π Networking
Master Kubernetes networking: Services, Ingress, Network Policies, DNS, load balancing, SR-IOV, NNCP, InfiniBand, and multi-NIC configurations for production clusters.
Expose OpenClaw via Kubernetes Ingress with TLS
Configure Kubernetes Ingress with TLS termination to securely expose OpenClaw gateway beyond port-forward. Covers cert-manager, NGINX Ingress, and allowed origins.
Configure SR-IOV agent-config.yaml with Device by Path
Use agent-config.yaml to select network devices by PCI path for SR-IOV VF creation, ensuring deterministic NIC targeting across OpenShift nodes.
GPUDirect RDMA via DMA-BUF
Configure GPUDirect RDMA using DMA-BUF kernel subsystem for zero-copy GPU-to-GPU transfers over InfiniBand and RoCE networks.
HAProxy Keepalived Multi-Tenant GPU Ingress
Configure HAProxy with Keepalived VIPs for per-tenant GPU cluster ingress with Jinja2 templates and per-tenant access logging.
InfiniBand vs Ethernet for AI on Kubernetes
Compare InfiniBand and Ethernet networking for GPU AI workloads on Kubernetes, including RDMA, RoCE, latency, and throughput considerations.
NFSoRDMA Bond with Access Mode Switch
Configure bonded NICs for NFS over RDMA using switch access mode for VLAN assignment. Aggregation on untagged interfaces for RDMA redundancy.
NFSoRDMA Dedicated NIC Configuration
Configure dedicated NICs for NFS over RDMA on Kubernetes worker nodes. NFSoRDMA requires untagged interfaces β no VLAN tagging supported.
NFSoRDMA Jumbo Frames MTU Configuration
Configure 9000 MTU jumbo frames for NFSoRDMA interfaces using NNCP to maximize RDMA throughput on Kubernetes worker nodes.
NFSoRDMA Multi-VLAN Switch Access Mode
Design multi-VLAN NFSoRDMA networks using switch access mode ports. Separate storage, replication, and backup traffic with dedicated NICs per VLAN.
NFSoRDMA Troubleshooting and Performance
Troubleshoot NFS over RDMA connectivity issues, diagnose TCP fallback, tune performance, and benchmark RDMA throughput on Kubernetes workers.
NFSoRDMA Worker Node Setup
Complete worker node setup for NFS over RDMA including kernel modules, NFS client configuration, PersistentVolume mounts, and RDMA transport verification.
NNCP Bond Interfaces on Worker Nodes
Create bonded network interfaces on Kubernetes worker nodes using NodeNetworkConfigurationPolicy for NIC redundancy and link aggregation.
NNCP DNS and Static Routes on Workers
Configure static routes, DNS servers, and policy-based routing on worker nodes using NodeNetworkConfigurationPolicy for multi-network setups.
NNCP Linux Bridge on Worker Nodes
Create Linux bridges on Kubernetes worker nodes using NodeNetworkConfigurationPolicy for KubeVirt VM networking and pod bridging.
NNCP MTU and Jumbo Frames on Workers
Set MTU and enable jumbo frames on worker node interfaces using NodeNetworkConfigurationPolicy for high-throughput storage and AI networking.
NNCP Multi-NIC Architecture for Workers
Design a complete multi-NIC worker node architecture with NNCP for separated management, storage, tenant, and GPU traffic using bonds, VLANs, and bridges.
NNCP OVS Bridge on Worker Nodes
Configure Open vSwitch bridges on Kubernetes worker nodes using NodeNetworkConfigurationPolicy for advanced SDN and DPDK networking.
NNCP Rollback and Troubleshooting
Troubleshoot NodeNetworkConfigurationPolicy failures, monitor enactments, configure rollback timeouts, and recover from bad network configurations.
NNCP SR-IOV and Macvlan on Workers
Configure SR-IOV virtual functions and macvlan interfaces on worker nodes using NodeNetworkConfigurationPolicy for high-performance networking.
NNCP Static IP Assignment on Worker Nodes
Use NodeNetworkConfigurationPolicy to assign static IPv4 and IPv6 addresses to worker node interfaces with nodeSelector targeting.
NNCP VLAN Tagging on Worker Nodes
Configure VLAN interfaces on Kubernetes worker nodes using NodeNetworkConfigurationPolicy for network segmentation and traffic isolation.
NodePort Raw Traffic vs HTTPS Ingress
Route raw GPU inference traffic via NodePort for low-latency gRPC and HTTPS model serving via OpenShift ingress controller.
NVIDIA NIC Driver Container Entrypoint
Understand and customize the NVIDIA NIC driver container entrypoint for MOFED and DOCA driver lifecycle on Kubernetes and OpenShift.
SR-IOV Mixed NICs for GPU Nodes
Configure SR-IOV with mixed ConnectX-7 and ConnectX-6 NICs for RDMA data plane and management traffic on GPU worker nodes.
