Calico provides a highly scalable networking solution for connecting data center workloads (containers, VMs, or bare metal). It is based on the same scalable IP networking principles as the internet: providing connectivity using a pure Layer 3 approach. Calico can be deployed without encapsulation or overlays to provide high performance at massive scales.
Read more about it on the Project Calico website.
When using Calico networking in containerized environments, each container
gets its own IP and fine grain security policy. A calico-node
service runs
on each node which handles all of the necessary IP routing, installation of
policy rules, and distribution of routes across the cluster of nodes.
This repository contains:
- The
calico-node
container Dockerfile and build environment. It contains the configuration and "glue" that pull together four separate processes to provide Calico networking:
- Felix, the Calico worker process
- BIRD, the route distribution process (there are separate processes for IPv4 and IPv6)
- Confd, a templating process to auto-generate configuration for BIRD
- A command line tool,
calicoctl
, which makes it easy to configure and start the Calico service listed above, and allows you to interact with the datastore (etcd) to define and apply rich security policy to the containers you create. - Documentation and getting started tutorials for various different deployment options.
- Build, test and release frameworks.
Development is very active at the moment so please Star this project and check back often.
We welcome questions/comments/feedback (and pull requests).
- Announcement Mailing List
- Technical Mailing List
- Slack Calico Users Channel
- IRC - #calico
- For issues related to Calico in a containerized environment, please raise issues on GitHub.
To get started using Calico, we recommend running through one or more of the available tutorials linked below.
These tutorials will help you understand the different environment options when using Calico. In most cases we provide worked examples using manual setup on your own servers, a quick set-up in a virtualized environment using Vagrant and a number of cloud services.
- Calico as a Docker network plugin
- Calico without Docker networking
- Calico with rkt
- Calico with Kubernetes
- Calico with Mesos
- Calico with Docker Swarm
You can read more about Calico networking in a containerized environment in the material listed below.
- Learn how to configure Calico features in a deployment
calicoctl
Reference Guide explains how thecalicoctl
command line tool can be used to manage your Calico cluster- Logging describes how to set logging levels and choose where Calico logs should be stored
- Advanced Network Policy describes how to configure security policy between Calico endpoints and other networks
- BGP Configuration explains how to manage the BGP peering for integration of a Calico cluster in your network
- External Connectivity describes how to configure external connectivity for hosts on their own Layer 2 segment
- Running Calico Node Containers as Services
describes how to run the
calico/node
andcalico/node-libnetwork
images as system processes or services. This guide includes example config for systemd services.
- Learn how Calico works under the covers
- Anatomy of a calico-node container to understand
the key components that make up the
calico/node
service. - etcd Directory Structure for viewing how Calico stores data for network and endpoint configurations
- Lifecycle of a container shows you what happens using Calico without Docker networking.
- Anatomy of a calico-node container to understand
the key components that make up the
- Learn how to get involved with Calico builds and lower level integrations
- Calico Repositories to see the collection of Calico related respoitories that collectively provide the networking, tools, and orchestration integrations.
- Building and testing calico-containers images to build a Calico setup on your local machine for development and testing
- FAQ and Troubleshooting
If you are interested in contributing, please review our contributing guidelines.