{"id":2524,"date":"2016-10-04T05:00:41","date_gmt":"2016-10-04T05:00:41","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=2524"},"modified":"2022-10-20T14:34:42","modified_gmt":"2022-10-20T21:34:42","slug":"cni-networking-and-ipam","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/","title":{"rendered":"CNI Networking and IPAM"},"content":{"rendered":"<p><a href=\"\/community\/using-the-infoblox-ipam-driver-for-docker\/\" target=\"_self\" rel=\"noopener noreferrer\">There&#8217;s a heightened interest in\u00a0Docker networking<\/a>\u00a0and IPAM content, so we\u2019re going to look at rkt\/CNI and how\u00a0<a href=\"http:\/\/www.infoblox.com\/?utm_source=blox-community&amp;utm_campaign=community-q2&amp;utm_medium=blox-community\" target=\"_self\" rel=\"nofollow noopener noreferrer\">Infoblox<\/a>\u00a0can also be leveraged to provide centralized IPAM functions in a multi-host environment.<\/p>\n<p>Like Docker, rkt is an open-source project that provides a runtime environment for deploying software applications in the form of containers (<a href=\"https:\/\/coreos.com\/rkt\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">https:\/\/coreos.com\/rkt<\/a>). In the case of rkt, the networking of containers is provided by Container Networking Interface (CNI) (<a href=\"https:\/\/github.com\/containernetworking\/cni\/blob\/master\/README.md\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">https:\/\/github.com\/containernetworking\/cni\/blob\/master\/README.md<\/a>).<\/p>\n<p>In this blog, I am going to take you through a typical deployment use case for Rkt\/CNI. But, before we do that, I\u2019m going to provide some background on rkt and CNI.<\/p>\n<h2 id=\"toc-hId-649912007\">Background<\/h2>\n<p>rkt (or,\u00a0<i>Rocket<\/i>, as it is originally called) is started as part of the CoreOS project which implements a container runtime environment conforming to the\u00a0<i>App Container\u00a0<\/i>(<i>appc<\/i>) as well as the\u00a0<i>Application Container Image\u00a0<\/i>(<i>ACI<\/i>) specifications. This is in support of the\u00a0<i>Open Container Initiative<\/i>\u00a0to define a vendor and operating system neutral containerization standard.<\/p>\n<p>As for CNI, it is the generic plugin-based networking layer for supporting container runtime environments, of which\u00a0<i>rkt<\/i>\u00a0is one. Indeed, the design of CNI is initially derived from the rkt Networking Proposal.<\/p>\n<p>In CNI, a network is a group of entities that are uniquely addressable that can communicate with each other. An entity could be a container, a host or a network device. In this blog, we\u2019ll be focusing on\u00a0<i>rkt\u00a0<\/i>containers, which can be added or removed from one or more networks as they are being launched and deleted by\u00a0<i>rkt.<\/i><\/p>\n<h2 id=\"toc-hId-678541158\">CNI Network Configuration<\/h2>\n<p>In CNI, the configuration of a network is defined using a JSON formatted configuration file. In addition to\u00a0<i>well-known<\/i>\u00a0fields, it also includes optional fields as well as plugin specific fields. Here\u2019s an example network configuration file:<\/p>\n<p><span class=\"lia-message-image-wrapper lia-message-image-actions-narrow lia-message-image-actions-below\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/807iBC9A8C18D3654032\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 1: Example Network Configuration File<\/i><\/p>\n<p>For a complete description of all the configuration fields, refer to:\u00a0<a href=\"https:\/\/github.com\/containernetworking\/cni\/blob\/master\/SPEC.md#network-configuration\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">https:\/\/github.com\/containernetworking\/cni\/blob\/master\/SPEC.md#network-configuration<\/a><\/p>\n<p>In the meantime, let\u2019s look at the fields included in the example above.<\/p>\n<ul>\n<li><strong>name\u00a0&#8211; Network name<\/strong><\/li>\n<\/ul>\n<p>This is the name of the network to which the configuration applies. In an\u00a0<i>rkt<\/i>\u00a0deployment, the network name is specified as part of the\u00a0<i>rkt run<\/i>\u00a0command used to launch a container.<\/p>\n<ul>\n<li><strong>type\u00a0&#8211; Network type<\/strong><\/li>\n<\/ul>\n<p>This defines the network type. In fact, this is the filename of the plugin executable that is invoked to create\/remove the network.