Unified Controls: Multi-Cluster, Multi-Cloud, and Hybrid Cloud

Organizations are scaling Kubernetes deployments with a mix of on-premises, hybrid, and multi-cloud infrastructure. There is no standardized approach to building multiple clusters, due to the heterogeneous development environments of multiple Kubernetes distros and data planes, such as Windows, Linux, and eBPF.

Calico provides a centralized, unified, multi-cluster approach to Kubernetes security and observability across on-premises, hybrid, and multi-cloud environments running multiple Kubernetes distributions and data planes.

 

Secure Multiple Clusters from a Single Pane-of-Glass

Organizations can centrally secure clusters and workloads running on different infrastructure and using different Kubernetes distributions, to enable and ensure consistent security and policy management across the environment. A single, unified management plane provides a centralized point-of-control for unified security and observability on multiple clusters

Secure Multiple Clusters in Any Cloud, on Any Kubernetes Distribution

  • Works anywhere
    • On-prem, hybrid and multi-cloud
    • With any combination of Kubernetes distributions
  • Improves observability
    • Simplifies and speeds troubleshooting and support
  • Provides consistency
    • Across complex, distributed architectures

Data Plane Choice

Calico offers a choice of data planes, including a pure Linux eBPF data plane, a standard Linux networking data plane, and a Windows HNS data plane. Calico combines cutting-edge eBPF features with standard primitives system administrators are already familiar with, to provide Kubernetes networking and security for cloud-native applications.

Federate Resources Across Clusters by Identity, Policy, and Service

  • Federate by identity: For when you have applications spread across clusters that need to talk to each other, and you want to use security policy to protect that traffic.
    • A pod can recognize other pods and is aware of policy rules that reference pods running in other clusters.
  • Federate by policy: For when you want to apply the same policy across several clusters.
    • Define policies once and apply across all clusters.
  • Federate by service: For when a single application or microservice is spread across multiple clusters.
    • Pods don’t connect directly to pods, but rather to services that contain those pods.

Ready to Get Started?