Tigera, which provides a cloud-native application protection platform (CNAPP) with full-stack observability for containers, Kubernetes and cloud, announces support for Rancher Kubernetes Environment (RKE) 2, the next generation of RKE for government and data centers. RKE2 is a Federal Information Processing Standards (FIPS)-enabled alternative for compliance-driven deployments.
With this support, Rancher users can install Tigera’s CNAPP, Calico, to enable build, deploy, and runtime security for Kubernetes and containers on RKE2. Specifically, Calico provides comprehensive zero-trust workload protection and full-stack observability and troubleshooting functionalities for workloads running on RKE2. With Calico, RKE2 users can protect their applications against runtime threats and vulnerabilities and proactively mitigate these threats.
“Using Calico’s active, zero-trust based security for cloud-native applications running on RKE2, Rancher users can now focus on threat prevention using zero-trust controls,” said Amit Gupta, chief product officer, Tigera. “For example, Calico enables users to implement granular, zero-trust workload access tools, such as DNS policies and NetworkSets, to manage access controls for the data flowing between workloads and external resources.”
As Rancher’s next-generation Kubernetes distribution, RKE2 is conformant for security and compliance within the U.S. government and designed for data center use cases.
The newer version of Rancher Kubernetes Engine RKE2 is beneficial for users that are looking to harden and secure their Kubernetes clusters to be compliant with various requirements such as FIPS. This support for Calico, to be used as a networking and security solution for RKE2 deployments, gives Rancher customers visibility and zero-trust workload access for these deployments.
With Calico available on RKE2, Rancher users will find it addresses pain points and provides these benefits:
- Reduces the attack surface using zero-trust workload security
- Detects and blocks malicious threats during build, deploy and runtime
- Protects internet-facing applications with workload-based Web Application Firewall (WAF)
- Provides visibility into workload communication for security and troubleshooting
Rancher provides enterprises with a compliant platform to host and develop their applications. RKE users running Calico CNI can upgrade to Calico CNAPP for robust security and observability.
To learn more about Calico on RKE2 or how to get Calico installed and configured in your Rancher RKE2 cluster, visit https://docs.tigera.io/master/getting-started/kubernetes/rke2.