<\/p>\n<p>The following type of networks are supported out of the box:<\/p>\n<ul>\n<li>bridge<\/li>\n<li>ipvlan<\/li>\n<li>Macvlan<\/li>\n<li><strong>bridge\u00a0&#8211; Name of network bridge<\/strong><\/li>\n<\/ul>\n<p>This is the name of the bridge created to host the network. Obviously, this a plugin specific field that applies only for the\u00a0<i>bridge<\/i>\u00a0network type.<\/p>\n<p>Following that is a dictionary of the\u00a0<strong>ipam<\/strong>\u00a0specific configurations:<\/p>\n<ul>\n<li><strong>type\u00a0&#8211; IPAM plugin type<\/strong><\/li>\n<\/ul>\n<p>As in the case for network type, this is the filename of the IPAM plugin executable that is invoked for IP allocation\/deallocation.<\/p>\n<ul>\n<li><strong>subnet<\/strong><\/li>\n<li><strong>gateway<\/strong>\u00a0&#8211; These are IPAM configurations, which may be optional depending on the specific IPAM plugin in use. For example,\u00a0<strong>subnet<\/strong>\u00a0is a mandatory field for the\u00a0<i>host-local<\/i>\u00a0ipam plugin, while it is optional for the\u00a0<i>infoblox<\/i>\u00a0plugin as we shall see later.<\/li>\n<\/ul>\n<h2 id=\"toc-hId-707170309\">CNI Plugin<\/h2>\n<p>As we discussed in the previous section, the Network type and IPAM plugin type defined in the network configuration file actually specify executables that get run when required. The network plugin is responsible for the creation of network interface for the container as well as making any necessary networking changes to enable the plumbing. IP address is then assigned to network interface, as well as routes and gateways being set up based on the results obtained by invoking the IPAM plugin.<\/p>\n<p>When a plugin is invoked, it receives the entire network configuration file via the standard input (<i>stdin)<\/i>\u00a0stream. The plugin therefore has access to all the configuration attributes defined in the configuration file. The plugin returns the result in JSON format via the standard output (<i>stdout<\/i>) stream.<\/p>\n<p>In addition to the configuration details, context information is also made available to the plugin as environment variables. This include:<\/p>\n<p><span class=\"lia-message-image-wrapper lia-message-image-actions-narrow lia-message-image-actions-below\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-containers2.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/808iD9D011AA61C3E112\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-containers2.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 2: CNI Environment Variables<\/i><\/p>\n<ul>\n<li><strong>CNI_COMMAND \u00a0&#8211; This defines the operation, which can either be \u201cADD\u201d or \u201cDEL\u201d.<\/strong><\/li>\n<li><strong>CNI_CONTAINERID<\/strong>\u00a0&#8211; This is a unique ID. If the request is associated with launching a rkt container, this is the\u00a0<i>container ID.<\/i><\/li>\n<\/ul>\n<ul>\n<li><strong>CNI_NETNS &#8211;\u00a0<\/strong>Network namespace in which the network interface resides<\/li>\n<\/ul>\n<ul>\n<li><strong>CNI_IFNAME &#8211;\u00a0<\/strong>The name of the network interface.<\/li>\n<li><strong>CNI_ARGS<\/strong>\u00a0&#8211; This contains additional arguments, if any, specified by user.<\/li>\n<\/ul>\n<h2 id=\"toc-hId-735799460\">Infoblox IPAM Plugin and Daemon<\/h2>\n<p>Before we go into a deployment example using the Infoblox IPAM plugin, let\u2019s discuss how the plugin works in more detail.<\/p>\n<p>As mentioned above, in CNI, a plugin is simply an executable file that gets run as needed. When run, it is passed configuration via stdin and context information as environment variables. After processing based on the input provided, the plugin then returns the result in JSON format via stdout.<\/p>\n<p>In our implementation we divide the functions into two components:<\/p>\n<ul>\n<li>Infoblox IPAM Plugin<\/li>\n<\/ul>\n<p>This is the plugin that is executed by CNI just like any other plugin, and receives the configuration and context data. However, instead of directly interfacing with Infoblox to perform the IPAM functions, it only packages the input data and send it to the Infoblox IPAM Daemon. On receiving the results from the Daemon, the plugin returns the results to CNI.<\/p>\n<ul>\n<li>Infoblox IPAM Daemon<\/li>\n<\/ul>\n<p>The Infoblox IPAM Daemon is the component that actually does the heavy lifting and interfaces with Infoblox via WAPI to perform the IPAM functions. The daemon is typically deployed as a container on each rkt host. The introduction of this daemon component is primarily for performance reasons:<\/p>\n<ul>\n<li>Running the daemon as a resident process allows WAPI connections to be kept alive and reused, thereby significantly improve response time.