1 Introduction to Calico

Calico is an L3/L4 networking solution to secure containers, Kubernetes clusters, and virtual machines. It offers scalable pod networking using overlay or non-overlay modes, optionally using Border Gateway Protocol (BGP), and includes advanced IP address management.

The Calico Kubernetes Container Network Interface (CNI) plugin enforces and extends the Kubernetes Network Policy API to set ingress and egress policies. Rules can be set using Boolean-like logic to create network policies using any combination of:

• Namespaces.

• Label selectors.

• Network protocols (TCP, UDP, SCTP).

• Network ports.

• Network CIDRs.

For information on the Kubernetes Network Policy API, see the upstream Kubernetes documentation.

The Tigera Calico operator is deployed into Oracle Cloud Native Environment. You can install the operator as the native Kubernetes CNI when you install the Kubernetes module. Or you install the operator using the Calico module. Both installation options are shown in this document.

The Tigera Calico operator is installed with a default VXLAN configuration (default-allow) to enable network traffic between pods. This means that if you don't create any network policies, all pods can communicate with each other.

More information on Calico is available in the upstream Calico documentation.