eBPF based cloud-native load-balancer for Kubernetes|Edge|Telco|IoT|XaaS.
What is loxilb
loxilb is an open source cloud-native load-balancer based on GoLang/eBPF with the goal of achieving cross-compatibility across a wide range of on-prem, public-cloud or hybrid K8s environments. loxilb is being developed to support the adoption of cloud-native tech in telco, mobility, and edge computing.
Kubernetes with loxilb
Kubernetes defines many service constructs like cluster-ip, node-port, load-balancer, ingress etc for pod to pod, pod to service and outside-world to service communication.
All these services are provided by load-balancers/proxies operating at Layer4/Layer7. Since Kubernetes's is highly modular, these services can be provided by different software modules. For example, kube-proxy is used by default to provide cluster-ip and node-port services. For some services like LB and Ingress, no default is usually provided.
Service type load-balancer is usually provided by public cloud-provider(s) as a managed entity. But for on-prem and self-managed clusters, there are only a few good options available. Even for provider-managed K8s like EKS, there are many who would want to bring their own LB to clusters running anywhere. Additionally, Telco 5G and edge services introduce unique challenges due to the variety of exotic protocols involved, including GTP, SCTP, SRv6, SEPP, and DTLS, making seamless integration particularly challenging. loxilb provides service type load-balancer as its main use-case. loxilb can be run in-cluster or ext-to-cluster as per user need.
loxilb works as a L4 load-balancer/service-proxy by default. Although L4 load-balancing provides great performance and functionality, an equally performant L7 load-balancer is also necessary in K8s for various use-cases. loxilb also supports L7 load-balancing in the form of Kubernetes Ingress implementation which is enhanced with eBPF sockmap helpers. This also benefit users who need L4 and L7 load-balancing under the same hood.
Additionally, loxilb also supports:
kube-proxy replacement with eBPF(full cluster-mesh implementation for Kubernetes)
Ingress Support
Kubernetes Gateway API
Kubernetes Network Policies
Telco-Cloud with loxilb
For deploying telco-cloud with cloud-native functions, loxilb can be used as an enhanced SCP(service communication proxy). SCP is a communication proxy defined by 3GPP and aimed at telco micro-services running in cloud-native environment. Read more in this blog
Telco-cloud requires load-balancing and communication across various interfaces/standards like N2, N4, E2(ORAN), S6x, 5GLAN, GTP etc. Each of these present its own unique challenges which loxilb aims to solve e.g.:
N4 requires PFCP level session-intelligence
N2 requires NGAP parsing capability(Related Blogs - Blog-1, Blog-2, Blog-3)
S6x requires Diameter/SCTP multi-homing LB support(Related Blog)
MEC use-cases might require UL-CL understanding(Related Blog)
Hitless failover support might be essential for mission-critical applications
E2 might require SCTP-LB with OpenVPN bundled together
SIP support is needed to enable cloud-native VOIP
N32 requires support for Security Edge Protection Proxy(SEPP)
Why choose loxilb?
Performsmuch better compared to its competitors across various architecturesUtitlizes ebpf which makes it
flexibleas well ascustomizableAdvanced
quality of servicefor workloads (per LB, per end-point or per client)Works with
anyKubernetes distribution/CNI - k8s/k3s/k0s/kind/OpenShift + Calico/Flannel/Cilium/Weave/Multus etcKube-proxy replacement with loxilb allows
simple plug-inwith any existing/deployed pod-networking softwareExtensive support for
SCTP workloads(with multi-homing) on K8sDual stack with
NAT66, NAT64support for K8sK8s
multi-clustersupport (planned 🚧)Runs in
anycloud (public cloud/on-prem) orstandaloneenvironments
Overall features of loxilb
L4/NAT stateful loadbalancer
NAT44, NAT66, NAT64 with One-ARM, FullNAT, DSR etc
Support for TCP, UDP, SCTP (w/ multi-homing), QUIC, FTP, TFTP etc
High-availability support with BFD detection for hitless/maglev/cgnat clustering
Extensive and scalable end-point liveness probes for cloud-native environments
Stateful firewalling and IPSEC/Wireguard support
Optimized implementation for features like Conntrack, QoS etc
Full compatibility for ipvs (ipvs policies can be auto inherited)
Policy oriented L7 proxy support - HTTP1.0, 1.1, 2.0, 3.0
Components of loxilb
GoLang based control plane components
A scalable/efficient eBPF based data-path implementation
Integrated goBGP based routing stack
A kubernetes operator kube-loxilb written in Go
A kubernetes ingress implementation
Architectural Considerations
Getting Started
loxilb as ext-cluster pod
loxilb as in-cluster pod
loxilb as service-proxy (kube-proxy replacement)
loxilb as Kubernetes Ingress
loxilb in standalone mode
Advanced Guides
Knowledge-Base
Community
Slack
Join the loxilb Slack channel to chat with loxilb developers and other loxilb users. This is a good place to learn about loxilb, ask questions, and work collaboratively.
General Discussion
Feel free to post your queries in github discussion. If you find any issue/bugs, please raise an issue in github and members from loxilb community will be happy to help.