{"id":13509642,"url":"https://github.com/nokia/danm","last_synced_at":"2025-04-05T05:09:51.259Z","repository":{"id":33605737,"uuid":"152550404","full_name":"nokia/danm","owner":"nokia","description":"TelCo grade network management in a Kubernetes cluster","archived":false,"fork":false,"pushed_at":"2022-09-19T15:31:17.000Z","size":39233,"stargazers_count":382,"open_issues_count":19,"forks_count":81,"subscribers_count":36,"default_branch":"master","last_synced_at":"2025-03-29T04:12:08.225Z","etag":null,"topics":["cni-metaplugin","cni-plugin","danm-cni","kubernetes","kubernetes-cluster"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nokia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-10-11T07:34:50.000Z","updated_at":"2025-03-05T04:26:18.000Z","dependencies_parsed_at":"2022-08-09T09:15:29.081Z","dependency_job_id":null,"html_url":"https://github.com/nokia/danm","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fdanm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fdanm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fdanm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fdanm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nokia","download_url":"https://codeload.github.com/nokia/danm/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247289429,"owners_count":20914464,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cni-metaplugin","cni-plugin","danm-cni","kubernetes","kubernetes-cluster"],"created_at":"2024-08-01T02:01:10.864Z","updated_at":"2025-04-05T05:09:51.235Z","avatar_url":"https://github.com/nokia.png","language":"Go","funding_links":[],"categories":["Go","kubernetes","Platforms"],"sub_categories":[],"readme":"\n# DANM\n[![Build Status](https://travis-ci.com/nokia/danm.svg?branch=master)](https://travis-ci.com/Nokia/danm)\n[![Unit Test Coverage](https://coveralls.io/repos/github/nokia/danm/badge.svg?branch=master)](https://coveralls.io/github/nokia/danm?branch=master)\n\n\u003cimg src=\"https://github.com/nokia/danm/raw/master/logo_w_name.png\" width=\"100\"\u003e\n\n# Join our community!\nWant to hang-out with us? Join our Slack under https://danmws.slack.com/!\n\nFeel yourself officially invited by clicking on [this](https://join.slack.com/t/danmws/shared_invite/enQtNzEzMTQ4NDM2NTMxLTA3MDM4NGM0YTRjYzlhNGRiMDVlZWRlMjdlNTkwNTBjNWUyNjM0ZDQ3Y2E4YjE3NjVhNTE1MmEyYzkyMDRlNWU) link!\n\n# Want to get more bang for the buck? Check out DANM Utils too!\nDANM Utils is the home to independet Operators built on top of the DANM network management platform, providing value added services to your cluster!\nInterested in adding outage resiliency to your IPAM, or universal network policy support? Look no further and hop over to https://github.com/nokia/danm-utils today!\n\n## Table of Contents\n* [Table of Contents](#table-of-contents)\n* [Introduction](#introduction)\n     * [Install an Akraino REC and get DANM for free](#install-an-akraino-rec-and-get-danm-for-free)\n* [Our philosophy and motivation behind DANM](#our-philosophy-and-motivation-behind-danm)\n* [Scope of the project](#scope-of-the-project)\n* [Deployment](#deployment)\n* [User guide](#user-guide)\n* [Contributing](#contributing)\n* [Authors](#authors)\n* [License](#license)\n\n\n## Introduction\n__DANM__ is Nokia's solution to bring TelCo grade network management into a Kubernetes cluster! DANM has more than 4 years of history inside the company, is currently deployed into production, and it is finally available for everyone, here on GitHub.\n\nThe name stands for \"Damn, Another Network Manager!\", because yes, we know: the last thing the K8s world needed is another TelCo company \"revolutionizing\" networking in Kubernetes.\nBut still we hope that potential users checking out our project will involuntarily proclaim \"DANM, that's some good networking stuff!\" :)\n\nPlease consider for a moment that there is a whole other world out there, with special requirements, and DANM is the result of those needs!\nWe are certainly not saying DANM is __THE__ network solution, but we think it is a damn good one!\nWant to learn more about this brave new world? Don't hesitate to contact us, we are always quite happy to share the special requirements we need to satisfy each and every day.\n\n**In any case, DANM is more than just a plugin, it is an End-To-End solution to a whole problem domain**.\nIt is:\n* a CNI plugin capable of provisioning IPVLAN interfaces with advanced features\n* an in-built IPAM module with the capability of managing multiple, ***cluster-wide***, discontinuous L3 networks with managing up to 8M allocations per network! plus providing dynamic, static, or no IP allocation scheme on-demand for both IPv4, and IPv6\n* a CNI metaplugin capable of attaching multiple network interfaces to a container, either through its own CNI, or through delegating the job to any of the popular CNI solution e.g. SR-IOV, Calico, Flannel etc. ***in parallel***\n* a Kubernetes controller capable of centrally managing both VxLAN and VLAN interfaces of all Kubernetes hosts\n* another Kubernetes controller extending Kubernetes' Service-based service discovery concept to work over all network interfaces of a Pod\n* a standard Kubernetes Validating and Mutating Webhook responsible for making you adhere to the schemas, and also automating network resource management for tenant users in a production-grade environment\n### Install an Akraino REC and get DANM for free!\nJust kidding as DANM is always free, but if you want to install a production grade, open-source Kubernetes-based bare metal CaaS infrastructure by default equipped with DANM **and** with a single click of a button nonetheless; just head over to Linux Foundation Akraino Radio Edge Cloud (REC) wiki for the [Akraino REC Architecture](https://wiki.akraino.org/display/AK/REC+Architecture+Document) and the [Akraino REC Installation Guide](https://wiki.akraino.org/display/AK/REC+Installation+Guide)\nNot just for TelCo!