KubeVirt is transforming the integration of containers and virtual machines (VMs) within Kubernetes environments. By enabling VMs to run as processes in Kubernetes pods, KubeVirt allows seamless operation of VMs alongside containerized workloads. However, the existing Kubernetes networking model, while offering simplicity and cost-effectiveness through a unified approach, presents challenges for diverse user groups.

Traditional virtualization users face difficulties meeting their Layer 2 isolation needs, while Kubernetes-savvy users seek a managed networking experience. Importantly, both groups running virtualization workloads require stable IP addresses for their VMs throughout their lifecycle, including during live migration and restart/shutdown operations. This requirement adds complexity to the already challenging Kubernetes networking landscape, and brings into focus the needs for network isolation in Kubernetes, questioning the fundamental decisions for networking in Kubernetes.

To address these multifaceted issues, the user-defined networks OVN-Kubernetes feature has emerged as a powerful solution. This feature integrates natively with the Kubernetes API, supporting services and network policies while providing the necessary tools for effective traffic isolation and NATed egress implementation. Crucially, it also offers the capability to maintain consistent IP addresses for virtualization workloads, ensuring stability during VM lifecycle events.

Through a live demonstration, attendees will learn practical steps to implement traffic isolation using OVN-Kubernetes User Defined Networking functionality. Including NATed egress and stable IP addressing for VMs on their clusters. By the session's end, participants will understand how to tailor Kubernetes networking to meet their organization's specific requirements, bridging the gap between Kubernetes' flexible architecture and the stringent networking needs of both traditional virtualization and managed Kubernetes environments. This knowledge will empower attendees to create more effective and secure networking solutions, enabling them to fully leverage cloud-native technologies while maintaining operational security and compliance across diverse deployment scenarios.