Cluster Networking - CNI

Rackspace Spot provides flexible CNI options for your Kubernetes clusters, allowing you to customize networking based on your workload requirements.

Customizing CNI

When provisioning a new cloudspace you have the option to change the default CNI (Calico IPTables) installed in your cluster. CNI selection is made during cloudspace provisioning via the Rackspace Spot dashboard, Terraform, or CLI (spotctl).

Via Dashboard

Cloudspace Creation > Advanced Options > Customize CNI

Via spotctl

# Create cloudspace with Cilium + kubeproxy

spotctl cloudspace create my-cloudspace \

  --region us-central-dfw-2 \

  --cni cilium

Via Terraform

resource "spot_cloudspace" "my_cluster" {

  name   = "my-cloudspace"

  region = "us-central-dfw-2"

  # CNI Configuration - choose one:

  # cni = "calico"  # Default - Calico IPTables

  # cni = "cilium"  # Cilium with kubeproxy

  cni = "byocni"    # Bring Your Own CNI

}

​

resource "spot_nodepool" "workers" {

  cloudspace_name = spot_cloudspace.my_cluster.name

  name            = "worker-pool"

  server_class    = "gp.vs2.medium-dfw2"

  bid_price       = 0.02

  min_nodes       = 1

  max_nodes       = 3

  desired_nodes   = 2

}

Available CNI Options:

1. Calico IPTables (Default)

Calico with IPTables is the default CNI provider for Rackspace Spot clusters, offering network policy enforcement and proven stability for most workloads.

Best for: General-purpose workloads.

kube-proxy Mode: IPTables (default)

2. Cilium w/ kubeproxy

Cilium is an eBPF-native CNI that provides advanced networking, security, and observability capabilities for cloud-native applications.

Best for: Large-scale microservices, performance-critical workloads, advanced observability requirements.

kube-proxy Mode: eBPF

3. Bring Your Own CNI (BYOCNI)

For advanced users requiring specific CNI configurations, Rackspace Spot supports BYOCNI. If selected, no CNI provider or kube-proxy will be installed in the cluster.

Choosing the Right CNI