Skip to content

Services, Load Balancing, and Networking

The VM Operator network model

By default, every virtual machine (VM) receives its own, unique, IP address. It is possible to deploy VM workloads that have no networking capabilities whatsoever, but this would be an explicit choice.

VM Operator imposes the following fundamental requirements on any networking implementation (barring any intentional network segmentation policies):

  • VMs in the same namespace are not ensured direct network connectivity
  • VMs on the same node are not ensured direct network connectivity
  • VMs in the same namespace, or in different namespaces, can communicate directly if both VMs are connected to the same network
  • Depending on the network topology, VMs may not be able to communicate directly with the Kubernetes cluster network, i.e. a VM accessing a pod via its cluster IP

Unlike the Kubernetes networking model, VMs running on a node do not necessarily share a common network with the node, nor are any ports exposed from a VM exposed on the node where the workload is scheduled.

VM Operator networking addresses two concerns:

  • The VirtualMachineService API allows users to expose an application running in a VM workload to other VMs in other namespaces or to pod workloads in the same or other namespaces
  • The VirtualMachine API simplifies bootstrapping the guest's network configuration

What's Next

This section provides information about networking resources and concepts, such as: