• Blog
  • Docs
  • Careers
  • Get Support
  • Contact Sales
DigitalOcean
  • Featured AI Products

    Compute

    Build, deploy, and scale cloud compute resources

    Containers and Images

    Safely store and manage containers and backups

    Managed Databases

    Fully managed resources running popular database engines

    Management and Dev Tools

    Control infrastructure and gather insights

    Networking

    Secure and control traffic to apps

    Security

    Help protect your account and resources with these security features

    Storage

    Store and access any amount of data reliably in the cloud

    Browse all products

  • AI/ML

    CMS

    Data and IoT

    Developer Tools

    Gaming and Media

    Hosting

    Security and Networking

    Startups and SMBs

    Web and App Platforms

    See all solutions

  • Community

    Documentation

    Developer Tools

    Get Involved

    Utilities and Help

  • Become a Partner

    Marketplace

  • Pricing
  • Log in
  • Sign up
  • Log in
  • Sign up

Company

  • About
  • Leadership
  • Blog
  • Careers
  • Customers
  • Partners
  • Referral Program
  • Affiliate Program
  • Press
  • Legal
  • Privacy Policy
  • Security
  • Investor Relations

Products

  • GPU Droplets
  • Bare Metal GPUs
  • Inference Engine
  • Data & Learning
  • Evaluations
  • Model Library
  • Droplets
  • Kubernetes
  • Functions
  • App Platform
  • Load Balancers
  • Managed Databases
  • Spaces
  • Block Storage
  • Network File Storage
  • API
  • Uptime
  • Cloud Security Posture Management (CSPM)
  • Identity and Access Management (IAM)
  • Cloudways
  • View all Products

Resources

  • Community Tutorials
  • Community Q&A
  • CSS-Tricks
  • Write for DOnations
  • Currents Research
  • DigitalOcean Startups
  • Wavemakers Program
  • Compass Council
  • Open Source
  • Newsletter Signup
  • Marketplace
  • Pricing
  • Pricing Calculator
  • Documentation
  • Release Notes
  • Code of Conduct
  • Shop Swag

Solutions

  • AI Training GPU
  • GPU Inference
  • VPS Hosting
  • Website Hosting
  • VPN
  • Docker Hosting
  • Node.js Hosting
  • Web Mobile Apps
  • WordPress Hosting
  • Virtual Machines
  • View all Solutions

Contact

  • Support
  • Sales
  • Report Abuse
  • System Status
  • Share your ideas

Company

  • About
  • Leadership
  • Blog
  • Careers
  • Customers
  • Partners
  • Referral Program
  • Affiliate Program
  • Press
  • Legal
  • Privacy Policy
  • Security
  • Investor Relations

Products

  • GPU Droplets
  • Bare Metal GPUs
  • Inference Engine
  • Data & Learning
  • Evaluations
  • Model Library
  • Droplets
  • Kubernetes
  • Functions
  • App Platform
  • Load Balancers
  • Managed Databases
  • Spaces
  • Block Storage
  • Network File Storage
  • API
  • Uptime
  • Cloud Security Posture Management (CSPM)
  • Identity and Access Management (IAM)
  • Cloudways
  • View all Products

Resources

  • Community Tutorials
  • Community Q&A
  • CSS-Tricks
  • Write for DOnations
  • Currents Research
  • DigitalOcean Startups
  • Wavemakers Program
  • Compass Council
  • Open Source
  • Newsletter Signup
  • Marketplace
  • Pricing
  • Pricing Calculator
  • Documentation
  • Release Notes
  • Code of Conduct
  • Shop Swag

Solutions

  • AI Training GPU
  • GPU Inference
  • VPS Hosting
  • Website Hosting
  • VPN
  • Docker Hosting
  • Node.js Hosting
  • Web Mobile Apps
  • WordPress Hosting
  • Virtual Machines
  • View all Solutions

Contact

  • Support
  • Sales
  • Report Abuse
  • System Status
  • Share your ideas
© 2026 DigitalOcean, LLC.Sitemap.
Product updates

DigitalOcean Kubernetes (DOKS) Networking, Reimagined

author

By Bikram Gupta, Ingo Gottwald, Piyush Srivastava, Braden Bassingthwaite, Udhay Ravindran

  • Published: November 12, 2024
  • 4 min read
<- Back to blog home

In the world of cloud-native applications, networking is the backbone that connects everything. Today, we’re excited to announce foundational additions (VPC-native cluster, VPC peering, Global load balancer, Internal load balancer) to DigitalOcean Kubernetes (DOKS) networking that will enable you to build and scale your applications globally.

DOKS networking - Current challenges for scalers

Traditional DOKS networking has served and will continue to meet the needs of many customers well. However, as some customers look to scale, they run into the following challenges.

image alt text

  • Isolated Kubernetes Network: Clusters existed in isolated virtualized network spaces, unable to communicate directly with each other or with VPC resources. This required routing via public IP addresses, even for internal communications. Note that this works just fine for many production applications.
  • Limited geographical flexibility: Load balancing and cross-connecting services across multiple clusters in different regions was not possible. This confined applications to single data centers, limiting use cases for geo-distributed applications and cross-cluster failover.
  • Lack of private load balancing: Private load balancing to cluster services was not directly possible, necessitating the use of public load balancers for internal services.

These constraints not only impacted seamless application scalability beyond a single region but also posed security and performance challenges for growing businesses.

