For DevOps and platform teams working with containers and Kubernetes, reducing downtime and improving security posture is crucial. A clear understanding of network topology, service interactions, and workload dependencies is required in cloud-native applications. This is essential for securing and optimizing the Kubernetes deployment and minimizing response time in the event of failure.

Whether an enterprise is migrating its legacy application to a cloud-native architecture or deploying a new cloud-native application, it will face the challenge of integrating with security tools such as firewalls that rely on a stable network identity for security configuration. This is due to the fact that cloud-native workloads aren’t guaranteed to have a fixed network identity.

Calico 3.28 now has enabled VXLAN checksum offload by default for environments with the kernel version of 5.8 or above. In the past, offloading was disabled due to kernel bugs. Please keep in mind, if you are upgrading to 3.28 this change will take effect after node restarts.

When setting up a Kubernetes environment with Amazon Elastic Kubernetes Service (EKS), it is crucial to understand your available networking options. EKS offers a range of networking choices that allow you to build a highly available and scalable cloud environment for your workloads. In this blog post, we will explore the networking and policy enforcement options provided by AWS for Amazon EKS.

Virtualization is a powerful technology that allows businesses to run multiple operating systems and applications on a single physical server. Kubevirt is an open-source tool that makes it easy to deploy and manage virtual machines (VMs) on Kubernetes and Calico is an open-source networking and security tool that provides easy yet robust networking and security for Kubernetes workloads.