SlideShare a Scribd company logo

Calico with docker

Download as PPT, PDF
D.Rajesh Kumar
D.Rajesh Kumar

Calico with docker

Technology
1 of 8
CALICO with DockerCALICO with Docker Rajesh Kumar
2 CALICO with Docker Calico provides secure network connectivity for containers and virtual machine workloads. Calico integrates seamlessly with cloud orchestration systems such as OpenStack and Docker to provide networking between local and geographically distributed workloads. Here will discuss more about integrate with Docker
3 CALICO with Docker Calico implements a Docker network plugin that can be used to provide routing and advanced network policy for Docker containers. Security using Calico Profiles Security using Calico Profiles and Policy Security using Docker Labels and Calico Policy IPAM
4 Security using Calico Profiles With Calico as a Docker network plugin, Calico uses an identically named profile to represent each Docker network. This profile is applied to each container in that network and the profile is used by Calico to configure access policy for that container. The Calico network plugin will automatically create the associated profile if it does not exist when the container is attached to the network. By default, the profile contains rules that allow full egress traffic but allow ingress traffic only from containers within the same network and no other source. Custom policy for a network can be configured by creating in advance, or editing, the profile associated with the Docker network Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/security-using- calico-profiles
5 Security using Calico Profiles and Policy There are two ways in which the policy that defines the Docker network can be modified: •Modify the profile policy rules. This policy is applied directly to each container in the associated Docker network. This approach is simple, but not very flexible, as the profile must describe the full set of rules that apply to the containers in the network. •Assign labels to the profile, and define global selector based policy. The (Calico- specific) labels are assigned to containers in the associated Docker network. The globally defined policy uses selectors to determine which subset of the policy is applied to each container based on their labels. This approach provides a powerful way to group together all of your network Policy, makes it easy to reuse policy in different networks, and makes it easier to define policy that extends across different orchestration systems that use Calico. Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/security-using- calico-profiles
6 Security using Docker Labels and Calico Policy To enable labels to be used in Policy selectors the flag --use-docker- networking-container-labels must be passed when starting calico/node with the calicoctl node run command. All calico/node instances should be started with the flag to avoid a mix of labels and profiles. Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/security-using- calico-profiles
7 IPAM With the release of Docker 1.10, support has been added to allow users to select a specific IP address when creating a container. In order to use this feature, Docker requires that you specify the --subnet parameter when running docker network create. Calico requires that the passed --subnet value be the same CIDR as an existing Calico IP pool. Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/ipam
Calico with docker

Recommended

Docker Networking with Project Calico
Docker Networking with Project CalicoDocker Networking with Project Calico
Docker Networking with Project CalicoAndrew Kennedy
 
Clocker, Calico and Docker
Clocker, Calico and DockerClocker, Calico and Docker
Clocker, Calico and DockerAndrew Kennedy
 
Metaswitch Project Calico
Metaswitch Project CalicoMetaswitch Project Calico
Metaswitch Project CalicoAndrew Kennedy
 
Microservices and Best Practices
Microservices and Best Practices Microservices and Best Practices
Microservices and Best Practices Weaveworks
 
DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA Docker, Inc.
 
DCSF19 Deploying Istio as an Ingress Controller
DCSF19 Deploying Istio as an Ingress Controller DCSF19 Deploying Istio as an Ingress Controller
DCSF19 Deploying Istio as an Ingress Controller Docker, Inc.
 
DCEU 18: From Monolith to Microservices
DCEU 18: From Monolith to MicroservicesDCEU 18: From Monolith to Microservices
DCEU 18: From Monolith to MicroservicesDocker, Inc.
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeBen Hall
 

Recommended

Docker Networking with Project Calico
Docker Networking with Project CalicoDocker Networking with Project Calico
Docker Networking with Project CalicoAndrew Kennedy
 
Clocker, Calico and Docker
Clocker, Calico and DockerClocker, Calico and Docker
Clocker, Calico and DockerAndrew Kennedy
 
Metaswitch Project Calico
Metaswitch Project CalicoMetaswitch Project Calico
Metaswitch Project CalicoAndrew Kennedy
 
Microservices and Best Practices
Microservices and Best Practices Microservices and Best Practices
Microservices and Best Practices Weaveworks
 
DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA Docker, Inc.
 
DCSF19 Deploying Istio as an Ingress Controller
DCSF19 Deploying Istio as an Ingress Controller DCSF19 Deploying Istio as an Ingress Controller
DCSF19 Deploying Istio as an Ingress Controller Docker, Inc.
 
