K3s v1.29+  |  Flannel v0.24+  |  Cilium v1.15+  |  Calico v3.27+  |  AWS VPC CNI v1.18+  |  Azure CNI v1.5+  |  GKE Dataplane V2 (Cilium-based) A definitive comparison of every major Kubernetes CNI — open-source plugins (Flannel, Calico, Cilium, Weave, Antrea, Multus) and cloud-managed defaults (AWS VPC CNI on EKS, Azure CNI on AKS, and GKE's Dataplane V2 on GKE) — across architecture, performance, network policy, observability, encryption, and when to choose each. CNI Identity Core Approach Default On 🟢 Flannel Simple Overlay VXLAN tunnel, zero policy K3s 🟠 Calico Policy Powerhouse BGP routing, iptables/eBPF Self-managed 🔵 Cilium eBPF Native Kernel eBPF, replaces kube-proxy GKE (Dataplane V2) 🟡 Weave Net Mesh Overlay Gossip-based mesh routing Self-managed 🟣 Antrea VMware-backed OVS dataplane, Antrea policies Self-managed 🔶 AWS VPC CNI Cloud-native Native VPC IP assignment EKS 🔷 Azure CNI Cloud-native Azure VNET IP assignment AKS ♦️ GKE CNI…