search

projectcalico / calico

Cloud native networking and network security
https://docs.tigera.io/calico/latest/about/
Apache License 2.0
5.92k stars 1.32k forks source link

[enhancement] egress gateway for free/OSS #7338

Open venkatamutyala opened 1 year ago

venkatamutyala commented 1 year ago

At this time it looks like egress gateway is being placed behind a paywall requiring that users upgrade to cloud or enterprise. I understand the paywall helps fund the development of this OSS but to remain competitive with free alternatives I would like to propose that this be offered as part of the free/OSS version of calico. An alternative solution (cilium) offers egress gateway for free and I believe matching this feature can help ensure this project continues to remain competitive.

frozenprocess commented 1 year ago

Hey @venkatamutyala,

Before I tag this as a feature request, please provide additional details about your situation and the particular issue you are experiencing that requires an egress gateway.

Calico open source is specifically designed to integrate with other open source tools and platforms, so understanding your scenario could identify an existing solution or suggest a particular course of action that all members of our community could use immediately to solve similar issues.

Please keep in mind that each company has its own unique way of generating revenue and ensuring sustainability while still contributing to the open-source community. Given that Calico's egress gateway is a mature solution that works with all Linux kernels, and among the main features of Calico cloud and Calico enterprise it would be pretty difficult to open-source at this moment due to the necessary resources needed to maintain it.

venkatamutyala commented 1 year ago

@frozenprocess being able to have external partners whitelist my egress IPs isn't possible with the current solution. Alternatively, I could provision a NAT gateway on the cloud provider and take that approach but that isn't ideal as that is managed outside of kubernetes and we are going to have to implement a NAT gateway solution per cloud we operate on.

Also, definitely appreciate the contribution to OSS you folks are making. Thanks for taking the time to look into this request.

NinoSkopac commented 2 months ago

+1 in 2024. I wanted to use Calico bc it seems pretty great and even AWS recommends it as an alternative CNI but I also need the egw and so I have to go Cilium