DEVOPSdigest

Tigera announced support for SUSE Rancher Kubernetes Engine (RKE) 2, the next generation of RKE for Government and Data Center use cases.

RKE2 is a Federal Information Processing Standards (FIPS) enabled alternative to RKE for government and other compliance-driven deployments.

With this new support, SUSE Rancher users can now install Tigera's CNAPP, Calico, to enable build, deploy, and runtime security for Kubernetes and containers on RKE2. Specifically, Calico provides comprehensive zero-trust workload protection and full-stack observability and troubleshooting functionalities for workloads running on RKE2. With Calico, RKE2 users can now protect their applications against runtime threats and vulnerabilities and proactively mitigate these threats.

"Using Calico's active, zero-trust based security for cloud-native applications running on RKE2, SUSE Rancher users can now focus on threat prevention using zero-trust controls," said Amit Gupta, CPO, Tigera. "For example, Calico enables users to implement granular, zero-trust workload access tools, such as DNS policies and NetworkSets, to manage access controls for the data flowing between workloads and external resources."

As SUSE Rancher's next-generation Kubernetes distribution, RKE2 is fully conformant for security and compliance within the U.S. Federal Government and designed for data center use cases.

The newer version of Rancher Kubernetes Engine, RKE2 is beneficial for users who are looking to harden and secure their Kubernetes clusters to be compliant with various requirements such as FIPS. This new support for Calico, to be used as a networking and security solution for RKE2 deployments, gives SUSE Rancher customers unparalleled visibility and zero-trust workload access for these deployments.

David Landry, Director of Solutions Partners & Alliances at SUSE, said, "SUSE and Tigera have been collaborating on Calico Open Source, which is provided out of the box by Rancher as a CNI option in RKE and RKE2 clusters ..."

With Calico available on RKE2, SUSE Rancher users will find that it addresses industry-wide pain points and provides the following key benefits:

- Reduces the attack surface using zero-trust workload security

- Detects and block malicious threats during build, deploy and runtime

- Protects internet facing applications with workload-based Web Application Firewall (WAF)

- Provides visibility into workload communication for security and troubleshooting

SUSE Rancher provides enterprises with a compliant platform to host and develop their applications. RKE users running Calico CNI can seamlessly upgrade to Calico CNAPP for robust security and observability. Calico offers CNAPP with full-stack observability for containers, Kubernetes, and cloud.