Speaker
Description
Summary
The rise of virtualisation and, particularly in the last year or two, containerisation has had a dramatic effect on the way data centres are used. With the increasing requirements on rapid application development and deployment, and moves toward microservices and autoscaling, the requirements for simple, scalable, networking between virtualised workloads is becoming ever more important.
However, most virtualised networking technologies do not provide the simplicity and scalability we would like. In the OpenStack world, for example, Neutron provides many options, but these come with more complexity than many deployments need, meaning they can be challenging to understand and troubleshoot.
On the other hand, in container land, whilst the past year has seen some steps forward in this area, with Docker's "libnetwork" architecture, for example, appearing toward the end of 2015, facilities for secure networking between containers on different hosts are still in their infancy.
Here we present Project Calico, which aims to provide simple, secure and scalable network connectivity for both these scenarios. An Open Source project, Calico assumes that the vast majority of data centre traffic is unicast IP-based, and caters to that using standard Linux routing and iptables. However, it also allows for other traffic such as multicast IP, and can support data centre requirements such as overlapping IPv4 addresses if required. We will describe the basic ideas behind Project Calico and explain how it can provide scalable networking for containers and VMs, while still providing the security required by modern virtualised workloads.
