Tigera’s State of Calico Open Source: Usage & Adoption Report Reveals Top Container Networking and Security Priorities in 2023

Report explores global insights from users of Calico Open Source, the most widely-adopted container networking and security solution

San Francisco, August 23, 2023 – Tigera, provider of the industry’s only active security platform for containers and Kubernetes, today released findings from its 2023 State of Calico Open Source: Usage & Adoption Report. The survey polled more than 1,200 Calico Open Source global users to gauge what capabilities today’s IT professionals need for container networking and security.

Survey respondents from organizations across all major sectors, including technology, healthcare, government, insurance and financial services, revealed the critical capabilities driving Calico adoption:

  • Scalable networking (35%)
  • Security policies (35%)
  • Interoperability across different environments (33%)
  • Encryption capabilities (30%)

Lack of network visibility in Kubernetes clusters and workloads can cause misconfigurations, which can lead to devastating consequences like ransomware attacks, exposure of sensitive data, denial of service (DoS) attacks and unauthorized lateral movement. In Red Hat’s recent State of Kubernetes Security Report, nearly 50% of respondents experienced one or more of these issues in the last 12 months, underscoring the need for visibility at the workload level to identify and mitigate misconfigurations and threats that traditional perimeter-based security solutions cannot identify.

Tigera’s State of Calico Open Source: Usage & Adoption Report revealed workload access policies that limit pod-to-pod communication as the most popular type of security policy Calico users deploy, followed by policies for secure egress access.

  • Workload access policies that limit pod-to-pod communication (61%)
  • Secure egress access policies (41%)
  • Microsegmentation policies (24%)
  • Compliance (8%)

An overwhelming 85% of users said they needed to achieve network segmentation and protect east-west traffic. IT leaders need enhanced security controls at the workload level to limit pod-to-pod communication, reducing the risk of lateral movement of threats and contributing to compliance efforts. Moreover, egress access controls allow users to adopt a default-deny posture that helps protect against data exfiltration threats.

“The State of Calico Open Source: Usage & Adoption Report findings show that developers understand the criticality of robust workload-centric network security for Kubernetes workloads,” said Amit Gupta, Chief Product Officer, Tigera. “Calico is a pivotal part of the container and Kubernetes ecosystem, and we are proud to bring industry-leading container networking and security capabilities to enterprises around the world.”

The report also explored trends in cluster deployments, revealing that most Calico clusters are deployed across cloud environments.

  • 59% of Calico users are using multiple clusters
  • 50% of users have clusters deployed in a hybrid cloud environment
  • 56% of Calico users have an average cluster size of between 10–100 nodes
  • Amazon Elastic Kubernetes Service (EKS) is the most-used Kubernetes platform or service among Calico users

Survey findings underscored the importance of giving users choices when it comes to data planes; there is no one-size-fits-all approach. Respondents use a combination of data planes including eBPF, standard Linux and Windows.

  • Nearly half of the survey respondents reported using Linux IPtables (49%) and/or Windows HNS (46%)
  • 16% of respondents use Calico’s newer eBPF data plane. When asked about plans for the future, 1 out of 5 respondents (20%) reported planning to use eBPF, while the use of Linux IPtables and/or Windows HNS is expected to decline slightly.

Calico offers support for several data planes, including Linux IPtables, Windows HNS, VPP, and eBPF, allowing users to easily load and unload data planes to suit their unique needs.

Project Calico is an open-source project with an active development and user community. Calico Open Source was born out of this project, and today, Calico Open Source is a leading networking and security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, RedHat OpenShift, Docker EE, OpenStack, bare metal services as well as managed Kubernetes services such as EKS, AKS, GKE and IKS.

Calico is the most adopted technology for container networking and security and used across 1M+ clusters, 8M+ nodes and has been downloaded over 1.5B times from Docker.

The report yielded responses from more than 1,200 Calico users from 20 industries across NA, EMEA, U.K., and APAC regions.

Read the full report here to learn more.

Click here to learn more about Tigera’s solutions or request a free trial.

About Tigera
Tigera provides the industry’s only active security platform with full-stack observability for containers and Kubernetes. The company’s platform prevents, detects, troubleshoots, and automatically mitigates exposure risks of security breaches. Tigera delivers its platform as a fully managed SaaS (Calico Cloud) or a self-managed service (Calico Enterprise). Its open-source offering, Calico Open Source, is the most widely adopted container networking and security solution. Tigera’s platform specifies security and observability as code to ensure consistent enforcement of security policies, which enables DevOps, platform, and security teams to protect workloads, detect threats, achieve continuous compliance, and troubleshoot service issues in real time.

Powering more than 100M containers across 8M+ nodes in 166 countries, Calico software is supported across all major cloud providers and Kubernetes distributions and is used by leading companies including AT&T, Discover, Merck, NBCUniversal, HanseMerkur, Allstate, Box, Siemens Healthineers, Playtech, Royal Bank of Canada, and Bell Canada.

Katherine Benfield for Tigera
Lumina Communications

Join our mailing list

Get updates on blog posts, workshops, certification programs, new releases, and more!