SR-IOV NicClusterPolicy for VF Configuration
Configure SR-IOV Virtual Functions on Mellanox ConnectX NICs using the NVIDIA Network Operator NicClusterPolicy for high-performance Kubernetes networking.
SR-IOV VF Networking for AI Workloads
Deploy SR-IOV Virtual Functions with RDMA support for distributed AI training on Kubernetes, including multi-NIC pod configuration and NCCL tuning.
Configure GPUDirect RDMA with the NVIDIA GPU Operator
Set up GPUDirect RDMA on Kubernetes using the NVIDIA GPU Operator with either DMA-BUF or legacy nvidia-peermem, including Network Operator integration.
Switch GPUDirect RDMA from nvidia-peermem to DMA-BUF
Migrate from the legacy nvidia-peermem kernel module to the recommended DMA-BUF GPUDirect RDMA path using the NVIDIA GPU Operator.
Validate GPUDirect RDMA Performance with DMA-BUF
Run ib_write_bw with CUDA DMA-BUF to verify GPUDirect RDMA data transfer rates between GPU pods and validate network operator configuration.
Configure SriovNetwork with NVIDIA nv-ipam
Create a SriovNetwork resource that auto-generates a Multus NetworkAttachmentDefinition using nv-ipam for high-performance SR-IOV secondary interfaces.
Create an NVIDIA nv-ipam IPPool for SR-IOV Networks
Define a valid nv-ipam IPPool and node-aware sizing strategy so SR-IOV workloads can reliably obtain secondary interface IP addresses on Kubernetes.
Enable NIC Feature Discovery in NVIDIA Network Operator
Enable NIC Feature Discovery through NicClusterPolicy and verify the node labels required by SR-IOV and RDMA GPU networking workflows on Kubernetes.
Create SR-IOV VFs on OpenShift with SriovNetworkNodePolicy
Use the OpenShift SR-IOV Network Operator to create and manage Virtual Functions from selected Physical Functions on GPU worker nodes.
Verify Which Interface Carries OVN Underlay Traffic
Confirm the actual OVN underlay network path by checking ovn-encap-ip, bridge port ownership, and physical route associations on Kubernetes nodes.
Istio Traffic Management and Routing
Implement advanced traffic management with Istio service mesh including traffic splitting, fault injection, circuit breaking, and intelligent routing.
How to Use Kubernetes Gateway API
Implement the Gateway API for advanced traffic routing in Kubernetes. Learn HTTPRoute, TLSRoute, and traffic splitting with the next-generation Ingress.
How to Set Up Linkerd Service Mesh
Deploy Linkerd service mesh for Kubernetes. Learn to add mTLS encryption, traffic management, and observability with minimal configuration overhead.
How to Configure Kubernetes Cluster DNS
Customize CoreDNS configuration for your cluster. Add custom DNS entries, configure forwarding, and optimize DNS resolution.
How to Customize DNS Configuration in Kubernetes
Configure custom DNS settings in Kubernetes. Learn CoreDNS customization, stub domains, upstream servers, and pod DNS policies.
How to Configure Kubernetes DNS Policies
Control pod DNS resolution with DNS policies and configs. Configure custom nameservers, search domains, and optimize DNS for your workloads.
How to Implement Request Routing with Ingress
Configure advanced routing rules with Kubernetes Ingress. Implement path-based routing, host-based routing, and traffic management.
How to Secure Ingress with SSL/TLS Certificates
Configure TLS termination for Kubernetes Ingress using cert-manager and Let's Encrypt. Automate certificate issuance and renewal.
How to Implement Service Mesh with Istio
Deploy Istio service mesh for traffic management, security, and observability. Learn to configure virtual services, destination rules, and mTLS.
How to Configure DNS in Kubernetes
Understand and configure Kubernetes DNS with CoreDNS. Customize DNS policies, configure external DNS resolution, and troubleshoot DNS issues.
How to Use Kubernetes EndpointSlices
Understand and manage EndpointSlices for scalable service discovery. Configure endpoint slicing, troubleshoot connectivity, and optimize large clusters.
How to Implement Network Policies
Secure pod-to-pod communication with Kubernetes Network Policies. Learn to create ingress and egress rules, isolate namespaces, and implement zero-trust.
How to Implement Rate Limiting in Kubernetes
Protect your services with rate limiting. Configure rate limits using Ingress, service mesh, and API gateways to prevent abuse and ensure fair usage.
How to Expose Services with LoadBalancer and NodePort
Learn different ways to expose Kubernetes services externally using LoadBalancer, NodePort, and ExternalIPs. Compare options for various environments.
NetworkPolicy: Default Deny All Traffic
Implement a zero-trust network security model in Kubernetes by creating a default deny-all NetworkPolicy. Learn how to block all ingress and egress.
How to Configure NGINX Ingress with TLS using cert-manager
Learn how to set up NGINX Ingress Controller with automatic TLS certificates from Let's Encrypt using cert-manager. Complete YAML examples and.