Building on the last two minor releases, Project Calico 2.3 brings with it support for the Kubernetes v1 NetworkPolicy API and significant performance gains – along with the all new Typha daemon.
Timers and log levels in Felix’s critical path have been finely tuned to reduce CPU by up to 50% at high churn rates.
» v1 NetworkPolicy API Support
Project Calico 2.3 now implements the v1 NetworkPolicy API semantics when using the Kubernetes Datastore Driver (KDD). Note – using the new NetworkPolicy API changes how existing Kubernetes Policies are enforced. Before using this new implementation, please see the release notes. If using etcd, there are no changes as Calico with etcd continues to implement the v1beta1 version.
» Introducing Typha – and Greater Scale for KDD Mode
We’re super excited to release the beta Typha daemon to act as a buffer between Calico and the Kubernetes’ API server when running Calico in KDD mode. Calico has always scaled to 1,000+ nodes on Kubernetes when using Calico in etcd mode. But when running Calico in KDD mode (using Kubernetes API server to master network state instead of etcd), Kubernetes itself starts to struggle at higher scales, so is not recommend for deployments of more than ~100 nodes. Now with the addition of Typha, you’re able to run Calico in KDD mode at the same high scales as Calico in etcd mode! Learn more about Typha here, but please remember Typha is still in beta with limited documentation.
View the full list as well as specific updates to individual components in the 2.3 Release Notes.