Flannel

Flannel is a simple and easy-to-use CNI plugin that provides an overlay network for Kubernetes. It’s designed for simplicity and ease of setup, making it ideal for development environments, learning Kubernetes, or clusters that don’t need advanced networking features. Flannel focuses on providing basic pod-to-pod connectivity without complexity.

What is Flannel?

Flannel provides:

• Simple overlay network - Easy to understand and configure
• Pod networking - IP address assignment and routing
• Multiple backends - VXLAN, host-gw, UDP, etc.
• Easy installation - Simple setup process
• Minimal configuration - Works out of the box

Flannel Architecture

Flannel consists of:

flanneld Daemon

Runs on each node:

• Manages subnet - Allocates subnet per node
• Configures routes - Sets up routing
• Handles encapsulation - Manages VXLAN/IP-in-IP

CNI Plugin

Configures pod network interfaces:

• Assigns IPs - From node’s subnet
• Configures bridge - Sets up network bridge
• Routes traffic - Configures routing

Backend Types

Flannel supports multiple backends:

VXLAN (Default)

Encapsulates traffic in VXLAN:

• Works everywhere - Compatible with most networks
• Overhead - Some encapsulation overhead
• Simple - Easy to configure

host-gw

Direct routing without encapsulation:

• Best performance - No encapsulation overhead
• Requires L2 - Needs Layer 2 connectivity between nodes
• Faster - Lower latency

UDP

Legacy backend (not recommended):

• Deprecated - Use VXLAN instead
• Userspace - Slower performance

Installation

Quick Install

# Apply Flannel manifest
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml

Configuration

Flannel is configured via ConfigMap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: kube-flannel-cfg
  namespace: kube-system
data:
  cni-conf.json: |
    {
      "name": "cbr0",
      "cniVersion": "0.3.1",
      "plugins": [
        {
          "type": "flannel",
          "delegate": {
            "forceAddressing": true
          }
        }
      ]
    }
  net-conf.json: |
    {
      "Network": "10.244.0.0/16",
      "Backend": {
        "Type": "vxlan"
      }
    }

Key settings:

• Network - Pod IP range (CIDR)
• Backend.Type - Backend type (vxlan, host-gw, etc.)

Network Configuration

VXLAN Backend

{
  "Network": "10.244.0.0/16",
  "Backend": {
    "Type": "vxlan",
    "VNI": 1,
    "Port": 8472
  }
}

host-gw Backend

{
  "Network": "10.244.0.0/16",
  "Backend": {
    "Type": "host-gw"
  }
}

Note: host-gw requires Layer 2 connectivity between nodes.

Network Policies

Flannel has limited Network Policy support:

• Depends on backend - Some backends support policies
• Not full support - May not support all Network Policy features
• Consider alternatives - Use Calico or Cilium for full support

Important: If you need Network Policies, consider Calico or Cilium instead.

Use Cases

Development Clusters

Flannel is ideal for development:

• Simple setup - Easy to install and configure
• Quick start - Get networking working quickly
• Low complexity - Easy to understand and troubleshoot

Learning Kubernetes

Great for learning:

• Simple concepts - Easy to understand overlay network
• Minimal configuration - Focus on Kubernetes, not networking
• Good documentation - Well-documented and examples available

Simple Production

Can work for simple production:

• Basic requirements - If you only need basic connectivity
• No Network Policies - If you don’t need Network Policies
• Small clusters - Works well for smaller clusters

Limitations

Network Policies

• Limited support - Not full Network Policy support
• Backend dependent - Support varies by backend
• Consider alternatives - Use Calico/Cilium for policies

Advanced Features

• No BGP - Doesn’t support BGP routing
• No encryption - No built-in encryption
• Basic features - Focuses on basic connectivity

Performance

• VXLAN overhead - VXLAN adds encapsulation overhead
• Not optimized - Not optimized for high performance
• Consider Cilium - Use Cilium for high performance

Best Practices

1. Use VXLAN backend - Most compatible option
2. Plan IP range - Ensure pod subnet is large enough
3. Use host-gw if possible - Better performance if L2 available
4. Monitor flanneld - Monitor Flannel daemon health
5. Keep updated - Update Flannel regularly
6. Document configuration - Document Flannel configuration
7. Test connectivity - Verify pod-to-pod connectivity
8. Consider alternatives - Evaluate if you need more features
9. Backup config - Backup Flannel configuration
10. Plan migration - Plan migration path if needs grow

Troubleshooting

Pods Not Getting IPs

1. Check Flannel pods: kubectl get pods -n kube-system -l app=flannel
2. Verify ConfigMap: kubectl get configmap kube-flannel-cfg -n kube-system -o yaml
3. Check flanneld logs: kubectl logs -n kube-system -l app=flannel
4. Verify subnet: Check if subnet is correctly configured
5. Check CNI config: Verify CNI configuration in /etc/cni/net.d/

Connectivity Issues

1. Test pod-to-pod: kubectl exec <pod> -- ping <other-pod-ip>
2. Check routes: ip route show on nodes
3. Verify backend: Check which backend is configured
4. Test VXLAN: Verify VXLAN interface exists
5. Review logs: Check Flannel daemon logs

Performance Issues

1. Consider host-gw: Switch to host-gw if L2 available
2. Check encapsulation: VXLAN adds overhead
3. Monitor network: Track network performance
4. Consider alternatives: Evaluate Cilium for performance
5. Review configuration: Optimize Flannel configuration

Migration Considerations

If you outgrow Flannel:

To Calico

• Network Policies - Full Network Policy support
• BGP routing - BGP capabilities
• More features - Advanced networking features

To Cilium

• High performance - eBPF-based performance
• Observability - Deep observability
• Advanced features - Service mesh integration

See Also

• CNI Plugins Overview - CNI plugin comparison
• Calico - Advanced CNI with policies
• Cilium - High-performance CNI
• CNI Basics - Understanding CNI