<\/li>\n<li>Making the plugin executable as small as possible to minimize startup cost<\/li>\n<\/ul>\n<h2 id=\"toc-hId-764428611\">Infoblox IPAM Plugin Configuration<\/h2>\n<p>To use the Infoblox IPAM plugin, we first need to put the plugin executable,\u00a0<i>infoblox<\/i>, in the\u00a0<i>\/usr\/lib\/rkt\/plugins\/net<\/i>\u00a0directory where CNI looks for plugins by default. Then, we need to create a configuration file in\u00a0<i>\/etc\/rkt\/net.d<\/i>\u00a0for the network that we are going to create. The name of the configuration file is not important &#8211; it just needs to be unique. However, the key is that the \u201cname\u201d field needs to match the name of the network we want to use. Suppose the name of the network is\u00a0<i>ipam-test-1<\/i>, we therefore create a network configuration file called\u00a0<i>ipam.conf<\/i>\u00a0in\u00a0<i>\/etc\/rkt\/net.d<\/i>\u00a0that looks like this:<\/p>\n<p><span class=\"lia-message-image-wrapper lia-message-image-actions-narrow lia-message-image-actions-below\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container3.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/809i81D550E6AB62B2D3\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container3.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 3: IPAM Configuration for Example Multi-host Deployment<\/i><\/p>\n<p>Since we\u2019ll be using this configuration file for our example multi-host deployment, let\u2019s explore the fields one by one:<\/p>\n<ul>\n<li><strong>name\u00a0&#8211; This is the name of the network to which this configuration applies. In this case, the name of the network we\u2019re creating is\u00a0<i>ipam-test-1<\/i><\/strong><\/li>\n<li><strong>type<\/strong>\u00a0&#8211; The network type we are going to use is\u00a0<i>bridge.<\/i><\/li>\n<li><strong>bridge<\/strong>\u00a0&#8211; This defines the name of the bridge that will be used for the network, in our case,\u00a0<i>cni01<\/i>. CNI will create the bridge if necessary, or, it will use an existing one of the same name. For our example, the bridge will be created manually with the necessary network interface attached to support the deployment.<\/li>\n<\/ul>\n<p>For the \u00a0<strong>ipam<\/strong>\u00a0configurations:<\/p>\n<ul>\n<li><strong>type\u00a0&#8211; Specifying\u00a0<i>infoblox<\/i>\u00a0causes CNI to execute the\u00a0<i>infoblox<\/i>\u00a0plugin executable that is located in\u00a0<i>\/usr\/lib\/rkt\/plugin\/net<\/i>\u00a0directory.<\/strong><\/li>\n<\/ul>\n<ul>\n<li><strong>subnet &#8211;\u00a0<\/strong>Here, we specify the CIDR for the subnet to be 10.0.0.0\/24<\/li>\n<\/ul>\n<ul>\n<li><strong>routes &#8211;\u00a0<\/strong>Here, we specify the default route to be 10.0.0.1. Currently, the IPAM plugin does not make use of this field. This field is simply returned back as part of the IPAM plugin results, which is then injected into the container to configure the routing table.<\/li>\n<\/ul>\n<ul>\n<li><strong>network-view<\/strong>\u00a0&#8211; While the previous fields are\u00a0<i>well-known<\/i>\u00a0CNI configurations, the\u00a0<i>network-view<\/i>\u00a0field is an Infoblox plugin specific configuration. Here, we specify that the Infoblox objects will be created under a network view called\u00a0<i>cni_view<\/i>. If the network view does not already exist, it will be created automatically.<\/li>\n<\/ul>\n<p>As we mentioned earlier, when the plugin is executed, the content of the above configuration is passed to it as\u00a0<i>stdin<\/i>. We also mentioned that, in addition to that, context information is also made available to the plugin as environment variables. Let\u2019s take a quick look at this.<\/p>\n<p><span class=\"lia-message-image-wrapper\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container4.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/810iAD109A2AE527E75B\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container4.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 4: CNI Environment Variables consumed by IPAM Plugin<\/i><\/p>\n<ul>\n<li><strong>CNI_COMMAND \u00a0&#8211; This can either be \u201cADD\u201d or \u201cDEL\u201d, indicating to the plugin whether it is a request to \u201cAllocate\u201d or \u201cRelease\u201d IP respectively.