Kubernetes Calico-node and Calico-typha
Calico-Node
Definition
Calico node is a component of Kubernetes that provides networking and network policy enforcement for pods within the cluster. It enables administrators to easily configure and manage pod-to-pod communication, as well as providing full Layer 3 networking. Additionally, Calico node allows network operators to construct robust network security policies to isolate services running within their cluster.
Components
The components of Calico Typha include
- Typha agent,
- Typha configurer,
- Loadbalancer, and
- the associated Kubernetes services
The Typha agent provides a service for packets to be routed across multiple nodes in the cluster,
while theTypha configurer ensures that the policies associated with each node are properly configured.
The Loadbalancer provides a service to manage connections from the exterior of the cluster to the individual pods,
while the associated Kubernetes services enable communication between the various components of the Calico Typha system.
Calico-Typha
Definition
Calico Typha is a component of Kubernetes that provides
- high availability,
- scalability, and
- ingress load balancing for applications running within the cluster.
It helps ensure the smooth running of applications by improving the quality of service, reducing downtime, and providing better resource utilisation.
By using Calico Typha, operators can also configure policy-driven network segmentation, enabling secure communication between services.
Components
Calico Typha is required in Kubernetes to provide high availability, scalability, and ingress load balancing for applications running within the cluster. It helps ensure the smooth running of applications by improving the quality of service, reducing downtime, and providing better resource utilization. Additionally, by using Calico Typha, operators can configure policy-driven network segmentation, enabling secure communication between services.
Calico Components Overview
The calico-node
is a daemonset and so its pod runs on every host.
Without Calico-Typha, every calico-node would have to register its own watch with the API Server, and the load on the API server would multiply as you scale up the number of nodes.
By having Typha, all the watch events are off-loaded to Typha and read only once from the API server.
Hence Typha is not optional, but is a necessary component of your Calico deployment for any decent-sized production cluster.
You need to create a firewall rule to allow every calico-node pod to communicate with calico-typha pod.