Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

When they say "network stack" they don't mean their own implementations of TCP and UDP like you would for an OS (like linux). They mean the various pieces that the container runtime has to implement. See CNI[1] for more information.

[1]: https://www.cni.dev/



So it's the "compiler" for a CNI spec into a configuration for a linux network namespace?


Yeah I think that's a reasonable way to think of it. When a container (or Pod) gets created it needs a handful of network stuff setup, from creating the virtual network interfaces, setting up route tables. nftables/iptables rules, assigning an IP address, setting up NAT, configuring container-to-container networking, etc.


Thanks, that makes sense. I'd prefer it'd be called something else than a "network stack", but that's life.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: