Open standards and Open Source
Calico itself is open source and open standards. We utilize other open source communities and actively push enhancements and fixes to those communities:
Calico is a new approach to virtual networking, based on the same scalable IP networking principles as the Internet. It targets data centers where most of the workloads (VMs, containers or bare metal servers) only require IP connectivity, and provides that using standard IP routing. Isolation between workloads – whether according to tenant ownership, or any finer grained policy – is achieved by iptables programming at the servers hosting the source and destination workloads.
A New Kind of Virtual Network
Calico’s pure L3 approach to data center networking integrates seamlessly with cloud orchestration systems (such as OpenStack) to enable secure IP communication between virtual machines, containers, or bare metal workloads.
Based on the same scalable IP network principles as the Internet, Calico implements a highly efficient vRouter in each compute node that leverages the existing Linux kernel forwarding engine without the need for vSwitches. Each vRouter propagates workload reachability information (routes) to the rest of the data center using BGP – either directly in small scale deployments or via BGP route reflectors to reach Internet level scales in large deployments.
Calico peers directly with the data center’s physical fabric (whether L2 or L3) without the need for on/off ramps, NAT, tunnels, or overlays.
Calico supports rich and flexible network policy which it enforces using bookended ACLs on each compute node to provide tenant isolation, security groups, and external reachability constraints.
|Author||Alex Pollitt, Evangelist at Project Calico; SVP/GM at Metaswitch Networks Andrew Randall, Evangelist at Project Calico; SVP/GM at Metaswitch Networks Christopher Liljenstolpe, Director Solutions Architecture at Metaswitch & Evangelist at Project Cali|
Use of the SDxCentral service directory is governed by our Terms of Service, including without limitation those sections under the headings "CONTENT", "LICENSING AND OTHER TERMS APPLYING TO CONTENT POSTED ON THE SDXCENTRAL SITES", "INDEMNITY; DISCLAIMER; LIMITATION OF LIABILITY" AND "COPYRIGHTS". Under no circumstances will SDxCentral be liable in any way for any Content, including, but not limited to, liability for any errors or omissions in any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise transmitted via the Sites.