Present virtual networking solutions for OpenStack run at Layer 2, requiring implementors to specify overlay networks as VLANs, which don’t scale well. Meanwhile, alternative technologies like GRE, VXLAN and other SDN approaches add big CPU overheads, limiting compute-node VM density (or compelling use of specialized network hardware for CPU offload) and ultimately adding costs.
Calico, by contrast, uses Layer 3 internet core routing technologies and tools like Border Gateway Protocol (BGP) for route discovery to network VMs and hosts, whole datacenters, and multiple datacenter locations via carrier networks. The Calico project is part of Metaswitch’s Neuron initiative, which provides a continuous framework for Network Function Virtualization (NFV) that meets the needs of both datacenter operators running VM/host architectures with lots of virtualized tenant clusters and networks (i.e., the typical OpenStack use-case), and carriers building extremely high-density data centers that virtualize at Layer 3 and may use container-based (e.g., Docker, Flynn) isolation schemes.
Calico is built on OpenStack Neutron with parts drawn from the Linux kernel. Metaswitch has developed a Neutron plug-in for Calico that works in tandem with a software agent called Felix, which manages forwarding tables and security policies. They say that one ultimate goal is for Calico to be adopted as part of OpenStack.
- Flattening and simplifying the NFV cloud