Calico Integration

Calico is one of the most popular CNI’s in the Kubernetes ecosystem.  Offering a simple method to connect nodes, this container networking function is easy to implement for small-to-medium sized clusters, and has strong community and paid support options.

However, as more nodes are added to the cluster, there is an exponential growth in the number of BGP peers that must be maintained by each node.  This limits the scalability of your on-demand infrastructure.

Project Calico recommends establishing local BGP peering with the physical network to offload this task to network switches and routers.  The implementation guide for this change (available from legacy hardware vendors) is sometimes 100+ pages long!  Surely there must be an easier way.

Enabling BGP peering between all Kubernetes nodes and network switches and routers requires detailed IP and AS number planning as well as properly configured BGP policies on every single device. Every time DevOps engineers add, move or delete Kubernetes cluster nodes — network engineers will need to repeat the planning and implementation of these BGP policies. This takes lot of time and creates the potential for human error that can bring the network down.

With Netris, a one-line annotation command triggers Netris to automatically configure both Calico and network switches and routers.  The necessary BGP peers are configured on both sides (nodes to leaf/TOR switches), the peering is established in a fully automatic fashion.  Once this new network routing domain converges, Netris turns off the original full-mesh mode, without interrupting application traffic.  From that point forward, Netris monitors the CNI control plane for any changes, and if necessary, automatically updates all affected devices in realtime.