The big idea behind both of those platforms — and, by extension, Canal — is to focus on networking solutions at the layer 3 level rather than layer 2. In short, that means that, instead of trying to extend existing networking protocols to deliver connectivity for containers, these tools set up virtual overlay networks. They create virtual network interfaces and assign virtual IP addresses to containerized or other cloud-based apps as needed.
Tigera calls Canal “the combination and refinement” of Flannel and Calico. The company hasn’t released much yet in the way of details about the features it envisions implementing for Canal, but its operative term is “policy-based networking.” Presumably, the goal is to provide a solution that lets admins define network policies for their containers, while Canal does the dirty work in the background of automatically configuring virtual networks and routes to provide the configured policies.
The company also emphasizes the need for more scalable networking. “It’s more than time for a truly scalable policy-driven networking fabric,” its website proclaims.
Security, too, is a big part of the Tigera pitch about the viability of the projects that form the basis for Canal. “Calico can automatically apply fine-grained security policy to every workload network path accessing or transiting the cloud,” the company says. “In this way, Calico eats for breakfast the 1000x increase in workloads that is crushing traditional 3-tier security architectures today.”
Tigera, whose founders are Project Calico veterans, announced its launch on May 9. The San Francisco-based company says it is “backed by leading Silicon Valley investors.”