Pod-to-Pod Communication

While a CNI plugin can be used to configure the network of a pod and provide a single IP per pod, CNI does not help you with pod-to-pod communication across nodes.

The early requirement from Kubernetes was the following:

All pods can communicate with each other across nodes.
All nodes can communicate with all pods.
No Network Address Translation (NAT).

Basically, all IPs involved (nodes and pods) are routable without NAT. This can be achieved at the physical network infrastructure if you have access to it (e.g., GKE). Or, this can be achieved with a software defined overlay with solutions like:

Flannel
Calico
Cilium

Most network plugins now support the use of Network Policies, which act as an internal firewall, limiting ingress and egress traffic.

For more information see the "Cluster Networking" Documentation page or the list of networking add-ons.

Pod-to-Pod Communication ​

Pod-to-Pod Communication