Report explores global insights from users of Calico Open Source, the most widely-adopted container networking and security solution
Tigera, provider of the industry’s only active security platform for containers and Kubernetes released findings from its 2023 State of Calico Open Source: Usage & Adoption Report. The survey polled more than 1,200 Calico Open Source global users to gauge what capabilities’s IT professionals need for container networking and security.
CIO INFLUENCE News: Palo Alto Networks Cements Position in Taiwan With New Local Cloud Infrastructure Investment
Survey respondents from organizations across all major sectors, including technology, healthcare, government, insurance and financial services, revealed the critical capabilities driving Calico adoption:
- Scalable networking (35%)
- Security policies (35%)
- Interoperability across different environments (33%)
- Encryption capabilities (30%)
Lack of network visibility in Kubernetes clusters and workloads can cause misconfigurations, which can lead to devastating consequences like ransomware attacks, exposure of sensitive data, denial of service (DoS) attacks and unauthorized lateral movement. In Red Hat’s recent State of Kubernetes Security Report, nearly 50% of respondents experienced one or more of these issues in the last 12 months, underscoring the need for visibility at the workload level to identify and mitigate misconfigurations and threats that traditional perimeter-based security solutions cannot identify.
Tigera’s State of Calico Open Source: Usage & Adoption Report revealed workload access policies that limit pod-to-pod communication as the most popular type of security policy Calico users deploy, followed by policies for secure egress access.
- Workload access policies that limit pod-to-pod communication (61%)
- Secure egress access policies (41%)
- Microsegmentation policies (24%)
- Compliance (8%)
An overwhelming 85% of users said they needed to achieve network segmentation and protect east-west traffic. IT leaders need enhanced security controls at the workload level to limit pod-to-pod communication, reducing the risk of lateral movement of threats and contributing to compliance efforts. Moreover, egress access controls allow users to adopt a default-deny posture that helps protect against data exfiltration threats.
CIO INFLUENCE News: Rockwell Automation Signs Agreement To Acquire Autonomous Robotics Leader Clearpath Robotics
“The State of Calico Open Source: Usage & Adoption Report findings show that developers understand the criticality of robust workload-centric network security for Kubernetes workloads,” said Amit Gupta, Chief Product Officer, Tigera. “Calico is a pivotal part of the container and Kubernetes ecosystem, and we are proud to bring industry-leading container networking and security capabilities to enterprises around the world.”
The report also explored trends in cluster deployments, revealing that most Calico clusters are deployed across cloud environments.
- 59% of Calico users are using multiple clusters
- 50% of users have clusters deployed in a hybrid cloud environment
- 56% of Calico users have an average cluster size of between 10–100 nodes
- Amazon Elastic Kubernetes Service (EKS) is the most-used Kubernetes platform or service among Calico users
Survey findings underscored the importance of giving users choices when it comes to data planes; there is no one-size-fits-all approach. Respondents use a combination of data planes including eBPF, standard Linux and Windows.
- Nearly half of the survey respondents reported using Linux IPtables (49%) and/or Windows HNS (46%)
- 16% of respondents use Calico’s newer eBPF data plane. When asked about plans for the future, 1 out of 5 respondents (20%) reported planning to use eBPF, while the use of Linux IPtables and/or Windows HNS is expected to decline slightly.
Calico offers support for several data planes, including Linux IPtables, Windows HNS, VPP, and eBPF, allowing users to easily load and unload data planes to suit their unique needs.
Project Calico is an open-source project with an active development and user community. Calico
Open Source was born out of this project, and today, Calico Open Source is a leading networking and security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, RedHat OpenShift, Docker EE, OpenStack, bare metal services as well as managed Kubernetes services such as EKS, AKS, GKE and IKS.
Calico is the most adopted technology for container networking and security and used across 1M+ clusters, 8M+ nodes and has been downloaded over 1.5B times from Docker.
CIO INFLUENCE News: Scala Data Centers Joins Datacloud USA 2023 as Sustainability Partner
[To share your insights with us, please write to sghosh@martechseries.com]