<\/strong><\/li>\n<\/ul>\n<ul>\n<li><strong>CNI_CONTAINERID<\/strong>\u00a0&#8211; This is an unique ID, and if the request is associated with launching an rkt container, this is the\u00a0<i>container ID.<\/i>\u00a0This is used to populate the \u201cVM ID\u201d extensible attributes of the associated Infoblox Fixed IP Address object.<\/li>\n<\/ul>\n<ul>\n<li><strong>CNI_NETNS<\/strong><\/li>\n<\/ul>\n<ul>\n<li><strong>CNI_IFNAME &#8211;\u00a0<\/strong>These are the network namespace and the name of the network interface, respectively, associated with the request. These two fields are used by the plugin to determine the MAC address of the network interface, which is then sent to the IPAM daemon together with the other fields.<\/li>\n<li><strong>CNI_ARGS<\/strong>\u00a0&#8211; This contains additional arguments, if any, specified by user. This is currently not used by the Infoblox plugin.<\/li>\n<\/ul>\n<p>The responsibility of the plugin is simply to package up the network configuration and the CNI environment information and send it to the IPAM daemon &#8211; which we\u2019re going to look at next.<\/p>\n<h2 id=\"toc-hId-793057762\">Infoblox IPAM Daemon Configuration<\/h2>\n<p>The IPAM Daemon is the component that interfaces with Infoblox via WAPI to perform the IPAM functions. The daemon is typically deployed as a container. In our example, we are using a Docker image of the daemon, and is started via\u00a0<i>rkt run\u00a0<\/i>as follow:<\/p>\n<p><span class=\"lia-message-image-wrapper\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container5.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/811i49346DFCE391D149\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container5.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 5: IPAM Daemon command parameters<\/i><\/p>\n<p>The important parameters are those that define the IP allocation policy. If you recall, we have specified the following in the CNI network configuration file:<\/p>\n<p><strong>\u201cnetwork-view\u201d: \u201ccni_view\u201d,<\/strong><\/p>\n<p><strong>\u201csubnet\u201d: \u201c10.0.0.0\/24\u201d<\/strong><\/p>\n<p>Any settings that are specified in the network configuration file will take precedence. So, in our example, the IPAM daemon would request Infoblox to allocate an IP in the \u201c<i>10.0.0.0\/24<\/i>\u201d subnet. The IPAM daemon also ensures that the \u201c<i>10.0.0.0\/24<\/i>\u201d has been created in the network view \u201c<i>cni_view<\/i>\u201d.<\/p>\n<p>On the other hand, should \u201cnetwork-view\u201d and \u201csubnet\u201d not have been specified in the network configuration file, then a subnet will be allocated based on the\u00a0<i>network-view, network-container<\/i>\u00a0and\u00a0<i>prefix-length<\/i>\u00a0command line parameter &#8211; which in this case is\u00a0<i>\u201cdefault\u201d,<\/i>\u00a0\u201c<i>192.168.0.0\/24,192.169.0.0\/24\u201d<\/i>\u00a0and\u00a0<i>25<\/i>\u00a0respectively.<\/p>\n<h2 id=\"toc-hId-821686913\">A Multi-host rkt Deployment<\/h2>\n<p>In this scenario, we are going to simulate a container based application that is deployed across multiple hosts, and in which the containers need to communicate with each other. We need to create a network model that supports that within the constructs of rkt\/CNI.<\/p>\n<p>While CNI can provide\u00a0the necessary cross-host L2 connectivity needed for the containers, the challenge becomes how to manage IP addresses of the containers across the hosts, e.g. how to avoid allocating duplicated IP addresses. This calls for a centralized IPAM solution that is capable of provisioning IP across the hosts in a holistic manner.<\/p>\n<p>In this example, Infoblox is leveraged to provide the centralized IPAM functionality. To facilitate this, we utilize the Infoblox IPAM plugin to delegate IP allocation and de-allocation to Infoblox.<\/p>\n<p><span class=\"lia-message-image-wrapper\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container6.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/812iF80D772C3DE15271\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container6.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 6: Multi-host rkt\/CNI Deployment<\/i><\/p>\n<p>The setup consists of two identically configured VMs that serve as rkt hosts,\u00a0<i>rkt-1\u00a0<\/i>and\u00a0<i>rkt-2<\/i>. Each rkt host is a VM that runs an Ubuntu 14.04 image with rkt runtime environment installed.