Tigera, the creator of Project Calico, a widely adopted container networking and security solution, is adding new functionality to Calico Open Source with the release of Calico OSS 3.30—enhancing the observability, security, and scalability of Kubernetes deployments for all enterprises leveraging the solution.
Calico Open Source was derived from Project Calico, a project established to make Kubernetes networking seamless, reliable, and scalable for all organizations.
With the release of Calico OSS 3.30, Tigera is extending access to its proven observability and security tools from the company’s commercial editions to all organizations, according to the vendor.
These new features enable organizations to gain visibility into their service-to-service communications, while also extending Calico deployments to manage ingress traffic.
Troubleshooting applications running in Kubernetes is a common pain point for DevOps teams. The latest version of Calico Open Source introduces Goldmane, a gRPC-based API endpoint that provides streamlined access to flow logs and metrics generated by Calico.
This feature makes it easier for DevOps teams to troubleshoot clusters by providing increased visibility into service-to-service communications alongside workload-specific context and facilitates collaboration with the ability to share logs.
When used with Calico network sets, flow logs enable organizations to gain visibility into traffic across public and private IP spaces. The user-defined network sets appear as additional metadata in flow logs, cutting down the time spent troubleshooting during an incident from multiple days to minutes, according to the company.
In addition, Calico Open Source now includes Whisker, a web-based tool that connects to Goldmane, providing users with instant access to flow logs generated by Calico. It includes filtering capabilities and the ability to view all flow log metadata enabling organizations to easily troubleshoot connectivity issues in their cluster, author new policies, or test how new, enforced, or staged policies are evaluating traffic.
Calico Open Source now includes support for GlobalStagedNetworkPolicy and StagedNetworkPolicy. These policies allow users to implement namespace isolation and various other forms of microsegmentation. Staged policies enable organizations to test and audit the behavior of a Calico policy before it is actively enforced. The behavior of a staged policy appears in flow logs and generates metrics akin to any other policy simulating a live environment.
Calico OSS 3.30 includes Calico Ingress Gateway, a 100% upstream, enterprise-ready implementation of the Gateway API based on Envoy Gateway. Calico Ingress Gateway provides a standardized, vendor-neutral approach to ingress management, and delivers more functionality than traditional ingress controllers, from load balancing and failover strategies to rate limiting.
With the release of Calico OSS 3.30, Tigera enables any open source cluster running Calico 3.30 to seamlessly connect to the free forever edition of Calico Cloud without installing any additional components.
Calico Cloud free forever edition provides read-only, stateless access to clusters to manage policies, visualize workload communication with Service Graph and automatically generate recommended policies for namespace isolation.
"At Tigera, we are dedicated to providing the open source community with the tools needed to scale Kubernetes environments efficiently and securely," said Phil DiCorpo, senior director of product management at Tigera. "The extensive updates to Calico Open Source announced today solidifies this commitment. These latest enhancements will provide organizations with unmatched visibility into the traffic within their clusters, simplify microsegmentation and namespace isolation capabilities, and deliver comprehensive ingress management."
For more information about this news, visit www.tigera.io.