Calico and Kubernetes go hand-in-hand. Kubernetes is the de facto standard for deploying and managing container-based applications at scale, both on-premises and in the cloud. Calico continues to be the most popular open-source networking and network security solution for Kubernetes. Despite the cataclysmic events that occurred in 2020, the Calico community, supported by the team at Tigera, remained focused and achieved several major successes. We are excited to share these highlights.
Calico By The Numbers…
Since the beginning of 2020, we have experienced a 50% increase in the number of Calico Users. As of this writing, it is estimated that Calico is running on…
- 1,000,000 nodes daily
- 250,000 clusters daily
- In 166 countries around the world
That’s an 85% year-to-year increase in the number of clusters running Calico.
Calico: Clear Winner Among All Tested CNIs
Alex Ducastel published an independent benchmark comparison of Kubernetes CNIs in August which showed that among all of the CNI’s tested, Calico was the clear winner, excelling in nearly every category and delivering superlative results which are summarized in the chart below. In fact, Calico is the CNI of choice in the primary use cases presented by the author in the report’s summary.
The exceptional performance of Calico encryption was described as having the “real wow effect” among all of the CNI comparisons. Strong network security should not come with a performance penalty. In the benchmark test with encryption enabled, Calico performed 6x faster than any other solution in the market!
Since the publication of this benchmark, Calico now has automated MTU configuration, further strengthening our showing as the leading CNI. Calico will now automatically determine the best MTU for new pods based on the underlying network MTU and enabled encapsulation methods, providing optimal network performance without the need for any manual configuration. More details in this blog.
Calico: The Only CNI that Supports Three Dataplanes: eBPF, Native Linux and Windows
While Calico is currently the most widely deployed Kubernetes network security solution, thousands of our users want to be sure that choosing Calico is the right decision for many years to come. 2020 was the year that Calico became the only CNI with the ability to support three data planes from a single, unified control plane.
Calico supports native Linux (based on iptables), eBPF for modern Linux kernels, and Windows HNS, thus future-proofing your decision to go with Calico. No matter which dataplane you choose, Calico delivers blazing fast performance and exceptional scalability, as the latest benchmark tests confirm.
New Calico eBPF Dataplane
The Calico 3.13 release introduced an exciting new eBPF (extended Berkeley Packet Filter) dataplane targeted at those ready to adopt newer kernel versions and wanting to push the Linux kernel’s latest networking capabilities to the limit. When compared with the native Linux dataplane, the eBPF dataplane:
- Scales to higher throughput, using less CPU per Gigabit
- Natively supports Kubernetes services (without kube-proxy) in a way that:
- Reduces latency
- Preserves external client source IP addresses
- Supports DSR (Direct Server Return) for reduced latency (and CPU usage)
- Uses less CPU than kube-proxy to keep the dataplane in sync
Calico for Windows Dataplane
This year we open-sourced Calico for Windows and made it available for all to use for free. With the launch of open-source Calico for Windows, the vast ecosystem of Windows users now has unprecedented access to Kubernetes via the industry’s de-facto standard for Kubernetes networking and network security. We are also making Calico for Windows available on major public cloud platforms. Here’s a great tutorial on how to install and use Calico for Windows containers running on Amazon Elastic Kubernetes Service (EKS).
New Calico VPP Dataplane…in Process
Development is underway on a fourth Calico dataplane. Calico’s VPP dataplane integration is in incubation status, and we have made significant progress. The main goal of this integration is to accelerate the networking of Kubernetes clusters that use Calico. For more details about the Calico VPP implementation, check out this informative session presented at the recent KubeCon/CloudNativeCon NA: All You Can Eat Networking – Kubernetes Goodness for the Hungriest Workloads.
Calico Technical Training
In 2020, the Calico team delivered an impressive 72 free technical training sessions to 5,443 attendees, with topics that included getting Calico up and running on diverse platforms like Karbon, Rancher, Amazon EKS, and Microsoft AKS. We will continue to expand our training program in the months ahead. Check out our free upcoming and on-demand training events.
New Calico Certification Program
We recently launched a free, self-paced Calico certification program. After the first week, more than 1,700 active participants had signed up, and the enrollment numbers continue to increase. This course will arm you with the knowledge you need to understand how Kubernetes networking works, how to configure and manage a Calico network, and how to secure your cluster following today’s best practices, with the confidence you need to run mission critical workloads in production.
New eBook: Introduction to Kubernetes Networking
Not quite ready to get certified? Learn more about Kubernetes Networking in this newly released eBook written by Alex Pollitt, CTO and Co-Founder of Tigera and Co-Creator of Project Calico. The eBook shares everything you need to confidently approach Kubernetes networking, starting with basic networking concepts, all the way through to advanced Kubernetes networking with eBPF. You can access the free eBook here.
Project Calico is energized by a thriving community and is committed to fostering an open and welcoming environment. There are several ways to engage with other users and developers, including monthly community meetings with news on the latest releases and demos of new features.
Calico was originally created by the team at Tigera. We would like to give a very special thank you to the many individuals who have contributed to and helped maintain the project. Additional thanks go to all the Calico enthusiasts who have helped spread the word about Calico. It’s the breadth of this community that has helped make Calico what it is today! Join the other Calico heroes by contributing to the project. Everything from a new feature to a one-character docs fix is welcome.
Free Online Training
Access Live and On-Demand Kubernetes Training
Calico Enterprise – Try Now
Kubernetes Security, Networking and Observability in Hybrid and Multi-Clouds