<\/p>\n<p>On each host, a bridge (<i>cni01<\/i>) is created &#8211; all containers launched will be attached to this bridge. Also attached to the\u00a0<i>cni01\u00a0<\/i>bridge is\u00a0<i>eth1<\/i>, which is a network interface connected to the\u00a0<i>Container Network<\/i>. In Ubuntu, the\u00a0<i>brctl<\/i>\u00a0command is used to manage linux bridges:<\/p>\n<p>brctl addbr cni01 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0# creates cni01 bridge interface<\/p>\n<p>brctl addif cni01 eth1 \u00a0\u00a0# attaches eth1 to the cni01 interface<\/p>\n<p><i>Container Network<\/i>\u00a0is a vSwitch that provides L2 connectivity between the rkt hosts. Overall, this establishes L2 connectivity between all the containers attached to the\u00a0<i>cni01\u00a0<\/i>bridges.<\/p>\n<p>Also created on each host is the\u00a0<i>eth0<\/i>\u00a0network interface. This is attached to the\u00a0<i>Management Network<\/i>\u00a0through which the IPAM Daemon talks to Infoblox services. I\u2019ll talk about this in the next section.<\/p>\n<p>A CNI network called\u00a0<i>ipam-test-1<\/i>\u00a0can now be setup that uses the Infoblox IPAM plugin. The network is served by the\u00a0<i>cni01\u00a0<\/i>bridge we discussed earlier that provide L2 connectivity across the hosts.<\/p>\n<h2 id=\"toc-hId-850316064\">Verifying the Configuration<\/h2>\n<p>First of all, verify that the necessary configurations are in place:<\/p>\n<ul>\n<li>Verify that the network configuration file\u00a0<i>ipam.conf<\/i>\u00a0is located in\u00a0<i>\/etc\/rkt\/net.d<\/i><\/li>\n<li>Verify that the plugin executable\u00a0<i>infoblox<\/i>\u00a0is located in\u00a0<i>\/usr\/lib\/rkt\/plugins\/net<\/i><\/li>\n<li>Verify that the docker image for the IPAM daemon exists by running the command\u00a0docker images<\/li>\n<\/ul>\n<p>The image is called\u00a0<i>infoblox-cni-daemon<\/i>, for example:<\/p>\n<p>REPOSITORY \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0TAG \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0IMAGE ID \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0CREATED \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0SIZE<\/p>\n<p>yuewko\/infoblox-cni-daemon \u00a0\u00a0latest \u00a0\u00a0\u00a0\u00a0\u00a0a7cd28f86339 \u00a0\u00a0\u00a0\u00a011 days ago \u00a0\u00a0\u00a0\u00a0130.7 MB<\/p>\n<ul>\n<li>Verify that\u00a0<i>eth1\u00a0<\/i>is attached to the\u00a0<i>cni01<\/i>\u00a0bridge. Run the command,<\/li>\n<\/ul>\n<p>brctl show cni01<\/p>\n<p>The output should look something like:<\/p>\n<p>bridge name\u00a0bridge id \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0STP enabled\u00a0interfaces<\/p>\n<p>cni01 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a08000.000c29f878b0 \u00a0\u00a0\u00a0no \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0eth1<\/p>\n<p>Note that an IP has not been assigned to the bridge interface:<\/p>\n<p>ifconfig cni01<\/p>\n<p>cni01 \u00a0\u00a0\u00a0\u00a0Link encap:Ethernet \u00a0HWaddr 00:0c:29:f8:78:b0<\/p>\n<p>inet6 addr: fe80::20c:29ff:fef8:78b0\/64 Scope:Link<\/p>\n<p>UP BROADCAST RUNNING MULTICAST \u00a0MTU:1500 \u00a0Metric:1<\/p>\n<p>RX packets:82 errors:0 dropped:0 overruns:0 frame:0<\/p>\n<p>TX packets:97 errors:0 dropped:0 overruns:0 carrier:0<\/p>\n<p>collisions:0 txqueuelen:0<\/p>\n<p>RX bytes:7111 (7.1 KB) \u00a0TX bytes:11710 (11.7 KB)<\/p>\n<p>Instead, we configured the default gateway IP of 10.0.0.1 in the network configuration file\u00a0<i>ipam.conf<\/i>\u00a0(see Figure 3), which is the IP for the router interface (see Figure 6). Since we are not using the bridge interface as a gateway, there is no need to assign an IP for it. More importantly, this allow us to use the same default gateway configuration for all the rkt hosts.<\/p>\n<p>This is only possible because the CNI bridge plugin allows fine grained gateway configuration, via the following fields:<\/p>\n<ul>\n<li>isGateway &#8211; \u00a0Assigns an IP address to the bridge (Defaults to false).<\/li>\n<li>isDefaultGateway &#8211; Sets isGateway to true and makes the assigned IP the default route. (Defaults to false)<\/li>\n<\/ul>\n<p>By not specifying those fields in our CNI network configuration, and therefore assuming the default values, CNI does not assign an IP for the bridge interface. Additionally, it honors the\u00a0<i>routes\u00a0<\/i>settings in the\u00a0<i>ipam<\/i>\u00a0configuration to establish the default route in the container.