DCEU 18: From Monolith to Microservices
DCEU 18: From Monolith to MicroservicesDCEU 18: From Monolith to Microservices
DCEU 18: From Monolith to MicroservicesDocker, Inc.
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeBen Hall
 
Introduction To Flink
Introduction To FlinkIntroduction To Flink
Introduction To FlinkKnoldus Inc.
 
Using Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudUsing Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudAndrew Kennedy
 
Kubernetes Security
Kubernetes SecurityKubernetes Security
Kubernetes SecurityKarthik Gaekwad
 
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker, Inc.
 
Open Source & The Internet of Things
Open Source & The Internet of ThingsOpen Source & The Internet of Things
Open Source & The Internet of ThingsAll Things Open
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoEmma Gordon
 
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahOn-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahDocker, Inc.
 
Kubescape single pane of glass
Kubescape single pane of glassKubescape single pane of glass
Kubescape single pane of glassLibbySchulze1
 
Containers and Kubernetes
Containers and KubernetesContainers and Kubernetes
Containers and KubernetesNills Franssens
 
Is your kubernetes negative or positive
Is your kubernetes negative or positive Is your kubernetes negative or positive
Is your kubernetes negative or positive LibbySchulze
 
Intro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingIntro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingPacket
 
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...KCDItaly
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
 
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Docker, Inc.
 
Continuous Delivery the Hard Way with Kubernetes
Continuous Delivery the Hard Way with Kubernetes Continuous Delivery the Hard Way with Kubernetes
Continuous Delivery the Hard Way with Kubernetes Weaveworks
 
Whats new in brigade 2
Whats new in brigade 2Whats new in brigade 2
Whats new in brigade 2LibbySchulze
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker, Inc.
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Kublr
 
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam BiradarIntroducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradarsangam biradar
 
DevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân Lộc
DevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân LộcDevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân Lộc
DevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân LộcVietnam Open Infrastructure User Group
 
Getting started with k8 part2
Getting started with k8 part2Getting started with k8 part2
Getting started with k8 part2Anirban Sen Chowdhary
 
Calico in networking mode
Calico in networking modeCalico in networking mode
Calico in networking modeAnirban Sen Chowdhary
 

More Related Content

What's hot

Introduction To Flink
Introduction To FlinkIntroduction To Flink
Introduction To FlinkKnoldus Inc.
 
Using Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudUsing Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudAndrew Kennedy
 
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker, Inc.
 
Open Source & The Internet of Things
Open Source & The Internet of ThingsOpen Source & The Internet of Things
Open Source & The Internet of ThingsAll Things Open
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoEmma Gordon
 
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahOn-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahDocker, Inc.
 
Kubescape single pane of glass
Kubescape single pane of glassKubescape single pane of glass
Kubescape single pane of glassLibbySchulze1
 
Containers and Kubernetes
Containers and KubernetesContainers and Kubernetes
Containers and KubernetesNills Franssens
 
Is your kubernetes negative or positive
Is your kubernetes negative or positive Is your kubernetes negative or positive
Is your kubernetes negative or positive LibbySchulze
 
Intro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingIntro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingPacket
 
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...KCDItaly
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
 
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Docker, Inc.
 
Continuous Delivery the Hard Way with Kubernetes
Continuous Delivery the Hard Way with Kubernetes Continuous Delivery the Hard Way with Kubernetes
Continuous Delivery the Hard Way with Kubernetes Weaveworks
 
Whats new in brigade 2
Whats new in brigade 2Whats new in brigade 2
Whats new in brigade 2LibbySchulze
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker, Inc.
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Kublr
 
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam BiradarIntroducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradarsangam biradar
 

What's hot (20)

Introduction To Flink
Introduction To FlinkIntroduction To Flink
Introduction To Flink
 
Using Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudUsing Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the Cloud
 
Kubernetes Security
Kubernetes SecurityKubernetes Security
Kubernetes Security
 
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
Docker Store: The New Destination for Enterprise Software - Lily Guo and Alfr...
 
Open Source & The Internet of Things
Open Source & The Internet of ThingsOpen Source & The Internet of Things
Open Source & The Internet of Things
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
 
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahOn-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad Afanah
 
Kubescape single pane of glass
Kubescape single pane of glassKubescape single pane of glass
Kubescape single pane of glass
 
Containers and Kubernetes
Containers and KubernetesContainers and Kubernetes
Containers and Kubernetes
 
Is your kubernetes negative or positive
Is your kubernetes negative or positive Is your kubernetes negative or positive
Is your kubernetes negative or positive
 
Intro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingIntro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networking
 
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
Using the SDACK Architecture on Security Event Inspection by Yu-Lun Chen and ...
 
