Kubernetes Networking: Achieving High Performance with Calico

What is Calico?

Project Calico is designed to simplify, scale, and secure cloud networks. The open source framework enables Kubernetes networking and network policy for clusters across the cloud. It was originally designed for today’s modern cloud-native world and runs on both public and private clouds. Within the Kubernetes ecosystem, Calico is starting to emerge as one of the most popularly used network frameworks or plugins, with many enterprises using it at scale.

Calico uses a pure IP networking fabric to deliver high performance Kubernetes networking, and its policy engine enforces developer intent for high-level network policy management. Together, Calico and Kubernetes provide a secure, cloud-native platform that can scale your infrastructure to support hundreds of thousands of users.

Calico provides Layer 3 networking capabilities and associates a virtual router with each node. It enables host to host and pod to pod networking, IPAM. Calico allows establishment of zone boundaries through BGP or encapsulation through IP on IP or VXLAN methods.

Kubernetes Networking: Achieving High Performance with CalicoCalico can be used for establishing a network backend (BGP, Pod IPAM) and establishing network policy or only for the latter. Calico supports both IPv4 and IPv6 networks.

Using Calico for Kubernetes Networking

Calico integrates with Kubernetes through the CNI networking interface and offers a number of capabilities that have made it a stand out within the Kubernetes eco-system, compared to alternatives, such as Weave, Canal, or Flannel.

What Makes Calico Popular?

Within the Kubernetes eco-system, Calico is emerging as one of the most popular framework plug-ins with hundreds of enterprises using it at scale. There are three important characteristics that, together, have made Calico stand out:

  • Scalability – Calico is built on a fully distributed, layer 3 based scale-out architecture, so it scales smoothly from a single developer laptop to large enterprise deployments
  • Debugging – Calico relies on an IP layer and is relatively easy to debug with existing tools, an important aspect for enterprise security.
  • Micro-Segmentation Support – The plug-in makes it possible for administrators or end-users to define networking policies between multiple parts or containers, so you can control which parts communicate with other parts, which is very important in the security world.  By leveraging the native Linux Kernel, Calico users can also utilize existing network tools, including IP-Tables, to perform high-level micro-segmentation.

Due to the above mentioned reasons, community adoption of Calico has increased significantly with even AWS and Google Cloud adopting Calico as their cloud-native container networking policy standard.

Platform9 Managed Kubernetes Enables Seamless Integration With Calico

Platform9 Managed Kubernetes has supported a number of hybrid cloud environments on behalf of our customers and our out-of-box solution comes loaded with IP and IP encapsulation, making for seamless deployment across both public and private cloud environments. We also offer an option to support private infrastructure deployments with BGP enabled.  Thus, network architecture is one of the key considerations to keep in mind when deploying Calico.

Calico is one of the most trusted networking solutions for mission-critical, cloud-native applications. Already deployed across hundreds of real-world production environments, Calico has quickly earned a reputation for enterprise-grade performance, scalability and reliability.

If you’re ready to try Kubernetes and Calico in your enterprise, contact us to schedule a free consultation.

VIDEO: Hear from Madhura Maskasky, Co-founder & VP of Product, on “Kubernetes Networking: Achieving High Performance with Calico”

You may also enjoy

Kubernetes Service Mesh: How To Set Up Istio

By Platform9

Kubernetes FinOps: Elastic Machine Pool(EMP) Step-by-Step guide : Part 1

By Joe Thompson

The browser you are using is outdated. For the best experience please download or update your browser to one of the following:

Leaving VMware? Get the VMware alternatives guideDownload now