# submariner-io/submariner **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/submariner-io-submariner).** 2,618 stars · 201 forks · Go · apache-2.0 ## Links - GitHub: https://github.com/submariner-io/submariner - Homepage: https://submariner.io - awesome-repositories: https://awesome-repositories.com/repository/submariner-io-submariner.md ## Description Submariner is a tool for connecting pods and services across separate Kubernetes clusters into a unified network mesh. It uses a central broker-based architecture to coordinate cross-cluster service discovery, DNS resolution, and encrypted tunneling, enabling secure communication between workloads in different clusters. The project handles overlapping pod and service CIDR ranges across clusters through global IP address mapping, preventing address collisions. It supports multiple encrypted tunnel protocols, including IPsec and WireGuard, to secure inter-cluster traffic, and provides gateway health monitoring with automatic failover to maintain connectivity. Submariner also includes a command-line utility for deploying, configuring, and managing the multi-cluster networking components. Beyond core networking, Submariner offers tools for cross-cluster network diagnostics, performance benchmarking, and service export management. It provides comprehensive monitoring capabilities to inspect cluster state, component versions, and gateway status, along with automated checks to diagnose deployment issues and verify connectivity. The project supports deployment across any standard Kubernetes cluster, regardless of cloud provider or CNI plugin. ## Tags ### Networking & Communication - [Multi-Cluster Service Connectivity](https://awesome-repositories.com/f/networking-communication/multi-cluster-service-connectivity.md) — Connects pods and services across separate Kubernetes clusters with encrypted tunnels and service discovery. - [CIDR Calculators](https://awesome-repositories.com/f/networking-communication/cidr-calculators.md) — Supports interconnecting clusters whose pod or service CIDR ranges overlap without address conflicts. ([source](https://submariner.io/getting-started/architecture/)) - [Multi-Cloud Overlays](https://awesome-repositories.com/f/networking-communication/cloud-application-connectivity/multi-cloud-overlays.md) — Connects Kubernetes clusters across different cloud providers and on-premises into a unified network overlay. - [Cross-Cluster Service Discovery](https://awesome-repositories.com/f/networking-communication/cross-cluster-service-discovery.md) — Uses a central broker to coordinate service discovery and endpoint resolution across Kubernetes clusters. - [Service Exports](https://awesome-repositories.com/f/networking-communication/cross-cluster-service-discovery/service-exports.md) — Marks Kubernetes services for cross-cluster visibility by creating ServiceExport resources, making them discoverable to all clusters. ([source](https://submariner.io)) - [Cross-Cluster DNS Resolvers](https://awesome-repositories.com/f/networking-communication/dns-cluster-orchestration/cross-cluster-dns-resolvers.md) — Resolves service names across clusters using a distributed DNS system that queries the broker for exported services. - [Kubernetes Mesh Gateways](https://awesome-repositories.com/f/networking-communication/mesh-gateway-deployments/kubernetes-mesh-gateways.md) — Deploys a mesh of interconnected Kubernetes clusters using a central broker and gateway nodes. - [Multi-Cluster Connectivity Fabrics](https://awesome-repositories.com/f/networking-communication/multi-cluster-connectivity-fabrics.md) — Connects pods and services across different Kubernetes clusters by exchanging cluster and endpoint objects and forming routes. ([source](https://cdn.jsdelivr.net/gh/submariner-io/submariner@devel/README.md)) - [Cluster Network Diagnostics](https://awesome-repositories.com/f/networking-communication/network-troubleshooting-tools/cluster-network-diagnostics.md) — Ships automated connectivity tests, log gathering, and diagnostic checks for multi-cluster Kubernetes networks. - [CIDR Mapping](https://awesome-repositories.com/f/networking-communication/subnet-routing/cidr-mapping.md) — Handles conflicting pod and service IP ranges by applying network address translation rules at the gateway level. - [In-Cluster Traffic Steering](https://awesome-repositories.com/f/networking-communication/traffic-routing-tools/in-cluster-traffic-steering.md) — Routes pod and service traffic between Kubernetes clusters through elected gateway nodes and encrypted tunnels. ([source](https://submariner.io/getting-started/architecture/)) - [Cross-Cluster Traffic Steering](https://awesome-repositories.com/f/networking-communication/traffic-routing-tools/in-cluster-traffic-steering/cross-cluster-traffic-steering.md) — Directs traffic from local nodes to the active gateway engine for forwarding to remote clusters. ([source](https://submariner.io/operations/deployment/)) - [Cross-Cluster Gateway Routers](https://awesome-repositories.com/f/networking-communication/traffic-routing/node-aware-routing/gateway-routing/cross-cluster-gateway-routers.md) — Routes inter-cluster traffic through designated gateway nodes that establish encrypted tunnels between clusters. - [Gateway Status Monitoring](https://awesome-repositories.com/f/networking-communication/api-integration-frameworks/api-management-integration/api-gateways/api-gateway-configurations/gateway-status-monitoring.md) — Displays summary information about the operational status of Submariner gateways deployed in a cluster. ([source](https://submariner.io/operations/deployment/helm/)) - [Cluster Discovery Services](https://awesome-repositories.com/f/networking-communication/cluster-discovery-services.md) — Hides Kubernetes services from other clusters by deleting their ServiceExport resources. ([source](https://submariner.io/operations/deployment/subctl/)) - [Service Export Management](https://awesome-repositories.com/f/networking-communication/cross-cluster-service-discovery/service-export-management.md) — Removes ServiceExport resources to hide Kubernetes services from other connected clusters. ([source](https://submariner.io/operations/deployment/subctl/)) - [Runtime Diagnostics Gathering](https://awesome-repositories.com/f/networking-communication/network-troubleshooting-tools/runtime-diagnostics-gathering.md) — Collects Kubernetes resources and pod logs from clusters into a timestamped directory for offline analysis. ([source](https://submariner.io/operations/deployment/subctl/)) ### DevOps & Infrastructure - [Cloud Deployment CLI Tools](https://awesome-repositories.com/f/devops-infrastructure/cloud-deployment-cli-tools.md) — Ships a command-line utility for simplifying deployment, configuration, and management of cross-cluster networking. ([source](https://submariner.io)) - [Mesh Cluster Joiners](https://awesome-repositories.com/f/devops-infrastructure/cluster-node-management/cluster-bootstrapping/mesh-cluster-joiners.md) — Connects a new cluster to an existing broker by installing the Submariner operator with cluster-specific network and authentication settings. ([source](https://submariner.io/operations/deployment/subctl/)) - [Cluster Meshes](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-cluster-management/cluster-meshes.md) — Interconnects multiple Kubernetes clusters into a unified network mesh for workload communication. - [Multi-Cluster Networking Operators](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-cluster-management/multi-cluster-networking-operators.md) — Operates in any standard Kubernetes cluster regardless of cloud provider or CNI plugin. ([source](https://submariner.io/getting-started/)) - [Service Broker Deployments](https://awesome-repositories.com/f/devops-infrastructure/platform-as-a-service/service-broker-deployments.md) — Installs CRDs and a service account on a central cluster to coordinate resource sharing across participating clusters. ([source](https://submariner.io/operations/deployment/helm/)) - [CNI-Agnostic Deployers](https://awesome-repositories.com/f/devops-infrastructure/ai-deployment-containers/kubernetes-cluster-setups/cni-agnostic-deployers.md) — Runs in any standard Kubernetes cluster regardless of cloud provider or CNI plugin. ([source](https://submariner.io/operations/deployment/subctl/)) - [Mesh Deployment Verifications](https://awesome-repositories.com/f/devops-infrastructure/ambient-mesh-deployments/mesh-deployment-verifications.md) — Runs automated connectivity tests to confirm all clusters in the mesh are properly joined and