As well as providing networking for OpenStack VMs, Calico can provide networking for containers in a Docker environment. Each container gets its own IP and fine grain security policy. In addition, Calico can be deployed without encapsulation or overlays to provide high performance at massive scales. For more information on Project Calico see http://www.projectcalico.org/learn/.
Development is very active at the moment so please Star this project and check back often.
We welcome questions/comments/feedback (and pull requests).
- Mailing List - http://lists.projectcalico.org/listinfo/calico
- IRC - #calico
- For Calico-on-Docker specific issues, please raise issues on Github.
The recommended way to get started with Calico for the first time is to follow the Getting Started Guide. You can be up and running within a matter of minutes. The guide includes step by step instructions covering
- setting up a 2 node Linux cluster either
- using Vagrant (on Virtual Box or VMware) for easy setup on your laptop or other virtual environment
- by manually setting up your own cluster
- setting up Calico on the cluster
- creating containers using Calico networking.
In addition to the Getting Started Guide we also have tutorials for:
Finally, if you want to try out networking containers using Calico with Docker's new libnetwork network driver support then you can try out our Ubuntu Vagrant libnetwork example.
Calico connects datacenter workloads (containers, VMs, or bare metal) via IP no matter which compute host they are on. Read about it on the Project Calico website. Endpoints are network interfaces associated with workloads.
Project Calico uses etcd to distribute information about workloads, endpoints, and policy to each Docker host.
The calico-node service is a worker that configures the network endpoints for containers, handles IP routing, and installs policy rules. It runs in its own Docker container, and comprises
- Felix, the Calico worker process
- BIRD, the routing process
- a Powerstrip adapter to set up networking when Docker containers are created.
We provide a command line tool, calicoctl, which makes it easy to configure and start the Calico services listed above, and allows you to interact with the etcd datastore to define and apply network and security policy to the containers you create. Using calicoctl, you can provision Calico nodes, endpoints, and define and manage a rich set of security policy.
For more information on what you can do with Calico, please visit the frequently asked questions page.