Calico: Shifting into top gear with OpenShift!

Calico: Shifting into top gear with OpenShift!

OpenShift users rejoice! Project Calico is now integrated with OpenShift 3.6, including the openshift-ansible installer, both in OpenShift Origin, and OpenShift Container Platform. This enables OpenShift deployments to benefit from the leading Network and Network Policy implementation for Kubernetes, and rich feature set, scalability and simplicity of Calico. It also allows OpenShift deployments to have a unified policy model across hybrid deployments across other Calico-enabled orchestrators, as well as host instances and bare metal deployments.

As always, the Calico community lent a big helping hand to get to this milestone – specifically, early users who collaborated with the Tigera and Red Hat teams, along with partners within the community who contributed to the integration. We’d like to give a tip of the hat and a big thank you to Endocode, and idealo internet GmbH in Germany for their collaboration and contributions.

idealo Internet have deployed OpenShift with Calico, and are glad to benefit from Calico’s rich Network Policy features enabling a simpler, more scalable, and secure network fabric for their deployment. In the words of Daniel Burgmann, team leader for build and delivery tooling at idealo:

“We wanted a container orchestration on premise, on bare metal and without overlay networking. It had to be fast, with a simple and well understood networking model and easy to use for application development, and easy to debug. The combination of Calico with OpenShift enabled us to engineer a fully automated production grade setup in a few weeks. Tigera’s Calico integration into the OpenShift Ansible playbooks made it a breeze to deploy Calico as the CNI plugin.”

OpenShift-ansible is the preferred deployment mechanism for deploying OpenShift, and Calico has been integrated into the base platform’s openshift-ansible playbooks in both OpenShift Origin 3.6 and OpenShift Container Platform 3.6. An illustration of how to deploy Calico with OpenShift is provided in this youtube video, and Project Calico docs include instructions for OpenShift. Red Hat’s OpenShift Engineering, Partner and Product teams collaborated closely with the Project Calico team on the integration.

Calico can be deployed to use etcd as its datastore driver, where etcd can be shared with OpenShift (for smaller, typically PoC deployments), or a dedicated Calico-etcd cluster can be provisioned (in case of larger scale and production deployments). Note that Calico’s alternative Kubernetes Datastore Driver (KDD) is not currently enabled with the OpenShift integration; we hope to address this in future when OpenShift gains full support for third party resources (or custom resource definitions).

We invite you to join the community (in the #openshift channel or the #kubernetes channel) and collaborate with us and the rest of the user base as you dive deeper with OpenShift and Calico. In the meantime, happy Shifting to Calico!

Karthik is the Director of Solution Architecture at Tigera. In collaboration with the open source and Project Calico community, he is on a mission to fundamentally improve the simplicity and scalability of networks and network security in the cloud native world leveraging his years of experience with the design, deployment and operation of cloud and network infrastructure at scale.