Organizations are scaling cloud-native applications with a mix of on-premises, hybrid, and multi-cloud infrastructure. There is no standardized approach to building multiple clusters, due to the heterogeneous development environments of multiple Kubernetes distros and data planes, such as Linux, eBPF, and Windows.
A centralized, unified multi-cluster approach to protect and observe cloud-native applications in Kubernetes environments can help with faster troubleshooting, adherence to compliance requirements, and uniform policy enforcements across clouds, distros and data planes.
Secure Multiple Clusters
Any Cloud, on Any K8s Distro
Data Plane Choice
Federate Resources Across Clusters
Any Cloud, Any Kubernetes Distribution
- Works anywhere
- On-premises, hybrid, and multi-cloud
- Improves observability
- Simplifies and speeds up troubleshooting and support
- Provides consistency
- Across complex, distributed architecture
Choice of Pluggable Data Planes
Federate Resources by Identity, Policy & Service
Enables and ensures consistent security and policy management across the environment.
- Federate by identity: Use security policy to protect traffic between pods.
- A pod can recognize other pods and is aware of policy rules that reference pods running in other clusters.
- Federate by policy: Apply the same policy across several clusters.
- Define policies once and apply across all clusters.
- Federate by service: Apply policy to single application or microservice spread across multiple clusters.
- Pods don’t connect directly to pods, but rather to services that contain those pods
How It Works
Unified controls in Calico enable centralized security across multi-cluster, multi-cloud, and hybrid cloud environments for cloud-native applications. It provides a single pane of glass to ensure consistent application of security controls across both containers and VMs.