These are general-purpose CNI network plugins maintained by the containernetworking team. For more information, see the individual plugin pages.
bridge: Creates a bridge, adds the host and the container to it.
ipvlan: Adds an ipvlan interface in the container.
macvlan: Creates a new MAC address, forwards all traffic to that to the container.
ptp: Creates a veth pair.
host-device: Move an already-existing device into a container.
win-bridge: Creates a bridge, adds the host and the container to it.
win-overlay: Creates an overlay interface to the container.
dhcp: Runs a daemon on the host to make DHCP requests on behalf of the container
host-local: Maintains a local database of allocated IPs
static: Allocate a static IPv4/IPv6 addresses to container and it’s useful in debugging purpose.
flannel: Generates an interface corresponding to a flannel config file
tuning: Tweaks sysctl parameters of an existing interface
portmap: An iptables-based portmapping plugin. Maps ports from the host’s address space to the container.
bandwidth: Allows bandwidth-limiting through use of traffic control tbf (ingress/egress).
sbr: A plugin that configures source based routing for an interface (from which it is chained).
firewall: A firewall plugin which uses iptables or firewalld to add rules to allow traffic to/from the container.
The sample plugin provides an example for building your own plugin.
For any questions about CNI, please reach out via:
If you have a security issue to report, please do so privately to the email addresses listed in the OWNERS file.