<\/p>\n<p>Finally, start the IPAM daemon using the\u00a0<i>rkt run<\/i>\u00a0command shown earlier in Figure 5. Obviously, you would need to modify the WAPI connection parameters applicable to your environment.<\/p>\n<h2 id=\"toc-hId-878945215\">Putting it to the test<\/h2>\n<p>First of all, recall that the IP 10.0.0.1 has been assigned to the router interface and is configured to be the default gateway for the containers. In order for Infoblox not to use the IP to serve allocation request, the IP need to be reserved, as shown:<\/p>\n<p><span class=\"lia-message-image-wrapper\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container7.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/815i31ACB6B0BEE66534\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container7.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 7: Default Gateway IP Reserved<\/i><\/p>\n<p>Next, we are going to launch containers on both rkt hosts and demonstrate that there is no IP collision and that connectivity can be established between the containers across the hosts.<\/p>\n<p>On the\u00a0<strong><i>rkt-1<\/i><\/strong>\u00a0host, use the\u00a0<i>rkt run\u00a0<\/i>command to start a ubuntu container specifying the network\u00a0<i>ipam-test-1<\/i>, as follows:<\/p>\n<p>rkt run &#8211;interactive\u00a0&#8211;net=ipam-test-1\u00a0sha512-82b5a101e8bf<\/p>\n<p>When the command completes and display a shell prompt, we are actually inside the ubuntu container. Running the command\u00a0<i>ifconfig eth0\u00a0<\/i>produces the following output:<\/p>\n<p>eth0 \u00a0\u00a0Link encap:Ethernet \u00a0HWaddr ce:60:bb:50:f6:b4<\/p>\n<p>inet addr:10.0.0.2\u00a0\u00a0Bcast:0.0.0.0 \u00a0Mask:255.255.255.0<\/p>\n<p>inet6 addr: fe80::cc60:bbff:fe50:f6b4\/64 Scope:Link<\/p>\n<p>UP BROADCAST RUNNING MULTICAST \u00a0MTU:1500 \u00a0Metric:1<\/p>\n<p>RX packets:21 errors:0 dropped:0 overruns:0 frame:0<\/p>\n<p>TX packets:7 errors:0 dropped:0 overruns:0 carrier:0<\/p>\n<p>collisions:0 txqueuelen:0<\/p>\n<p>RX bytes:3615 (3.6 KB) \u00a0TX bytes:578 (578.0 B)<\/p>\n<p>where\u00a0<i>eth0<\/i>\u00a0is the interface attached to the\u00a0<i>ipam-test-1<\/i>\u00a0network. Note the highlighted MAC address of the interface, and more importantly, the IP address 10.0.0.2 that has been allocated.<\/p>\n<p>Additionally, we can verify this by logging onto the Infoblox management interface:<\/p>\n<p><span class=\"lia-message-image-wrapper lia-message-image-actions-narrow lia-message-image-actions-below\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container8.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/814iB6E2C052F96EF544\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container8.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 8: IP Allocated to container on rkt-1<\/i><\/p>\n<p>As shown above, the IP address 10.0.0.2 has been allocated to the MAC address of\u00a0<i>eth0<\/i>.<\/p>\n<p>Next, we repeat the same to launch a ubuntu container on\u00a0<strong><i>rkt-2<\/i><\/strong>. In this case, running the\u00a0<i>ifconfig eth0<\/i>\u00a0command inside the container produces:<\/p>\n<p>eth0 \u00a0\u00a0Link encap:Ethernet \u00a0HWaddr 4a:8b:14:d5:0c:74<\/p>\n<p>inet addr:10.0.0.3\u00a0\u00a0Bcast:0.0.0.0 \u00a0Mask:255.255.255.0<\/p>\n<p>inet6 addr: fe80::488b:14ff:fed5:c74\/64 Scope:Link<\/p>\n<p>UP BROADCAST RUNNING MULTICAST \u00a0MTU:1500 \u00a0Metric:1<\/p>\n<p>RX packets:16 errors:0 dropped:0 overruns:0 frame:0<\/p>\n<p>TX packets:6 errors:0 dropped:0 overruns:0 carrier:0<\/p>\n<p>collisions:0 txqueuelen:0<\/p>\n<p>RX bytes:2528 (2.5 KB) \u00a0TX bytes:508 (508.0 B)<\/p>\n<p>Again, we can correlate that with the Infoblox management interface:<\/p>\n<p><span class=\"lia-message-image-wrapper lia-message-image-actions-narrow lia-message-image-actions-below\"><img decoding=\"async\" class=\"lia-media-image\" tabindex=\"0\" title=\"infoblox-container9.jpg\" src=\"https:\/\/cixhp49439.i.lithium.com\/t5\/image\/serverpage\/image-id\/816i804D8C78797E1DBE\/image-size\/original?v=v2&amp;px=-1\" alt=\"infoblox-container9.jpg\" border=\"0\" \/><i class=\"lia-fa lia-fa-search-plus lia-media-lightbox-trigger\" tabindex=\"0\" aria-label=\"Enlarge image\"><\/i><\/span><\/p>\n<p><i>Figure 9: IP Allocated to container on rkt-1<\/i><\/p>\n<p>More interestingly, from inside the ubuntu container on\u00a0<strong><i>rkt-2<\/i><\/strong>, we can ping the IP (10.0.0.2) of the container on\u00a0<strong><i>rkt-1<\/i><\/strong>:<\/p>\n<p>root@rkt-1649dade-d9b8-4cec-be9f-eadf9c865de5:\/# ping 10.0.0.2<\/p>\n<p>PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.