Tigera, creator and maintainer of Calico Open Source, recently announced the availability of CalicoContainer Networking Interface (CNI) for Azure Kubernetes Service (AKS), Microsoft’s managed Kubernetes service.
In addition to using Calico’s networking and security policy engine, AKS users will now be able to use Calico Open Source as a CNI for robust, scalable, and higher performance networking for their environments with a choice of Windows, eBPF and Linux data plans.
The release of Calico CNI follows Microsoft’s BYO (Bring Your Own) CNI initiative, which allows enterprises to choose their own CNI to meet their unique needs. Administrators get access to Tigera’s full support for Calico Open Source and can deploy Tigera’s Calico Cloud Native Application Protection Platform (CNAPP) for zero-trust active container security during the build, deploy and run stages through their Azure Marketplace portal.
Improved performance and increased security
Calico Open Source serves as the foundation for Zero Trust workload security for tens of thousands of enterprises. Calico CNI is a widely used container networking interface known for its performance capabilities, scalability, flexibility, power, efficiency, and support for multiple data planes including eBPF, Linux, and Windows. Now users can build trustless workload security, access best-in-class runtime threat defense, and ensure container security with the foundation of Calico CNI in AKS. Users also have the option to seamlessly deploy Calico CNAPP for comprehensive protection of their containerized workloads on AKS.
Calico, as the CNI for AKS, will solve industry-wide problems and provide users with key benefits.
Unparalleled security and traffic throughput: Calico’s rich security policy model makes it easy to restrict communication between endpoints as needed. With built-in support for WireGuard encryption, securing pod-to-pod traffic over the network comes with lower overall CPU utilization and occupancy and higher performance. Depending on user preference, Calico uses Windows, eBPF, or Linux data plane to provide high-performance networking.
Choice and Flexibility: No matter which data plan they use, users get the same basic networking, security policy, and easy-to-use IP address management capabilities that made Calico Open Source the most trusted networking and security policy solution for mission-critical cloud-native applications. .
Ease of Use: Calico is the best-fit solution to mitigate IP address exhaustion on AKS as one of the most deployed CNIs on the market offering zero trust for workload security. Calico CNI’s IP Address Management Plugin (IPAM) allocates IP addresses for pods over one or more configurable IP address ranges, dynamically allocating small blocks of IP addresses per node as needed. The result is more efficient use of IP address space compared to many other IPAM CNI plugins, including the localhost IPAM plugin, which is used in many container networking solutions .
Unified networking capabilities across disparate cloud environments
For enterprises adopting multi-cloud or hybrid environments, Calico CNI ensures that these organizations have a single security policy from AKS, Amazon Elastic Kubernetes Service (EKS), GCP, Rancher, Red Hat OpenShift, VMware Tanzu , Upstream Kubernetes, and other supported distributions without the need to learn about an additional CNI plugin. Users can have unified networking capabilities across disparate cloud environments, leveraging Calico CNI IPAM capabilities in the same way in AKS as in other managed cloud distributions.
Price and availability
The Calico project is a fundamentally open source solution, and there is no cost for using Calico CNI, Calico IPAM, or Calico Network and Security Policies on Azure AKS