By Josh RossoMar 22, 2019Calico, Kubernetes, Uncategorized
Calico is a popular CNI plugin for Kubernetes. It leverages Border Gateway Protocol (BGP) for communicating routes available on nodes. This method fosters a highly scalable networking model between our workloads. The Case for Route Reflection Calico requires no...
By Christopher LiljenstolpeJan 31, 2019Blog, Kubernetes, Security, Uncategorized
One of the key Kubernetes security concepts is that workload identity is tied back to information that the orchestrator has. The orchestrator is actually the authoritative entity for what the actual workloads are in the platform. Kubernetes uses labels to select...
By Andy WrightJun 5, 2018AWS, Eks, Microsegmentation, Network Policy, News, Uncategorized
Tigera’s dedication and investment in the open source Project Calico has helped thousands of users implement best practices network policy in Kubernetes — many of them deployed in Amazon Web Services infrastructure. AWS announced today that Amazon EKS is now generally...
By Christopher LiljenstolpeMar 12, 2018AWS, Containers, DevOps, Kubernetes, Microsegmentation, Project Calico, Security, Tigera Secure, Uncategorized, Zerotrust
Heptio’s CTO, Joe Beda, recently posted an insightful blog entry discussing the Tesla Kubernetes compromise. I wanted to dive into one of the areas he mentioned, network policy. Before I do, however, I would make some general observations. While, in hindsight, the...
By Cody McCainMar 1, 2018Application Connectivity, Kubernetes, Microsegmentation, Network Policy, Networking, Project Calico, Uncategorized
This blog concludes a three part series on Securing Host Endpoints with Project Calico by explaining how to secure endpoints in Kubernetes. The first two installments referenced below provide background on the technical principles applied in this blog. Part 1 — What...
