KubeOne External CNIs

I noticed that Kubeone currently supports Canal and WeaveNet for ‘out-of-the-box’ CNI’s with the option of declaring an ‘external’ CNI that can be setup post deployment. My question here is - how is this ‘external’ CNI treated in the case of an upgrade?


KubeOne doesn’t update CNI when external CNI option is used. In that case, it’s users’ responsibility to install, upgrade, and maintain it.

To make this easier, external CNI option can be used in combination with the Addons feature. The workflow in this case would be:

  • Enable the external CNI option in the KubeOne configuration file
  • Enable the Addons feature in the KubeOne configuration file
  • Put the needed CNI manifests in the appropriate addons directory

In this case, when you run kubeone install or kubeone upgrade, KubeOne will take care of applying manifests from the appropriate addons directory, including updating changed resources. This way, CNI will be updated the next time you upgrade your cluster, as long as you update manifests.

1 Like