New capabilities to improve DOKS networking

At DigitalOcean, we’re committed to keeping the user experience simple while empowering developers to build robust, scalable applications. Our vision for DOKS networking is to:

  • Maintain the simplicity you love about DO
  • Leverage the power of Cilium CNI while enabling native routing between DOKS cluster and VPC resources
  • Enable transparent global peering and load balancing among clusters
  • Eliminate the need for public network traversal for internal communications, enhancing both security and performance

With these improvements, we aim to provide you with a more flexible, scalable, and secure networking foundation for your cloud-native applications. To realize this vision, we’re introducing several key features that will transform your DOKS networking experience.

We are thrilled to announce the following new capabilities to DOKS.

  • VPC-native DOKS Cluster (Early Availability): This feature enables native routing between cluster and VPC resources, seamlessly integrating DOKS clusters with your existing network architecture. During the early availability phase, node, cluster and service CIDR configuration is required during cluster creation. It’s important to note that Kubernetes does not allow CIDR changes post-creation, so this capability is only available for new clusters.
  • VPC Peering (Early Availability): Enable seamless communication between cluster resources across regions and VPCs. Once VPC peering is established, DOKS peering works automatically and transparently, provided that native routing has been enabled.
  • Global Load Balancer (GLB) (GA): Distribute your north-south traffic among services in different clusters with ease. This not only enhances your application’s scalability but also improves resilience and reduces latency for global users. For DOKS, GLB is configured in conjunction with regional load balancers, offering you granular control over traffic distribution.
  • Internal Load Balancer (ILB) (EA): Achieve internal load balancing to DOKS services from VPC resources or another DOKS cluster. This is region agnostic, if VPC peering is configured. This keeps communication between Droplets and DOKS services within your private network, enhancing security and performance.

These features work together to create a seamless experience, enabling you to build truly distributed, resilient applications. You can run a global application with clusters in multiple regions, cluster resources communicating privately via VPC peering. Likewise all your cluster resources can talk to VPC resources and vice versa natively without going over public networks.

The Big Picture: A New Paradigm for Cloud-Native Applications

image alt text

With our reimagined DOKS networking, we’re introducing a new paradigm for building and scaling cloud-native applications. Let’s explore how these new features come together to create a powerful, flexible networking ecosystem:

  • Global Network Planning: Start by planning your VPC CIDRs across your entire team account globally. Allocate non-overlapping RFC1918 address ranges for your DOKS node, pod, and service networks. This foundational step provides native routing between your cluster and VPC resources, setting the stage for seamless communication.
  • Inter-Cluster Communication: As your node, pod, and service addresses for DOKS resources are now unique across your team, inter-cluster native routing is automatically enabled once you configure VPC peering. This eliminates the need for complex networking workarounds and enhances security by keeping traffic off public networks.
  • Service Connectivity: Remember, a Kubernetes service (of type LoadBalancer) is a logical entity for load balancing. To connect to a service from a private network, you’ll use our new Internal Load Balancer (ILB). This keeps your internal traffic internal, improving both security and performance.
  • Global Traffic Management: For applications spanning multiple regions, you can now leverage our Global Load Balancer (GLB) to route traffic for the same application (e.g., helloworld.xyz) across multiple clusters in different regions. Note that GLB works with the DOKS regional load balancers to route the user traffic to the nearest datacenter. This not only improves application performance and user experience but also helps to serve as an effective disaster recovery mechanism in case of regional outages.

This new paradigm helps enable you to build truly global, resilient applications while maintaining the simplicity and ease of use you expect from DigitalOcean. Whether you’re scaling a startup or managing enterprise-grade applications, these networking enhancements provide the flexibility and power you need to succeed in the cloud-native world.

How to get started?

To get started, start by creating your new DOKS clusters with custom CIDR for node and service networks. This will ensure your cluster is ready for native routing. Routing between pods and VPC resources should work natively by default.

Use the following based on your specific use case:

  • Use ILB for internal service routing between VPC resources to DOKS.
  • If you need private connectivity between multiple clusters in different VPC/regions, use VPC peering.
  • For North-South load balancing to the same application running in different clusters, use GLB.

Join us for a Live Office Hours Q&A:

Join us for an office hour on 11/21/2024 at 10am EST with our engineers where we’ll walk through these features in detail and answer your questions.

About the author

Bikram Gupta, Ingo Gottwald, Piyush Srivastava, Braden Bassingthwaite, Udhay Ravindran
Bikram Gupta, Ingo Gottwald, Piyush Srivastava, Braden Bassingthwaite, Udhay Ravindran
Author

Share

  • Product Updates

Start building today

From GPU-powered inference and Kubernetes to managed databases and storage, get everything you need to build, scale, and deploy intelligent applications.
Sign up

Related Articles

Run Codex in the cloud – DigitalOcean for Codex is now available
Product updates

Run Codex in the cloud – DigitalOcean for Codex is now available

Ari Sigal
  • June 25, 2026
  • 3 min read

Read more

Server-Side Tools Are Now Available for DigitalOcean Inference Engine
Product updates

Server-Side Tools Are Now Available for DigitalOcean Inference Engine

Grace Morgan
  • June 17, 2026
  • 3 min read

Read more

Model Evaluations: Prove Your Routing Policy Actually Works
Product updates

Model Evaluations: Prove Your Routing Policy Actually Works

Sathish Jothikumar

  • June 4, 2026
  • 7 min read

Read more