reference deployment

Tigera Calico for Amazon EKS

Open-source network-policy enforcement on Amazon Elastic Kubernetes Service

View deployment guide

This Partner Solution deploys Tigera Calico to the Amazon Web Services (AWS) Cloud. Calico provides open-source networking and network security for containers, virtual machines (VMs), and hosted workloads. It delivers native Linux-kernel performance and scalability, and users are provided a consistent set of capabilities for running environments either on-premises or in a cloud environment. Calico supports both single- and multi-node clusters for many platforms, such as Kubernetes, OpenShift, Docker EE, and OpenStack.

This Partner Solution is for developers and administrators who want to apply network-policy enforcement to Amazon Elastic Kubernetes Service (Amazon EKS) clusters. This deployment provides a rich network policy model that helps secure communications by controlling traffic flows. Clusters deployed by this Partner Solution are upgradable for enterprise-grade security and compliance use cases.

This Partner Solution was developed by Tigera in collaboration with AWS. Tigera is an AWS Partner.

Contact partner
  •  What you'll build

  • Use this Partner Solution to set up the following Tigera Calico for Amazon EKS. Note that this module is based on the Modular and Scalable Amazon EKS Architecture Partner Solution.

    • Tigera Operator and associated resources in its own namespace.
    • A custom resource that configures the Calico installation.
    • Calico resources in the calico-system namespace.

    * The template that deploys the Partner Solution into an existing VPC skips the tasks marked by asterisks and prompts you for your existing VPC configuration.

    Quick Start architecture for Tigera Calico on the AWS Cloud
  •  How to deploy

  • To deploy this Partner Solution, follow the instructions in the deployment guide, which includes these steps.

    1. If you don't already have an AWS account, sign up at https://aws.amazon.com.
    2. Prepare an existing EKS cluster.
    3. Launch the Partner Solution. The stack takes about 5–30 minutes to deploy. Before you create the stack, choose the AWS Region from the top toolbar. Choose one of the following options:
    4. Test the deployment.

    Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on this solution.  

    View deployment guide for details
  •  Costs and licenses

  • Calico binaries are provided for free under the Apache 2.0 license. To enable additional enterprise features, refer to Calico Enterprise Features.

    You are responsible for the cost of the AWS services and any third-party licenses used while running this solution. There is no additional cost for using the solution.

    This solution includes configuration parameters that you can customize. Some of these settings, such as instance type, affect the cost of deployment. For cost estimates, refer to the pricing pages for each AWS service you use. Prices are subject to change.

    Tip: After you deploy a solution, create AWS Cost and Usage Reports to track associated costs. These reports deliver billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. They provide cost estimates based on usage throughout each month and aggregate the data at the end of the month. For more information, refer to What are AWS Cost and Usage Reports?