Continuous Delivery the Hard Way with Kubernetes
Continuous Delivery the Hard Way with Kubernetes Continuous Delivery the Hard Way with Kubernetes
Continuous Delivery the Hard Way with Kubernetes
 
Whats new in brigade 2
Whats new in brigade 2Whats new in brigade 2
Whats new in brigade 2
 
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
Docker Enterprise Edition: Building a Secure Supply Chain for the Enterprise ...
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
 
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam BiradarIntroducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
Introducing Pico - A Deep Learning Platform using Docker & IoT - Sangam Biradar
 
DevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân Lộc
DevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân LộcDevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân Lộc
DevOps at FSOFT as BOI | Nguyễn Hoài Nam, Vũ Xuân Lộc
 

Viewers also liked

Viewers also liked (6)

Getting started with k8 part2
Getting started with k8 part2Getting started with k8 part2
Getting started with k8 part2
 
Calico in networking mode
Calico in networking modeCalico in networking mode
Calico in networking mode
 
Getting started with k8
Getting started with k8Getting started with k8
Getting started with k8
 
Deploying calico on docker
Deploying calico on dockerDeploying calico on docker
Deploying calico on docker
 
Getting started with project calico
Getting started with project calicoGetting started with project calico
Getting started with project calico
 
Calico architecture
Calico architectureCalico architecture
Calico architecture
 

Similar to Calico with docker

Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfacesD.Rajesh Kumar
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introductionHazzim Anaya
 
An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...Conference Papers
 
Tips and best practices for Docker
Tips and best practices for DockerTips and best practices for Docker
Tips and best practices for DockerCalidad Infotech
 
Appsecco Kubernetes Hacking Masterclass Presentation Slides
Appsecco Kubernetes Hacking Masterclass Presentation SlidesAppsecco Kubernetes Hacking Masterclass Presentation Slides
Appsecco Kubernetes Hacking Masterclass Presentation SlidesAppsecco
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking OverviewSreenivas Makam
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and BeyondBlack Duck by Synopsys
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemTecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemBruno Borges
 
The Rise of App-chains: Driving Scalability, Security, and Performance with A...
The Rise of App-chains: Driving Scalability, Security, and Performance with A...The Rise of App-chains: Driving Scalability, Security, and Performance with A...
The Rise of App-chains: Driving Scalability, Security, and Performance with A...Zeeve
 
Calico and how interprets neutron api
Calico and how interprets neutron apiCalico and how interprets neutron api
Calico and how interprets neutron apiD.Rajesh Kumar
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stackD.Rajesh Kumar
 

Similar to Calico with docker (20)

Calico and simple policy
Calico and simple policyCalico and simple policy
Calico and simple policy
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfaces
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introduction
 
Docker best Practices
Docker best PracticesDocker best Practices
Docker best Practices
 
Kubernetes Online Training
Kubernetes Online TrainingKubernetes Online Training
Kubernetes Online Training
 
An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...
 
Tips and best practices for Docker
Tips and best practices for DockerTips and best practices for Docker
Tips and best practices for Docker
 
Drive into calico architecture
Drive into calico architectureDrive into calico architecture
Drive into calico architecture
 
Calico and open shift
Calico and open shiftCalico and open shift
Calico and open shift
 
Appsecco Kubernetes Hacking Masterclass Presentation Slides
Appsecco Kubernetes Hacking Masterclass Presentation SlidesAppsecco Kubernetes Hacking Masterclass Presentation Slides
Appsecco Kubernetes Hacking Masterclass Presentation Slides
 
Axigen on docker
Axigen on dockerAxigen on docker
Axigen on docker
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking Overview
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
 
Calico integration
Calico integrationCalico integration
Calico integration
 
Calico 3
Calico 3Calico 3
Calico 3
 
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemTecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
 
The Rise of App-chains: Driving Scalability, Security, and Performance with A...
The Rise of App-chains: Driving Scalability, Security, and Performance with A...The Rise of App-chains: Driving Scalability, Security, and Performance with A...
The Rise of App-chains: Driving Scalability, Security, and Performance with A...
 
