diff --git a/docs/networking.md b/docs/networking.md
index b543d23d90..9b89465882 100644
--- a/docs/networking.md
+++ b/docs/networking.md
@@ -43,6 +43,7 @@ Several different CNI providers are currently built into kops:
 * [weave](https://github.com/weaveworks/weave)
 * [amazon-vpc-routed-eni](./networking.md#amazon-vpc-backend)
 * [Cilium](http://docs.cilium.io)
+* [Lyft cni-ipvlan-vpc-k8s](https://github.com/lyft/cni-ipvlan-vpc-k8s)
 
 The manifests for the providers are included with kops, and you simply use `--networking provider-name`.
 Replace the provider name with the names listed above with you `kops cluster create`.  For instance
@@ -499,6 +500,75 @@ Here are some steps items that will confirm a good CNI install:
 The sig-networking and sig-cluster-lifecycle channels on K8s slack are always good starting places
 for Kubernetes specific CNI challenges.
 
+#### Lyft CNI
+
+The [lyft cni-ipvlan-vpc-k8s](https://github.com/lyft/cni-ipvlan-vpc-k8s) plugin uses Amazon Elastic Network Interfaces (ENI) to assing AWS-managed IPs to Pods using the Linux kernel's IPvlan driver in L2 mode.
+
+Read the [prerequisites](https://github.com/lyft/cni-ipvlan-vpc-k8s#prerequisites) before starting.
+
+To use the Lyft CNI plugin you specify
+
+```
+  networking:
+    lyftvpc: {}
+```
+
+in the cluster spec file or pass the `--networking lyftvpc` option on the command line to kops:
+
+```console
+$ export ZONES=mylistofzones
+$ kops create cluster \
+  --zones $ZONES \
+  --master-zones $ZONES \
+  --master-size m4.large \
+  --node-size m4.large \
+  --networking lyftvpc \
+  --yes \
+  --name myclustername.mydns.io
+```
+
+You can specify which subnets to use for allocating Pod IPs by specifing
+
+```
+  networking:
+    lyftvpc:
+      subnetTags:
+        kubernetes_kubelet: true
+```
+
+In this example, new interfaces will be attached to subnets tagged with `kubernetes_kubelet = true`.
+
+**Note:** The following permissions are added to all nodes by kops to run the provider:
+
+```json
+  {
+    "Sid": "kopsK8sEC2NodeAmazonVPCPerms",
+    "Effect": "Allow",
+    "Action": [
+      "ec2:CreateNetworkInterface",
+      "ec2:AttachNetworkInterface",
+      "ec2:DeleteNetworkInterface",
+      "ec2:DetachNetworkInterface",
+      "ec2:DescribeNetworkInterfaces",
+      "ec2:DescribeInstances",
+      "ec2:ModifyNetworkInterfaceAttribute",
+      "ec2:AssignPrivateIpAddresses",
+      "ec2:UnassignPrivateIpAddresses",
+      "tag:TagResources"
+    ],
+    "Resource": [
+      "*"
+    ]
+  },
+  {
+    "Effect": "Allow",
+    "Action": "ec2:CreateTags",
+    "Resource": "arn:aws:ec2:*:*:network-interface/*"
+  }
+```
+
+In case of any issues the directory `/var/log/aws-routed-eni` contains the log files of the CNI plugin. This directory is located in all the nodes in the cluster.
+
 ## Switching between networking providers
 
 `kops edit cluster` and you will see a block like: