diff --git a/_data/reference.yml b/_data/reference.yml index 65ae449f1b..8791640113 100644 --- a/_data/reference.yml +++ b/_data/reference.yml @@ -103,22 +103,6 @@ toc: - docs/reference/generated/federation-apiserver.md - docs/reference/generated/federation-controller-manager.md -- title: Kubernetes Design Docs - landing_page: /docs/reference/design-docs/overview/ - section: - - docs/reference/design-docs/overview.md - - title: Kubernetes Architecture - path: https://git.k8s.io/community/contributors/design-proposals/architecture/architecture.md - - title: Kubernetes Design Overview - path: https://github.com/kubernetes/kubernetes/tree/release-1.6/docs/design - - title: Kubernetes Identity and Access Management - path: https://git.k8s.io/community/contributors/design-proposals/auth/access.md - - docs/admin/ovs-networking.md - - title: Security Contexts - path: https://git.k8s.io/community/contributors/design-proposals/auth/security_context.md - - title: Security in Kubernetes - path: https://git.k8s.io/community/contributors/design-proposals/auth/security.md - - title: Kubernetes Issues and Security landing_page: https://github.com/kubernetes/kubernetes/issues/ section: diff --git a/docs/admin/ovs-networking.md b/docs/admin/ovs-networking.md deleted file mode 100644 index 86085e6d40..0000000000 --- a/docs/admin/ovs-networking.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -reviewers: -- thockin -title: Kubernetes OpenVSwitch GRE/VxLAN networking ---- - -This document describes how OpenVSwitch is used to setup networking between pods across nodes. -The tunnel type could be GRE or VxLAN. VxLAN is preferable when large scale isolation needs to be performed within the network. - -![OVS Networking](/images/docs/ovs-networking.png) - -The vagrant setup in Kubernetes does the following: - -The docker bridge is replaced with a brctl generated linux bridge (kbr0) with a 256 address space subnet. Basically, a node gets 10.244.x.0/24 subnet and docker is configured to use that bridge instead of the default docker0 bridge. - -Also, an OVS bridge is created(obr0) and added as a port to the kbr0 bridge. All OVS bridges across all nodes are linked with GRE tunnels. So, each node has an outgoing GRE tunnel to all other nodes. It does not need to be a complete mesh really, just meshier the better. STP (spanning tree) mode is enabled in the bridges to prevent loops. - -Routing rules enable any 10.244.0.0/16 target to become reachable via the OVS bridge connected with the tunnels. - - - diff --git a/docs/reference/design-docs/overview.md b/docs/reference/design-docs/overview.md deleted file mode 100644 index f6e228e426..0000000000 --- a/docs/reference/design-docs/overview.md +++ /dev/null @@ -1,28 +0,0 @@ ---- -title: Overview of Kubernetes Design Docs ---- - -{% capture overview %} - -Here are some documents that describe aspects of the Kubernetes design: - -{% endcapture %} - -{% capture body %} - -* [Kubernetes Architecture](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/architecture.md) - -* [Kubernetes Design Overview](https://github.com/kubernetes/kubernetes/tree/release-1.6/docs/design) - -* [Kubernetes Identity and Access Management](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/auth/access.md) - -* [Kubernetes OpenVSwitch GRE/VxLAN networking](https://deploy-preview-6994--kubernetes-io-user-journeys.netlify.com/docs/admin/ovs-networking/) - -* [Security Contexts](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/auth/security_context.md) - -* [Security in Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/auth/security.md) - -{% endcapture %} - - -{% include templates/concept.md %}