Low Trust Edge Network? No Problem - Get Great Performance and Security Using Calico, VPP, and WireGuard
As we’re learning from the other sessions at this summit, Kubernetes has many applications in the Enterprise Edge. However, Edge networks are more difficult to physically protect against malicious parties or other interference, so it becomes critical that security is implemented, not only between pods, but also to protect traffic on the wire. To add to the challenges, in an edge Kubernetes deployment, making the best possible use of the available CPU resources is even more critical than normal due to limited available resource - you can’t just buy a bigger instance, here! Using Calico, VPP, and WireGuard together offers incredible wire-rate encryption of data-in-flight, with extremely limited CPU overhead. In this session we will talk through how these benefits can be realised for your clusters.
Speakers
Chris is a developer advocate at Tigera, where he champions user needs to support Project Calico’s users and contributor community. He has worked in networking since 2000. After realising that a per-device CLI is not a scalable solution for a large environment, he took an early interest in infrastructure-as-code approaches and large-scale automation and continues to have a special interest in pursuing technologies in these areas.
Nathan is a software engineering at Cisco focusing on container networking & cloud app performance. After spending time deploying & scaling web apps he took interest in converting his love for script based infras into cloud native approaches, and now contributes to the building blocks of line rate container networking. He’s a maintainer of the Calico/VPP integration, and of VPP’s QUIC stack.