As I said in my last post, the Project Calico development team have been hard at work migrating the project over to our new architecture. This more clearly splits responsibilities between
- Felix, the component that runs on each Compute Host and programs the FIB with routes to local VMs and adds ACL rules into the kernel
- the Calico plug-in, which sits within the Cloud OS and informs each Felix about new VMs on each host
- the Calico ACL Manager which, until now, didn’t actually exist, but now provides a centralized view of the network allowing it to make informed decisions about the ACLs which need to be programmed, by Felix, on each host.
In addition to the split of components, we’ve also provided clear APIs which define how the components should talk to each other.
With this new architecture, we believe Calico is opened to run on a wide variety of platforms. For example, Calico could run in a container based architecture by providing a Calico Plug-in for a container based orchestrator, while leaving the Felix and ACL Manager components unchanged.
As I write this, we’re going through the final steps to build new packages based on the updated architecture – all being well, these should be available within the next few hours and we’ll alert the mailing list when they are released.
Update – Packages have now been released; go to the download page for instructions on where to find them.
At this point, it is worth noting that we felt it was important to get the new architecture released as soon as we could given it opens the project up to future expansion on new platforms. While we have (obviously) tested the new release (!), there is always more testing we want to do; in this instance, we are planning to do significantly more testing over the next week, but didn’t want this to hold up the release. In other words, if you’ve already got a working Calico deployment which you are using with live traffic, then you might want to hold off upgrading for a few days; if you’re still waiting to start experimenting with Calico, though, you should be good to go with this week’s packages.
I did say in my last post that we expected to release these new packages based on Juno. We’ve realised that this doesn’t make sense until we have a suitable Juno based version of Ubuntu or Red Hat to integrate with. Consequently, the new release will actually still be based on the Icehouse version of OpenStack. However, we do intend to update these packages to Juno at the appropriate time (and, as mentioned, we have already done a test rebase of the code against Juno so don’t foresee any problems).
Upstreaming changes to OpenStack
The other piece of news I wanted to share was that we have now started the work to have the minor changes we have had to make to OpenStack accepted upstream. As announced in a post to the OpenStack-dev mailing list last week, we have now submitted three different Blueprints and specs to the OpenStack community, covering
- minor changes to nova to add a new VIF type
- some changes to neutron to add DHCP support for routed interfaces
- an ML2 mechanism driver that adds support for Project Calico – aka the “Calico Plug-in”.
We’re obviously very interested in any comments the OpenStack community has on the “Calico approach” to virtualized networking. In addition to lively discussion on the mailing list, Cory and I will both be attending the OpenStack summit in Paris next week, so hope to have some good chats in person there. If you’re going to be in Paris, then please let us know on the mailing list and we’ll be very happy to arrange to meet up.
Join our mailing list
Get updates on blog posts, new releases and more!