Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

New Features

This section highlights the key features introduced in CN2 Release 23.1. A brief description of each new feature follows.

CN2 on Amazon EKS

  • Multi-cluster CN2—CN2 Release 23.1 supports multi-cluster CN2 on Amazon EKS. In a multi-cluster CN2 deployment, the central cluster provides the networking and CNI for the distributed workload clusters.

    See Install Multi-Cluster CN2 on Amazon EKS.

  • VPC to CN2 Communication in AWS EKS—Starting in CN2 Release 23.1, you can access a Kubernetes workload from an AWS VPC. Release 23.1 introduces a gateway service instance (GSI), which is a collection of Amazon Web Service (AWS) and Kubernetes resources that work together to seamlessly interconnect CN2 with VPC and external networks.

    See VPC to CN2 Communication in AWS EKS.

CN2 on OpenShift

CN2 Apstra Integration

  • Extend Virtual Networks to Apstra—Starting in CN2 Release 23.1, you can extend virtual networks from your Kubernetes cluster to the data center fabric managed by Apstra

    See Extend Virtual Networks to Apstra.

Configure Kubernetes

  • Pod Scheduling—CN2 23.1 supports network-aware pod scheduling using contrail-scheduler. This feature enhances the Kubernetes pod scheduler with plugins that analyze the network metrics of a node before scheduling pods.

    See Pod Scheduling.

Security

  • Namespace Security Policies—Starting in Release 23.1, CN2 supports Namespace security policies. Namespace security policies allows you to define polices from a source endpoint to a destination endpoint within a namespace, or to an external IP address.

    See Security Policies.

Advanced Virtual Networking

  • Customize Virtual Networks for Pod Deployments, Services, and Namespaces—Starting in CN2 Release 23.1, you can apply a custom default network for pod Deployments, services, and namespaces. Pods and services that use a custom network are isolated from other networks. This feature also supports environments with Multus CNI enabled.

    See Customize Virtual Networks for Pod Deployments, Services, and Namespaces.

  • EVPN Networking—CN2 Release 23.1 supports EVPN-VXLAN Networking using Type 5 routes. The Type 5 route, also called the IP prefix route, enables inter-virtual network connectivity in CN2.

    See EVPN Networking.

  • Static Routes—Starting in CN2 23.1, you can configure static routes for your cluster. This release introduces RouteTable and InterfaceRouteTable CRs that configure static routes for a virtual network or VMI.

    See Static Routes.

  • IPv4 and IPv6 Dual-Stack Networking—CN2 Release 23.1 supports dual-stack networking for services. Release 22.4 supported dual-stack networking for pods, but 23.1 enables you to assign IP addresses to services from an IPv4 or IPv6 network.

    See IPv4 and IPv6 Dual-Stack Networking.

Services

  • Floating IP/DNAT for IPv6 Addresses— CN2 23.1 supports floating IP (DNAT) functionality for IPv6 addresses. Your back-end pod VMIs are mapped to an IPv6 floating IP. The vRouter performs DNAT and routes traffic to the next hop, or the translated destination address (back end pod VMI) from external networks to your back-end pod VMIs.

    See FloatingIP/DNAT for IPv6 Addresses.