Container networking is a messy affair. Tigera, a startup announced earlier this month by Metaswitch veterans, aims to make it simpler and more secure by melding Project Calico and CoreOS flannel into a new open source platform called Canal.
Although containers from CoreOS, Docker, and other vendors reached the adoption phase some time ago, solutions for networking containers together remain immature, according to Wikibon senior analyst Stu Miniman. “We are very early in how networking is going to be solved in the container world,” he says.
There are already several contenders in this area. One is libnetwork, a container networking platform built by Docker. Weave Net from Weaveworks, which offers an integrated management solution for Docker containers, is another. And there is flannel, a CoreOS network fabric that relies on etcd to store configuration data.
Simplifying Container Connectivity
“People look at networking with containers and say, ‘I don’t know which option I should be using,’ ” Andy Randall, Tigera’s CEO, tells SDxCentral. His company aims “to take something that is a very complex area right now and simplify it.”
To do that, Tigera plans to build a new networking solution by combining and extending two existing tools. The first is flannel, which Randall described as being “more or less complete” already, although he did not rule out making some enhancements to the platform.
The second component in Tigera’s plans is Project Calico, a Layer 3 networking solution that Metaswitch developed and released as open source. Tigera has now taken the reins of Project Calico development.
Expanding the Calico platform will be Tigera’s major focus for the immediate future. “We have a big roadmap of things we want to do with Calico,” says Randall.
Tightening Network Security
Tigera’s biggest technical goal is improving network security. Randall considers security one of the greatest challenges for container networking. While tools like Kubernetes have made some progress on the security front, developers still have a lot of work to do, he feels.
“Getting packets from A to B is step 1” of container networking, Randall says, adding that that task has already essentially been solved. But “ensuring that packets that aren’t supposed to get from A to B don’t is step 2,” and this will be Tigera’s chief focus as it develops Canal.
An Open Source Approach
Like most of the other major tools in the Linux container ecosystem, Canal will be open source. Randall says this choice is in part a response to demand for open source solutions from enterprises, which “don’t want to be locked in and want to have the ability to control their own destiny.”
But he also says Tigera aims to be “different from earlier open source companies that put out something that was essentially a teaser product” that was functionally incomplete while charging for an enterprise-ready version. While he says it is too early to speak in specifics about how the company will commercialize Canal, he suggests that Tigera will focus on selling support services.
In fact, Randall says, the company is already providing commercial support to some clients, although he does not expect to make support services generally available until approximately 12 months from now.
In the meantime, Tigera’s focus will be on building out its platform.
For that task, the company already has a fair amount of technical expertise on hand. Tigera’s team includes about a dozen engineers spread between its San Francisco and London locations.
The company’s founders all have extensive experience with networking at Metaswitch and similar companies. Randall worked at Metaswitch since the early 2000s before launching Tigera. Alex Pollitt, Tigera’s VP of engineering, was with Metaswitch even longer. Both executives helped lead Project Calico when it was overseen by Metaswitch.
Tigera’s third founder, Christopher Liljenstolpe, who serves as CTO, worked at Metaswitch for only a few years prior to the Tigera launch, but had experience before that at Big Switch.
Tigera has attracted interest from investors. It has closed one funding deal and is currently working on others, according to Randall. He said he expects to announce funding details within a few weeks.