\n\nThe above functionalities are implemented by the following components:\n- **danm** is the CNI plugin which can be directly integrated with kubelet. Internally it consists of the CNI metaplugin, the CNI plugin responsible for managing IPVLAN interfaces, and the in-built IPAM plugin.\nDanm binary is integrated to kubelet as any other [CNI plugin](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/).\n\n- **fakeipam** is a little program used in natively integrating 3rd party CNI plugins into the DANM ecosystem. It is basically used to echo the result of DANM's in-built IPAM to CNIs DANM delegates operations to.\nFakeipam binary should be placed into kubelet's configured CNI plugin directory, next to danm.\nFakeipam is a temporary solution, the long-term aim is to separate DANM's IPAM component into a full-fledged, standalone IPAM solution.\n\n- **netwatcher** is a Kubernetes Controller watching the Kubernetes API for changes in the DANM related CRD network management APIs.\nThis component is responsible for validating the semantics of network objects, and also for maintaining VxLAN and VLAN host interfaces of all Kubernetes nodes.\nNetwatcher binary is deployed in Kubernetes as a DaemonSet, running on all nodes.\n\n- **svcwatcher** is another Kubernetes Controller monitoring Pod, Service, Endpoint, and DanmEp API paths.\nThis Controller is responsible for extending Kubernetes native Service Discovery to work even for the non-primary networks of the Pod.\nSvcwatcher binary is deployed in Kubernetes as a DaemonSet, running only on the Kubernetes master nodes in a clustered setup.\n\n- **webhook** is a standard Kubernetes Validating and Mutating Webhook. It has multiple, crucial responsibilities:\n\n - it validates all DANM introduced CRD APIs both syntactically, and semantically both during creation, and modification\n - it automatically mutates parameters only relevant to the internal implementation of DANM into the API objects\n - it automatically assigns physical network resources to the logical networks of tenant users in a production-grade infrastructure\n\n## Our philosophy and motivation behind DANM\nIt is undeniable that TelCo products- even in containerized format- ***must*** own physically separated network interfaces, but we have always felt other projects put too much emphasis on this lone fact, and entirely ignored -or were afraid to tackle- the larger issue with Kubernetes.\nThat is: capability to **provision** multiple network interfaces to Pods is a very limited enhancement if the cloud native feature of Kubernetes **cannot be used with those extra interfaces**.\n\nThis is the very big misconception our solution aims to rectify - we strongly believe that all network interfaces shall be natively supported by K8s, and there are no such things as \"primary\", or \"secondary\" network interfaces.\nWhy couldn't NetworkPolicies, Services, LoadBalancers, all of these existing and proven Kubernetes constructs work with all network interfaces?\nWhy couldn't network administrators freely decide which physical networks are reachable by a Pod?\nIn our opinion the answer is quite simple: because networks are not first-class citizens in Kubernetes.\n\nThis is the historical reason why DANM's CRD based, abstract network management APIs were born, and why is the whole ecosystem built around the concept of promoting networks to first-class Kubernetes API objects.\n\nThis approach opens-up a plethora of possibilities, even with today's Kubernetes core code!\n\nThe following chapters will guide you through the description of these features, and will show you how you can leverage them in your Kubernetes cluster.\n## Scope of the project\nYou will see at the end of this README that we really went above and beyond what \"networks\" are in vanilla Kubernetes.\n\nBut, DANM core project never did, and will break one core concept: DANM is first and foremost a run-time agnostic standard CNI system for Kubernetes, 100% adhering to the Kubernetes life-cycle management principles.\n\nIt is important to state this, because the features DANM provides open up a couple of very enticing, but also very dangerous avenues:\n - what if we would monitor the run-time and provide added high-availability feature based on events happening on that level?\n - what if we could change the networks of existing Pods?\n\n We strongly feel that all such scenarios incompatible with the life-cycle of a standard CNI plugin firmly fall outside the responsibility of the core DANM project.\nThat being said, tell us about your Kubernetes breaking ideas! We are open to accept such plugins into the wider umbrella of the existing eco-system: outside of the core project, but still loosely linked to suite as optional, external components.\nJust because something doesn't fit into core DANM, it does not mean it can't fit into your cloud!\nPlease visit [DANM utils](https://github.com/nokia/danm-utils) repository for more info.\n\n\n## Deployment\nSee [Deployment Guide](deployment-guide.md).\n\n## User guide\nSee [User Guide](user-guide.md).\n\n## Contributing\n\nPlease read [CONTRIBUTING.md](https://github.com/nokia/danm/blob/master/CONTRIBUTING.md) for details on our code of conduct, and the process for submitting pull requests to us.\n\n## Authors\n\n* **Robert Springer** (@rospring) - Initial work (V1 Python), IPAM, Netwatcher, Svcwatcher [Nokia](https://github.com/nokia)\n* **Levente Kale** (@Levovar) - Initial work (V2 Golang), Documentation, Integration, SCM, UTs, Metaplugin, V4 work [Nokia](https://github.com/nokia)\n\nSpecial thanks to the original author who started the whole project in 2015 by putting a proprietary network management plugin between Kubelet and Docker; and also for coining the DANM acronym:\n**Peter Braun** (@peter-braun)\n\n## License\n\nThis project is licensed under the 3-Clause BSD License - see the [LICENSE](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnokia%2Fdanm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnokia%2Fdanm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnokia%2Fdanm/lists"}