Plugins

Some CNI network plugins, maintained by the containernetworking team. For more information, see the CNI website.

Read CONTRIBUTING for build and test instructions.

Plugins supplied:

Main: interface-creating

• bridge: Creates a bridge, adds the host and the container to it.
• ipvlan: Adds an ipvlan interface in the container.
• loopback: Set the state of loopback interface to up.
• macvlan: Creates a new MAC address, forwards all traffic to that to the container.
• ptp: Creates a veth pair.
• vlan: Allocates a vlan device.
• host-device: Move an already-existing device into a container.
• dummy: Creates a new Dummy device in the container.

Windows: Windows specific

• win-bridge: Creates a bridge, adds the host and the container to it.
• win-overlay: Creates an overlay interface to the container.

IPAM: IP address allocation

• dhcp: Runs a daemon on the host to make DHCP requests on behalf of the container
• host-local: Maintains a local database of allocated IPs
• static: Allocate a single static IPv4/IPv6 address to container. It's useful in debugging purpose.

Meta: other plugins

• tuning: Tweaks sysctl parameters of an existing interface
• portmap: An iptables-based portmapping plugin. Maps ports from the host's address space to the container.
• bandwidth: Allows bandwidth-limiting through use of traffic control tbf (ingress/egress).
• sbr: A plugin that configures source based routing for an interface (from which it is chained).
• firewall: A firewall plugin which uses iptables or firewalld to add rules to allow traffic to/from the container.

Sample

The sample plugin provides an example for building your own plugin.

Contact

For any questions about CNI, please reach out via:

• Email: cni-dev
• Slack: #cni on the CNCF slack.

If you have a security issue to report, please do so privately to the email addresses listed in the OWNERS file.