reachable. ([source](https://submariner.io/operations/deployment/subctl/)) - [Deployment Diagnoses](https://awesome-repositories.com/f/devops-infrastructure/cni-plugins/deployment-diagnoses.md) — Runs automated checks to identify problems with Submariner components, firewall rules, and cluster configurations. ([source](https://submariner.io/operations/deployment/subctl/)) - [Global IP Address Controllers](https://awesome-repositories.com/f/devops-infrastructure/custom-resource-definitions/custom-resource-controllers/global-ip-address-controllers.md) — Manages global IP address allocation and mapping for clusters with overlapping CIDRs through a dedicated controller. - [Multi-Component Upgrades](https://awesome-repositories.com/f/devops-infrastructure/version-upgrades/multi-component-upgrades.md) — Ships a command to upgrade the subctl binary and all Submariner components across accessible clusters. ([source](https://submariner.io/operations/deployment/subctl/)) ### Security & Cryptography - [Cross-Cluster Security](https://awesome-repositories.com/f/security-cryptography/cluster-security/cluster-communication-security/cross-cluster-security.md) — Establishes encrypted tunnels between Kubernetes clusters to enable direct pod and service communication across them. ([source](https://submariner.io/getting-started/)) - [Encrypted Tunneling Protocols](https://awesome-repositories.com/f/security-cryptography/encrypted-tunneling-protocols.md) — Supports multiple encrypted tunnel protocols including IPsec and WireGuard to secure pod-to-pod communication. - [Overlapping CIDR Resolvers](https://awesome-repositories.com/f/security-cryptography/ip-blacklisting/ip-and-cidr-blocking/cidr-based-scanning/overlapping-cidr-resolvers.md) — Assigns non-overlapping global IP ranges to each cluster so pods and services can communicate despite conflicting native CIDRs. ([source](https://submariner.io)) - [Service Exports](https://awesome-repositories.com/f/security-cryptography/secure-sharing-services/service-exports.md) — Exposes a Kubernetes service to other connected clusters by creating a ServiceExport resource. ([source](https://submariner.io/operations/deployment/subctl/)) - [Cross-Cluster Broker Installers](https://awesome-repositories.com/f/security-cryptography/security-scanning-broker-connections/helm-based-broker-deployments/cross-cluster-broker-installers.md) — Installs a central broker component in one cluster that coordinates service discovery and connectivity for all other clusters. ([source](https://submariner.io/operations/deployment/)) - [Kubernetes Broker Deployers](https://awesome-repositories.com/f/security-cryptography/security-scanning-broker-connections/helm-based-broker-deployments/kubernetes-broker-deployers.md) — Configures a cluster as the central Broker by installing CRDs and generating a connection file for other clusters to join. ([source](https://submariner.io/operations/deployment/helm/)) ### System Administration & Monitoring - [Cluster Connectivity Verification](https://awesome-repositories.com/f/system-administration-monitoring/cluster-connectivity-verification.md) — Runs a suite of tests to validate dataplane connectivity, service discovery, and gateway failover between clusters. ([source](https://submariner.io/operations/deployment/subctl/)) ### Part of an Awesome List - [Cross-Cluster](https://awesome-repositories.com/f/awesome-lists/devops/monitoring-and-health/gateway-health-monitors/cross-cluster.md) — Monitors gateway node health and performs automatic failover to maintain cross-cluster connectivity. ### Development Tools & Productivity - [Network Broker Deployers](https://awesome-repositories.com/f/development-tools-productivity/deployment-automation/broker-deployment-automations/network-broker-deployers.md) — Deploys a set of CRDs and a service account on a central cluster to coordinate resource sharing across participating clusters. ([source](https://submariner.io/getting-started/)) ### Testing & Quality Assurance - [Network Performance Benchmarks](https://awesome-repositories.com/f/testing-quality-assurance/network-performance-benchmarks.md) — Runs a netperf-based latency benchmark between pods on gateway and non-gateway nodes across clusters. ([source](https://submariner.io/operations/deployment/subctl/))