Extending OpenShift Security and Observability for Kubernetes Networking and Microservices with Calico Enterprise from Tigera
February 8, 2021 | by
This is a guest post by John Janetos, Tigera
Tigera and Red Hat have partnered to deliver an integrated Security and Observability solution for Kubernetes networking and microservices that empowers developers to innovate and ship faster with the leading hybrid and multi-cloud and container platform, while providing fine-grained security and compliance controls to protect Kubernetes workloads.
Red Hat OpenShift, the leading Kubernetes platform, is designed to help organizations implement a Kubernetes infrastructure that enables rapid application development and deployment. OpenShift has been engineered to address the complexity of managing containerized applications in production, and designed as a self-managing platform with automatic software updates and life cycle management across on-prem and cloud environments.
All applications are vulnerable to cyber attack, and Kubernetes workloads and apps are no exception. Effectively deploying microservices on OpenShift introduces new implementation demands on infrastructure, network security, and compliance. The combination of Calico Enterprise and Red Hat OpenShift addresses these new challenges.
Calico Enterprise from Tigera provides a rich super set of capabilities that significantly extend security and observability capabilities for Kubernetes networking and microservices in OpenShift.
Calico Enterprise from Tigera is the only Kubernetes-native solution that is deeply embedded within the Kubernetes environment to provide robust security controls, real-time observability, and troubleshooting data from the inside across heterogeneous environments. Calico Enterprise builds on open source Project Calico, the most widely adopted Kubernetes CNI, powering more than one million nodes every day.
Traditional networking tools, which were designed for relatively static IP environments, don’t have the context necessary to identify Kubernetes traffic flows, making it nearly impossible to effectively perform essential functions like workflow monitoring, packet capture, and troubleshooting, for example. Integrating Calico Enterprise natively within the OpenShift platform offers multiple advantages, including:
Centralized control across heterogenous Kubernetes environments with consistent policy management for containers and VMs, on-prem and across multiple public clouds
Kubernetes-native security and compliance, including intrusion detection, L3 to L7 protection, and integration with existing firewalls
Purpose-built observability and problem resolution for Kubernetes, including automated tools for DNS, application and network troubleshooting, flow log visualization, and policy staging
Want to learn more? Stay tuned for future blogs and learn new skills such as how to implement fine-grained egress access from your OpenShift clusters. And check out these resources:.
Overview The policy framework in Red Hat Advanced Cluster Management for Kubernetes (RHACM) is a powerful feature that help you to govern your configurations across multiple clusters. You can enforce ...
Introduction By default, the OpenShift Container Platform registry is not exposed outside of the cluster at the time of installation. Red Hat Advanced Cluster Security can be used to scan images held ...