Calico Open Source Introduces Version 3.30, Ushering in a New Era of Network Security and Observability for Calico and Kubernetes
Uncategorized

Calico Open Source Introduces Version 3.30, Ushering in a New Era of Network Security and Observability for Calico and Kubernetes


The platform’s largest functionality release to-date includes new capabilities that improve observability of traffic data, streamline policy testing and add support for managing ingress traffic

SAN JOSE, Calif., April 1, 2025 /PRNewswire/ — Tigera, the creator of Project Calico, the most widely adopted container networking and security solution, today announced the addition of significant new functionality to Calico Open Source with the release of Calico OSS 3.30. These latest upgrades will enhance the observability, security, and scalability of Kubernetes deployments for all enterprises leveraging the solution.

Calico Open Source was derived from Project Calico, a project established to make Kubernetes networking seamless, reliable, and scalable for all organizations. Calico Open Source has grown to become the most widely adopted container networking and security solution, now powering more than 8 million nodes daily across 166 countries.

With the release of Calico OSS 3.30, Tigera is extending access to its proven observability and security tools from the company’s commercial editions to all organizations. These new features enable organizations to gain unmatched visibility into their service-to-service communications, while also extending Calico deployments to manage ingress traffic.

Enhanced observability with Calico’s flow logs, metrics, and Whisker 
Troubleshooting applications running in Kubernetes is a common pain point for DevOps teams. Given the dynamic nature of Kubernetes workloads, developers often struggle to accurately depict and analyze network traffic inside and outside of the cluster. The latest version of Calico Open Source introduces Goldmane, a gRPC-based API endpoint that provides streamlined access to flow logs and metrics generated by Calico.

The feature makes it easier for DevOps teams to troubleshoot clusters by providing increased visibility into service-to-service communications alongside workload-specific context and also facilitates collaboration with the ability to share logs. When used with Calico network sets, flow logs enable organizations to gain visibility into traffic across public and private IP spaces. The user-defined network sets appear as additional metadata in flow logs, cutting down the time spent troubleshooting during an incident from days to minutes.

In addition, Calico Open Source now includes Whisker, a web-based tool that connects to Goldmane, providing users with instant access to flow logs generated by Calico. It includes filtering capabilities and the ability to view all flow log metadata enabling organizations to easily troubleshoot connectivity issues in their cluster, author new policies, or test how new, enforced or staged policies are evaluating traffic.

Simplified microsegmentation with staged policies
Network policies improve the security posture of workloads in a cluster, however, developers are hesitant to use and enforce policies without testing them, as a single misconfigured policy can cause a business outage.

The introduction of Calico OSS 3.30 combats this challenge. Calico Open Source now includes support for GlobalStagedNetworkPolicy and StagedNetworkPolicy. These policies allow users to implement namespace isolation and various other forms of microsegmentation. Staged policies enable organizations to test and audit the behavior of a Calico policy before it is actively enforced. The behavior of a staged policy appears in flow logs and generates metrics akin to any other policy simulating a live environment.

Advanced ingress management with Kubernetes Gateway API
Ingress is one of the most critical aspects of deploying and using Kubernetes, and provides a way for clients external to a Kubernetes cluster to communicate with services, APIs, and applications running inside of a cluster.

Calico OSS 3.30 includes Calico Ingress Gateway, a 100% upstream, enterprise-ready implementation of the Gateway API based on Envoy Gateway. Calico Ingress Gateway provides a standardized, vendor-neutral approach to ingress management, and delivers more functionality than traditional ingress controllers, from load balancing and failover strategies to rate limiting.

Streamlined access to Calico Cloud 
With the release of Calico OSS 3.30, Tigera enables any open source cluster running Calico 3.30 to seamlessly connect to the free forever edition of Calico Cloud without installing any additional components. Calico Cloud free forever edition provides read-only, stateless access to clusters to manage policies, visualize workload communication with Service Graph and automatically generate recommended policies for namespace isolation.

“At Tigera, we are dedicated to providing the open source community with the tools needed to scale Kubernetes environments efficiently and securely,” said Phil DiCorpo, Senior Director of Product Management at Tigera. “The extensive updates to Calico Open Source announced today solidifies this commitment. These latest enhancements will provide organizations with unmatched visibility into the traffic within their clusters, simplify microsegmentation and namespace isolation capabilities, and deliver comprehensive ingress management.”

Don’t miss out on the enhanced features and improved performance of Calico OSS 3.30. Update now to take full advantage of the cutting-edge capabilities and ensure your organization stays ahead in the ever-evolving digital landscape. Learn more about Calico Open Source’s new capabilities here.

Meet Tigera at KubeCon Europe 2025

Register for CalicoCon 2025: On April 1, Tigera will host CalicoCon 2025, an immersive event led by the Calico team, where attendees will gain education, training, and best practices on Kubernetes networking, security, and observability. This event is a co-located event at KubeCon + CloudNativeCon Europe 2025, but is open to anyone. Those who plan to be at KubeCon + CloudNativeCon Europe can register for CalicoCon by adding it to their existing registration using the CNCF portal. Those not attending KubeCon + CloudNativeCon Europe can still participate virtually by registering for the CalicoCon virtual experience.

Meet Tigera at Booth S330: To discuss Calico’s latest Kubernetes network security and observability advancements, visit Tigera at KubeCon Europe 2025 at Booth S330.

About Tigera
Tigera provides Calico, a unified network security and observability platform to prevent, detect and mitigate security breaches in Kubernetes clusters. Tigera’s open-source offering, Calico Open Source, is the most widely adopted container networking and security solution.

Powering more than 100M containers across 8M+ nodes in 166 countries, Calico software is supported across all major cloud providers and Kubernetes distributions, and is used by leading companies including Discover, Chipotle, NBCUniversal, HanseMerkur, Box, Siemens Healthineers, Playtech, Royal Bank of Canada, and Bell Canada.

Media Contact
Katherine Benfield
ICR for Tigera
[email protected]

SOURCE Tigera



Source link