubernetes cluster to store state information and does not require a dedicated datastore. o Flannel configures the Layer 3 IP address of the K8s cluster.

o Flannel configures a Layer 3 IPv4 Overlay network, where each node has a subnet that is used to assign IP addresses internally. Pods on different hosts use flanneld to encapsulate their traffic in UDP packets to be routed to the appropriate destination.

2. Calico:

o Calico is another popular CNI plugin known for its performance and flexibility. It not only provides network connectivity between hosts and pods, but also deals with network security and management. o Calico uses BGP routing.

o Calico uses the BGP routing protocol to route packets between hosts without the need for an additional encapsulation layer. It also provides network policy capabilities and can be integrated with Service Grid Istio.

3. Weave:

o Weave creates a mesh Overlay network between each node in the cluster with flexible routing between participants. It relies on the routing component installed on each host in the network.

o Weave provides network policy functionality and supports simple encryption of the entire network. It implements fast data paths through the Open vSwitch Data Path Module to provide intelligent routing.

4. Canal:

o Canal is a project that integrates the network layer provided by Flannel with Calico's network policy functionality. It combines the simplicity of Flannel's Overlay networking with Calico's powerful network rule evaluation.

5. Cilium:

o Cilium is an emerging CNI plug-in that supports more advanced network features such as network policies, service meshes, and transparent encryption. It uses eBPF technology to enable efficient network and security policies.

4. CNI Plugin Selection
   When selecting a CNI plug-in, you need to consider the following factors:

- Functional requirements: whether it needs to support NetworkPolicy, service discovery and load balancing, etc.

- Performance requirements: the performance and resource consumption of the plug-in.

- Environmental constraints: Whether the plug-in is compatible with the existing network infrastructure.

In summary, you can choose the right CNI plug-in for your Kubernetes cluster and ensure that your network configuration meets your needs.