Submariner is a tool for connecting pods and services across separate Kubernetes clusters into a unified network mesh. It uses a central broker-based architecture to coordinate cross-cluster service discovery, DNS resolution, and encrypted tunneling, enabling secure communication between workloads in different clusters.
The project handles overlapping pod and service CIDR ranges across clusters through global IP address mapping, preventing address collisions. It supports multiple encrypted tunnel protocols, including IPsec and WireGuard, to secure inter-cluster traffic, and provides gateway health monitoring with automatic failover to maintain connectivity. Submariner also includes a command-line utility for deploying, configuring, and managing the multi-cluster networking components.
Beyond core networking, Submariner offers tools for cross-cluster network diagnostics, performance benchmarking, and service export management. It provides comprehensive monitoring capabilities to inspect cluster state, component versions, and gateway status, along with automated checks to diagnose deployment issues and verify connectivity. The project supports deployment across any standard Kubernetes cluster, regardless of cloud provider or CNI plugin.