Calico and how interprets neutron api
Calico and how interprets neutron apiCalico and how interprets neutron api
Calico and how interprets neutron api
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stack
 

More from D.Rajesh Kumar

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0D.Rajesh Kumar
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)D.Rajesh Kumar
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020D.Rajesh Kumar
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10D.Rajesh Kumar
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedD.Rajesh Kumar
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019D.Rajesh Kumar
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019D.Rajesh Kumar
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangaloreD.Rajesh Kumar
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshD.Rajesh Kumar
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chefD.Rajesh Kumar
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULED.Rajesh Kumar
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionD.Rajesh Kumar
 
Mule version-crowd highlights
Mule version-crowd highlightsMule version-crowd highlights
Mule version-crowd highlightsD.Rajesh Kumar
 
Mule exception handlingstrategies
Mule exception handlingstrategiesMule exception handlingstrategies
Mule exception handlingstrategiesD.Rajesh Kumar
 
Anypoint platform security components
Anypoint platform security componentsAnypoint platform security components
Anypoint platform security componentsD.Rajesh Kumar
 

More from D.Rajesh Kumar (20)

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdated
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangalore
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_Rajesh
 
Calico and container
Calico and containerCalico and container
Calico and container
 
Calico docker+ipam
Calico docker+ipamCalico docker+ipam
Calico docker+ipam
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chef
 
Object Store in Mule
Object Store in MuleObject Store in Mule
Object Store in Mule
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULE
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration Solution
 
Mule version-crowd highlights
Mule version-crowd highlightsMule version-crowd highlights
Mule version-crowd highlights
 
Mule ctf
Mule ctfMule ctf
Mule ctf
 
Sdlc with mule esb
Sdlc with mule esbSdlc with mule esb
Sdlc with mule esb
 
Mule exception handlingstrategies
Mule exception handlingstrategiesMule exception handlingstrategies
Mule exception handlingstrategies
 
Anypoint platform security components
Anypoint platform security componentsAnypoint platform security components
Anypoint platform security components
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

Calico with docker

  • 1. CALICO with DockerCALICO with Docker Rajesh Kumar
  • 2. 2 CALICO with Docker Calico provides secure network connectivity for containers and virtual machine workloads. Calico integrates seamlessly with cloud orchestration systems such as OpenStack and Docker to provide networking between local and geographically distributed workloads. Here will discuss more about integrate with Docker
  • 3. 3 CALICO with Docker Calico implements a Docker network plugin that can be used to provide routing and advanced network policy for Docker containers. Security using Calico Profiles Security using Calico Profiles and Policy Security using Docker Labels and Calico Policy IPAM
  • 4. 4 Security using Calico Profiles With Calico as a Docker network plugin, Calico uses an identically named profile to represent each Docker network. This profile is applied to each container in that network and the profile is used by Calico to configure access policy for that container. The Calico network plugin will automatically create the associated profile if it does not exist when the container is attached to the network. By default, the profile contains rules that allow full egress traffic but allow ingress traffic only from containers within the same network and no other source. Custom policy for a network can be configured by creating in advance, or editing, the profile associated with the Docker network Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/security-using- calico-profiles
  • 5. 5 Security using Calico Profiles and Policy There are two ways in which the policy that defines the Docker network can be modified: •Modify the profile policy rules. This policy is applied directly to each container in the associated Docker network. This approach is simple, but not very flexible, as the profile must describe the full set of rules that apply to the containers in the network. •Assign labels to the profile, and define global selector based policy. The (Calico- specific) labels are assigned to containers in the associated Docker network. The globally defined policy uses selectors to determine which subset of the policy is applied to each container based on their labels. This approach provides a powerful way to group together all of your network Policy, makes it easy to reuse policy in different networks, and makes it easier to define policy that extends across different orchestration systems that use Calico. Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/security-using- calico-profiles
  • 6. 6 Security using Docker Labels and Calico Policy To enable labels to be used in Policy selectors the flag --use-docker- networking-container-labels must be passed when starting calico/node with the calicoctl node run command. All calico/node instances should be started with the flag to avoid a mix of labels and profiles. Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/security-using- calico-profiles
  • 7. 7 IPAM With the release of Docker 1.10, support has been added to allow users to select a specific IP address when creating a container. In order to use this feature, Docker requires that you specify the --subnet parameter when running docker network create. Calico requires that the passed --subnet value be the same CIDR as an existing Calico IP pool. Refer the link to know more - https://docs.projectcalico.org/v2.6/getting-started/docker/tutorials/ipam