Tigera Unveils Calico Container Networking Interface for Azure Kubernetes Service

Tigera, creator and maintainer of Calico Open Source, recently announced the availability of CalicoContainer Networking Interface (CNI) for Azure Kubernetes Service (AKS), Microsoft’s managed Kubernetes service.

In addition to using Calico’s networking and security policy engine, AKS users will now be able to use Calico Open Source as a CNI for robust, scalable, and higher performance networking for their environments with a choice of Windows, eBPF and Linux data plans.

The release of Calico CNI follows Microsoft’s BYO (Bring Your Own) CNI initiative, which allows enterprises to choose their own CNI to meet their unique needs. Administrators get access to Tigera’s full support for Calico Open Source and can deploy Tigera’s Calico Cloud Native Application Protection Platform (CNAPP) for zero-trust active container security during the build, deploy and run stages through their Azure Marketplace portal.

Improved performance and increased security

Calico Open Source serves as the foundation for Zero Trust workload security for tens of thousands of enterprises. Calico CNI is a widely used container networking interface known for its performance capabilities, scalability, flexibility, power, efficiency, and support for multiple data planes including eBPF, Linux, and Windows. Now users can build trustless workload security, access best-in-class runtime threat defense, and ensure container security with the foundation of Calico CNI in AKS. Users also have the option to seamlessly deploy Calico CNAPP for comprehensive protection of their containerized workloads on AKS.

Calico, as the CNI for AKS, will solve industry-wide problems and provide users with key benefits.

Unparalleled security and traffic throughput: Calico’s rich security policy model makes it easy to restrict communication between endpoints as needed. With built-in support for WireGuard encryption, securing pod-to-pod traffic over the network comes with lower overall CPU utilization and occupancy and higher performance. Depending on user preference, Calico uses Windows, eBPF, or Linux data plane to provide high-performance networking.

Choice and Flexibility: No matter which data plan they use, users get the same basic networking, security policy, and easy-to-use IP address management capabilities that made Calico Open Source the most trusted networking and security policy solution for mission-critical cloud-native applications. .

Ease of Use: Calico is the best-fit solution to mitigate IP address exhaustion on AKS as one of the most deployed CNIs on the market offering zero trust for workload security. Calico CNI’s IP Address Management Plugin (IPAM) allocates IP addresses for pods over one or more configurable IP address ranges, dynamically allocating small blocks of IP addresses per node as needed. The result is more efficient use of IP address space compared to many other IPAM CNI plugins, including the localhost IPAM plugin, which is used in many container networking solutions .

Unified networking capabilities across disparate cloud environments

For enterprises adopting multi-cloud or hybrid environments, Calico CNI ensures that these organizations have a single security policy from AKS, Amazon Elastic Kubernetes Service (EKS), GCP, Rancher, Red Hat OpenShift, VMware Tanzu , Upstream Kubernetes, and other supported distributions without the need to learn about an additional CNI plugin. Users can have unified networking capabilities across disparate cloud environments, leveraging Calico CNI IPAM capabilities in the same way in AKS as in other managed cloud distributions.

Price and availability

The Calico project is a fundamentally open source solution, and there is no cost for using Calico CNI, Calico IPAM, or Calico Network and Security Policies on Azure AKS

Amit Gupta, Vice President of Business Development and Product Management, Tigera
With Calico Open Source as part of the Bring Your Own CNI (BYOCNI) initiative, Tigera is the first to deliver a robust, efficient, interoperable and high performance CNI solution to AKS users. Organizations that rely on AKS for their Kubernetes service can now benefit from Calico CNI for networking and security for all their cloud-native applications. Additionally, we are pleased to offer AKS users the benefits of Calico CNAPP for their deployments, to reduce the application attack surface with zero trust, detect known and zero-day threats, and actively mitigate exposure risks.