Warning: Experimental. There is no intention to ever make this viable for production. Do not use in production.
Blixt
An experimental layer 4 load-balancer for Kubernetes.
The control-plane is built using Gateway API and written in Golang with Operator SDK/Controller Runtime. The data-plane is built using eBPF and is written in Rust using Aya.
Note: The word "blixt" means "lightning" in Swedish.
Current Status
Current project goals are the following:
- support Gateway/GatewayClass
- support UDPRoute
- support TCPRoute
- use this as a basis for adding/improving Gateway API Conformance Tests
- plug this into Gateway API CI to run conformance tests on PRs
After these goals are achieved, further goals may be decided.
Note: TLSRoute support may be on the table, but we're looking for someone from the community to champion this.
Note: The initial proof of concept was written as an XDP program, but with more features (including access to ip conntrack in newer kernels) available in TC, we made a switch to TC.
Usage
Note: Currently usage is only possible on Kubernetes In Docker (KIND) clusters. You can generate a new development cluster for testing with
make build.cluster.
Deploy Gateway API CRDs:
kubectl kustomize https://github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v0.5.1 | kubectl apply -f -Deploy:
kubectl kustomize config/default | kubectl apply -f -At this point you should see the controlplane and dataplane pods running
in the blixt-system namespace:
$ kubectl -n blixt-system get pods
NAME READY STATUS RESTARTS AGE
blixt-controlplane-cdccc685b-9dxj2 2/2 Running 0 83s
blixt-dataplane-brsl9 1/1 Running 0 83sCheck the config/samples directory for Gateway and *Route examples you
can now deploy.
Note: When developing the dataplane you can make changes in your local
dataplane/directory, and within there quickly build an image and load it into the cluster created in the above steps withmake load.image. This will build the eBPF loader and eBPF bytecode in a container image, load that image into the cluster, and then restart the dataplane pods to use the new build.
Community
This project originally started at Kong but is being donated to
Kubernetes SIG Network. It is becoming a part of the Gateway
API project and as such is discussed in the Gateway API weekly
meetings. In particular, we do some discussion and paired
programming of this project on the Gateway API Code Jam meeting which
is on the calendar for every Friday.
You can also reach out with problems or questions by creating an
issue, or a discussion on this repo. You can also reach out
on Kubernetes Slack on the #sig-network-gateway-api channel. There
is also a #ebpf channel on Kubernetes Slack for general eBPF related help.
License
The Blixt control-plane components are licensed under Apache License, Version
2.0, which is everything outside of the dataplane/ directory. The
data-plane components are dual-licensed under the General Public License,
Version 2.0 (only) and the 2-Clause BSD License (at your
option) including everything inside the dataplane/ directory.