<\/p>\n<p>64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.260 ms<\/p>\n<p>64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.171 ms<\/p>\n<p>64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.216 ms<\/p>\n<p>64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.244 ms<\/p>\n<p>^C<\/p>\n<p>&#8212; 10.0.0.2 ping statistics &#8212;<\/p>\n<p>4 packets transmitted, 4 received, 0% packet loss, time 2997ms<\/p>\n<p>rtt min\/avg\/max\/mdev = 0.171\/0.222\/0.260\/0.038 ms<\/p>\n<p>And, lastly, we can verify the expected MAC address using the\u00a0<i>arp\u00a0<\/i>command:<\/p>\n<p>root@rkt-1649dade-d9b8-4cec-be9f-eadf9c865de5:\/# arp -an<\/p>\n<p>? (10.0.0.2) at\u00a0ce:60:bb:50:f6:b4\u00a0[ether] on eth0<\/p>\n<h2 id=\"toc-hId-907574366\">Summary<\/h2>\n<p>In this blog, we have demonstrated that using the IPAM plugin allows us to easily leverage Infoblox to provide centralized IPAM service in a multi-host\u00a0<i>rkt<\/i>\u00a0container deployment environment. In a follow-on blog, we\u2019ll compare and contrast the features and workflow of CNI and libnetwork.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There&#8217;s a heightened interest in\u00a0Docker networking\u00a0and IPAM content, so we\u2019re going to look at rkt\/CNI and how\u00a0Infoblox\u00a0can also be leveraged to provide centralized IPAM functions in a multi-host environment. Like Docker, rkt is an open-source project that provides a runtime environment for deploying software applications in the form of containers (https:\/\/coreos.com\/rkt). In the case of [&hellip;]<\/p>\n","protected":false},"author":285,"featured_media":2528,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[3],"tags":[118,16,51,31],"class_list":{"0":"post-2524","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-community","8":"tag-docker","9":"tag-infoblox","10":"tag-ipam","11":"tag-networking","12":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>CNI Networking and IPAM<\/title>\n<meta name=\"description\" content=\"Infoblox offers an IPAM plugin that provides centralized services for multi-host rkt container deployment environments. Learn more about the IPAM plugin here.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CNI Networking and IPAM\" \/>\n<meta property=\"og:description\" content=\"Infoblox offers an IPAM plugin that provides centralized services for multi-host rkt container deployment environments. Learn more about the IPAM plugin here.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2016-10-04T05:00:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-20T21:34:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ThinkstockPhotos-495725398.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1800\" \/>\n\t<meta property=\"og:image:height\" content=\"1666\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Yue Ko\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Yue Ko\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"15 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/\"},\"author\":{\"name\":\"Yue Ko\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/7d2f4566b20388174558d95f1a16ba62\"},\"headline\":\"CNI Networking and IPAM\",\"datePublished\":\"2016-10-04T05:00:41+00:00\",\"dateModified\":\"2022-10-20T21:34:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/\"},\"wordCount\":2969,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ThinkstockPhotos-495725398.jpg\",\"keywords\":[\"Docker\",\"Infoblox\",\"IPAM\",\"Networking\"],\"articleSection\":[\"Community\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/\",\"name\":\"CNI Networking and IPAM\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ThinkstockPhotos-495725398.jpg\",\"datePublished\":\"2016-10-04T05:00:41+00:00\",\"dateModified\":\"2022-10-20T21:34:42+00:00\",\"description\":\"Infoblox offers an IPAM plugin that provides centralized services for multi-host rkt container deployment environments. Learn more about the IPAM plugin here.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ThinkstockPhotos-495725398.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ThinkstockPhotos-495725398.jpg\",\"width\":1800,\"height\":1666,\"caption\":\"CNI Networking and IPAM\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/cni-networking-and-ipam\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Community\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/community\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CNI Networking and IPAM\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/7d2f4566b20388174558d95f1a16ba62\",\"name\":\"Yue Ko\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8719802d0cbfe7a03fba5a72d39a4910a1f80d125077809fa16d6be81f93a19b?