Unified Control: Multi-Cluster, Multi-Cloud and Hybrid Cloud

Organizations are scaling Kubernetes deployments with container platforms running on a mix of on-prem, cloud, and multi-cloud infrastructure. However, not all users are taking a standardized approach to building multiple clusters on a common distribution and on a single infrastructure with common security tools.

Lack of a centralized, unified multi-cluster approach to security and observability as well as troubleshooting, compliance, and policy management results in dozens of clusters that are deployed and managed independently throughout an organization, with very little uniformity in the way they are secured. This adds complexity for DevOps teams, who must adapt to different cluster environments.

Security is sometimes an afterthought, leaving clusters vulnerable to attack and creating a corporate liability. Regardless of who dropped the ball, IT remains accountable for security and compliance and must deal with the consequences of any breach.

How can IT gain security and observability control for multiple clusters spread across disparate hybrid and multi-cloud environments without crippling the productivity of DevOps teams running the clusters?

Secure Multiple Clusters

Secure Clusters in Any Cloud, on Any K8s Distro

Federate Resources Across Clusters

Secure Multiple Clusters from a Single Pane-of-glass

With Calico Enterprise and Calico Cloud, IT organizations can centrally secure clusters and workloads running on different infrastructure and using different Kubernetes distributions to enable and ensure consistent security and policy management across the environment. You benefit from a single, unified management plane that functions as a centralized point-of-control for multiple deployments of Calico Enterprise and Calico Cloud.

  • Delivers single-pane-of-glass control – For unified security and observability on multiple clusters

Secure Multiple Clusters in Any Cloud, on Any Kubernetes Distribution

  • Works anywhere
    • On-prem, hybrid and multi-cloud
    • With any combination of Kubernetes distributions
  • Improves observability
    • Simplifies and speeds troubleshooting and support
  • Provides consistency
    • Across complex, distributed architectures

Federate Resources Across Clusters by Identity, Policy and Service

  • Federate by Identity: When you have applications spread across clusters that need to talk to each other, and you want to use security policy to protect that traffic
    • A pod can recognize other pods and is aware of policy rules that reference pods running in other clusters
  • Federate by Policy: When you have the same policy you want to apply across several clusters
    • Define policies once and apply across all clusters
  • Federate by Service: When a single application or microservice is spread across multiple clusters
    • Pods don’t connect directly to pods, but to services that have those pods

📣 Read our new O'Reilly eBook on Kubernetes Security and ObservabilityLearn more >>>