Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Project Calico v1.0 Offers Networking For OpenStack, Docker Containers

By - Source: Toms IT Pro

While software defined networking (SDN) solutions like VMware's NSX and Cisco's ACI are getting all of the press these days, an open source project led by the team at Metaswitch has quietly released a production-ready virtual networking tool that utilizes a Layer 3 approach instead of overlay networks or tunnels. Project Calico v1.0 plugs into the same APIs as other SDN and network virtualization tools, but offers a much simpler way to get IP packets from one workload to another that doesn't rely on packet encapsulation.

This is where Calico differentiates itself from other SDN solutions. Instead of using Layer 2 networking technologies like VXLAN (Virtual Extensible LAN) and GRE (Generic Routing Encapsulation), which are common in traditional virtual infrastructures, Calico leverages BGP (Border Gateway Protocol) and IPtables when configuring virtual workload connections. BGP is used for route distribution and IPtables for forwarding control to restrict how workloads communicate. This creates a lightweight tool that is able to achieve better scale, performance and efficiency than competing network virtualization solutions that utilize overlay networks.

What's more, Calico is designed to work with virtual machines, containers and white box devices, as well as a mix of all three. And because of its open source nature, it's ideal for open environments such as OpenStack, Docker, Kubernetes and CoreOS.

"Calico is built as a daemon that runs within the Linux hypervisor context in a data center, so it was important for us to work within an open ecosystem," Andy Randall, SVP and GM at Metaswitch Networks told Tom's IT Pro in an interview. "OpenStack was a natural home. We're also very active with Docker, Mesosphere, Kubernetes, and the orchestrators that play in the container space."

While Calico plays in the SDN space and many might consider it an SDN tool, strictly speaking, it is "old fashioned networking," Randall explained.

"We aren't really separating the control and data planes. We're doing Linux kernel IP forwarding, which is technology that has been out there for a long time. We're using BGP signaling, which is a traditional technology that has also been around for a long time. And we're not using OpenFlow," said Randall. "You can think of [Calico] as an alternative to SDN solutions for the data center."

As of release 1.0, Calico is fully integrated with OpenStack Neutron (the networking component of OpenStack) as well as configured security groups in the open source cloud platform. It offers support for IPv4 and IPv6 workloads and a graceful restart option that allows admins to restart the Calico agent and BGP client without interrupting the data flow between workloads.

However, the most important milestone for Calico v1.0 is its performance at scale, which according to the release notes include:

  • A Calico based OpenStack cluster of 10,000 VMs running across 500 compute hosts.
  • A container deployment of Calico running up to 50,000 containers across 500 hosts with setup rates of over 20 containers per second.
  • Throughput tests on a 10-gigabit network showing throughput with Calico networked VMs at near 100 percent of bare metal speeds, performance unsurpassed by any other virtual networking technologies.

Customers that are likely to use Calico are larger enterprises that might be feeling the pain of some of the traditional networking technologies, or simply companies that are utilizing OpenStack and container technologies that require scale.

Project Calico v1.0 is available today and will be demoed at MesosCon 2015, taking place this week in Seattle.