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8719802d0cbfe7a03fba5a72d39a4910a1f80d125077809fa16d6be81f93a19b?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8719802d0cbfe7a03fba5a72d39a4910a1f80d125077809fa16d6be81f93a19b?s=96&d=blank&r=g\",\"caption\":\"Yue Ko\"},\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/yue-ko\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"CNI Networking and IPAM","description":"Infoblox offers an IPAM plugin that provides centralized services for multi-host rkt container deployment environments. Learn more about the IPAM plugin here.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/","og_locale":"en_US","og_type":"article","og_title":"CNI Networking and IPAM","og_description":"Infoblox offers an IPAM plugin that provides centralized services for multi-host rkt container deployment environments. Learn more about the IPAM plugin here.","og_url":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/","og_site_name":"Infoblox Blog","article_published_time":"2016-10-04T05:00:41+00:00","article_modified_time":"2022-10-20T21:34:42+00:00","og_image":[{"width":1800,"height":1666,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ThinkstockPhotos-495725398.jpg","type":"image\/jpeg"}],"author":"Yue Ko","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Yue Ko","Est. reading time":"15 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/"},"author":{"name":"Yue Ko","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/7d2f4566b20388174558d95f1a16ba62"},"headline":"CNI Networking and IPAM","datePublished":"2016-10-04T05:00:41+00:00","dateModified":"2022-10-20T21:34:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/"},"wordCount":2969,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ThinkstockPhotos-495725398.jpg","keywords":["Docker","Infoblox","IPAM","Networking"],"articleSection":["Community"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/","url":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/","name":"CNI Networking and IPAM","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ThinkstockPhotos-495725398.jpg","datePublished":"2016-10-04T05:00:41+00:00","dateModified":"2022-10-20T21:34:42+00:00","description":"Infoblox offers an IPAM plugin that provides centralized services for multi-host rkt container deployment environments. Learn more about the IPAM plugin here.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ThinkstockPhotos-495725398.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ThinkstockPhotos-495725398.jpg","width":1800,"height":1666,"caption":"CNI Networking and IPAM"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/community\/cni-networking-and-ipam\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Community","item":"https:\/\/www.infoblox.com\/blog\/category\/community\/"},{"@type":"ListItem","position":3,"name":"CNI Networking and IPAM"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/7d2f4566b20388174558d95f1a16ba62","name":"Yue Ko","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/8719802d0cbfe7a03fba5a72d39a4910a1f80d125077809fa16d6be81f93a19b?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/8719802d0cbfe7a03fba5a72d39a4910a1f80d125077809fa16d6be81f93a19b?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8719802d0cbfe7a03fba5a72d39a4910a1f80d125077809fa16d6be81f93a19b?s=96&d=blank&r=g","caption":"Yue Ko"},"url":"https:\/\/www.infoblox.com\/blog\/author\/yue-ko\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2524","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/285"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=2524"}],"version-history":[{"count":4,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2524\/revisions"}],"predecessor-version":[{"id":8171,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2524\/revisions\/8171"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2528"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=2524"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=2524"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=2524"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}