Add Weave content

content/rancher/v2.x/en/faq/networking/cni-providers/_index.md

@@ -91,6 +91,20 @@ For more information, see the following pages:
 - [Project Calico GitHub Page](https://github.com/projectcalico/calico)
 
 
+#### Weave
+
+![Weave Logo]({{< baseurl >}}/img/rancher/weave-logo.png)
+
+Weave Net creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. With Weave Net, portable microservices-based applications consisting of multiple containers can run anywhere, Weave works as a cni plugin to Kubernetes to connect pods across Kubernetes nodes.
+
+Weave support encrypting traffic between peers by assigning a password as a config option or `WEAVE_PASSWORD` environment variable to the weave Kubernetes YAML, Rancher UI automatically generates this password when weave plugin is selected, you can still change this password by editing the cluster YAML from the UI.
+
+Kubernetes workers should open TCP port 6783 and UDP 6783/6784.
+
+Weave is available as a cni-plugin in Rancher as of version 2.2, For more information, see the following pages:
+
+- [Weave Net Official Site](https://www.weave.works/)
+
 ### CNI Features by Provider
 
 The following table summarizes the different features available for each CNI provider provided by Rancher.
@@ -100,7 +114,7 @@ The following table summarizes the different features available for each CNI pro
 | Canal | Encapsulated (VXLAN) | No | Yes | No | K8S API | No | Yes |
 | Flannel | Encapsulated (VXLAN) | No | No | No | K8S API | No | No |
 | Calico | Unencapsulated | Yes | Yes | Yes | Etcd | Yes | Yes |
-
+| Weave | Encapsulated | Yes | Yes | Yes | No | Yes | Yes |
 
 - Network Model: Encapsulated or unencapsulated. For more information, see [What Network Models are Used in CNI?](#what-network-models-are-used-in-cni)
 
@@ -125,6 +139,8 @@ The following table summarizes different GitHub metrics to give you an idea of e
 | Canal | https://github.com/projectcalico/canal | 536 | 75 | 19 |
 | flannel | https://github.com/coreos/flannel | 3.279 | 774 | 107 |
 | Calico | https://github.com/projectcalico/calico | 572 | 225 | 82 |
+| Weave | https://github.com/weaveworks/weave/ | 5446 | 498 | 63 |
+
 <br/>
 ### Which CNI Provider Should I Use?
 

content/rancher/v2.x/en/installation/references/_index.md

@@ -17,7 +17,7 @@ The following table lists the ports that need to be open to and from nodes that
 
 The ports required to be open for cluster nodes changes depending on how the cluster was launched. Each of the tabs below list the ports that need to be opened for different [cluster creation options]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/#cluster-creation-options).
 
->**Tip:** 
+>**Tip:**
 >
 >If security isn't a large concern and you're okay with opening a few additional ports, you can use the table in [Commonly Used Ports](#commonly-used-ports) as your port reference instead of the comprehensive tables below.
 
@@ -44,7 +44,7 @@ The following table depicts the port requirements for [Rancher Launched Kubernet
 
 {{% tab "Hosted Clusters" %}}
 
-The following table depicts the port requirements for [hosted clusters]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters). 
+The following table depicts the port requirements for [hosted clusters]({{< baseurl >}}/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters).
 
 {{< ports-imported-hosted >}}
 
@@ -75,6 +75,8 @@ These ports are typically opened on your Kubernetes nodes, regardless of what ty
 |    TCP   	|       2380       	| etcd peer communication                         	|
 |    UDP   	|       8472       	| Canal/Flannel VXLAN overlay networking          	|
 |    TCP   	|       9099       	| Canal/Flannel livenessProbe/readinessProbe      	|
+|    TCP   	|       6783       	| Weave Port      	|
+|    UDP   	|       6783-6784   | Weave UDP Ports      	|
 |    TCP   	|       10250      	| kubelet API                                     	|
 |    TCP   	|       10254      	| Ingress controller livenessProbe/readinessProbe 	|
 | TCP/UDP  	| 30000-</br>32767 	| NodePort port range                             	|
@@ -84,13 +86,13 @@ These ports are typically opened on your Kubernetes nodes, regardless of what ty
 ### Local Node Traffic
 
 Ports marked as `local traffic` (i.e., `9099 TCP`) in the above requirements are used for Kubernetes healthchecks (`livenessProbe` and`readinessProbe`).
-These healthchecks are executed on the node itself. In most cloud environments, this local traffic is allowed by default. 
+These healthchecks are executed on the node itself. In most cloud environments, this local traffic is allowed by default.
 
 However, this traffic may be blocked when:
 
 - You have applied strict host firewall policies on the node.
 - You are using nodes that have multiple interfaces (multihomed).
- 
+
 In these cases, you have to explicitly allow this traffic in your host firewall, or in case of public/private cloud hosted machines (i.e. AWS or OpenStack), in your security group configuration. Keep in mind that when using a security group as source or destination in your security group, explicitly opening ports only applies to the private interface of the nodes / instances.
 
 ### Rancher AWS EC2 security group

content/rke/v0.1.x/en/config-options/add-ons/network-plugins/_index.md

@@ -62,6 +62,24 @@ network:
     calico_cloud_provider: aws
 ```
 
+### Weave Network Plug-in Options
+
+```yaml
+network:
+  plugin: "weave"
+```
+
+#### Weave encryption
+
+Weave encryption can be enabled by using a weave string password, in rke config weave encryption can be enabled by adding the `password` option to `weave_network_provider`:
+
+```yaml
+network:
+  plugin: "weave"
+weave_network_provider:
+  password: "Q]SZOQ5wp@n$oijz"
+```
+
 #### Cloud Provider
 
 Calico currently only supports 2 cloud providers, AWS or GCE, which can be set using `calico_cloud_provider`.