April 1, 2025
Virtual | Good Hotel London, United Kingdom
CalicoCon 2025
Join us for an immersive, hybrid event led by the Calico team, where you’ll gain education, training, and best practices of Kubernetes networking, security, and observability.
About
CalicoCon is coming to KubeCon + CloudNativeCon Europe 2025, both in person and virtually.
Join industry experts and fellow practitioners at CalicoCon, where we tackle the evolving challenges of cloud-native network security. Engage in deep-dive discussions, hands-on sessions, and expert insights to navigate the complexities of securing dynamic, ephemeral cloud environments.
This edition will focus on Calico’s pluggable data plane architecture which allows users to choose the most suitable option for their specific requirements, providing flexibility and future-proofing for various environments and use cases.
We will also share a sneak peek into the latest upgrade in Calico.
We’ll end with a reception where you can meet other Calico users on their Kubernetes journeys and those behind Calico.
Agenda
Click on a session to watch replays.
| 1:00-1:15 PM | Introduction & Welcome Address |
| 1:15-1:50 PM | What is New in Calico v3.30 |
| 1:50-2:40 PM | New Observability Features in Calico Open Source v3.30 aka Whisker |
| 2:40-3:00 PM | Coffee Break |
| 3:00-3:20 PM | Migrate to nftables: Let’s Get Ready for the Next Linux Update and Avoid an Outage |
| 3:20-3:40 PM | Migrate to Calico eBPF, and Say Goodbye to kube-proxy |
| 3:40-4:00 PM | How to Integrate Calico in Your Environment with Calico APIs |
| 4:00-4:30 PM | AMA with Calico Engineers |
| 5:00-7:00 PM | Party with Calico Cool Cats |
Venue Information
Sky Blue Room, Good Hotel London, Western Gateway, Royal Victoria Dock,
London, E16 1FA, United Kingdom
Registration
This event is a co-located event at KubeCon + CloudNativeCon Europe 2025. Attendees can register by adding it to their existing registration using the CNCF portal.
If you’re not attending KubeCon + CloudNativeCon Europe, you can still participate virtually.
Speakers
Reza Ramezanpour
Developer Advocate, Tigera
Peter Kelly
VP of Engineering, Tigera
Shaun Crampton
Distinguished Engineer, Tigera
Lance Robson
Staff Software Engineer, Tigera
Ivan Sharamok
Manager, Solutions Architecture, Tigera
Leon Barron
Senior Solutions Architect, Tigera
Reza Ramezanpour
Developer Advocate, Tigera
Peter Kelly
VP of Engineering, Tigera
Shaun Crampton
Distinguished Engineer, Tigera
Lance Robson
Staff Software Engineer, Tigera
Ivan Sharamok
Manager, Solutions Architecture, Tigera
Leon Barron
Senior Solutions Architect, Tigera
Reza Ramezanpour
Developer Advocate, Tigera
Jeremy Guerrand
Solutions Architect, Tigera
Reza Ramezanpour
Developer Advocate, Tigera
Why Attend?
Security Teams
Learn how to holistically secure your cloud-native applications following today’s best practices
DevOps and SRE Teams
Learn how to include security and observability in your CI/CD pipeline to enable security, observability and troubleshooting
Platform Architects
Learn architecture patterns and best practices to secure and troubleshoot cloud-native applications
Watch replays
Learn about the latest container security trends and discover strategies and technologies
that will help your organization secure, observe, and troubleshoot cloud-native applications.
Share The Event
Copyright ©2021 Tigera, Inc.
Get Started with Kubernetes & Calico eBPF data plane
This event is designed for platform engineers, developers, and system administrators who are new to Kubernetes or cloud networking and are evaluating Standard Linux, eBPF, Windows HNS dataplanes.
Attendees will learn about Kubernetes basics, container networking principles, and how to implement Calico to secure and manage network traffic effectively.
The session will also cover practical examples, best practices, and common challenges to help you kickstart your journey towards cloud-native excellence for on-premises and public cloud environments.
Master Container Networking & Security with Calico eBPF data plane (Includes Latest Kubernetes Admin Network Policy)
Hands-on workshop to learn about how to implement Adminnetworkpolicy updates of Kubernetes networking and security using Calico. You will learn how to design, configure, deploy, and secure your Kubernetes network for single and multi-cluster environment across Standard Linux, eBPF, and Windows dataplanes. With this experience, you will be able to architect and implement a scalable and secure Kubernetes-based SaaS or CaaS platform.
The workshop will cover the following topics:
- Kubernetes deployment and networking
- Networking Options across Linux, eBPF, Windows dataplanes
- Secure workload access and strengthen your cluster’s security posture
- Implement network policies
- Implement Network admin policies
- Implement cluster-wide encryption with WireGuard
- Observe and troubleshoot workload traffic and network policies
What you’ll need on the day: A device with a modern web browser.
What is Admin Network Policy, Policy Tiers and why do you need it
Are you ready for the new changes that are coming to Kubernetes? Admin network policy and baseline admin network policy are two anticipated policy extensions that add cluster wide, proirotization, action and grouping to the Kubernetes engine.
This session is tailored to get you up and running with the Admin Network Policy changes and how Calico implements them in your Kubernetes environment. On top of that we will explore Tiers, a newly added feature to Calico open source that allows you to establish security without compremise.
Mastering Kubernetes Security: Top 3 Network Policy Patterns
Explore how to enhance your Kubernetes cluster’s security posture by implementing the top three network policy patterns: Deny-list policy, namespace isolation, and workload isolation.
In this session, we will cover how to author, stage, preview and enforce:
- Deny-list Policy: How to block unwanted traffic explicitly within your cluster.
- Namespace Isolation: Techniques to keep workloads in different namespaces securely separated unless explicitly allowed.
- Workload Isolation: Strategies to restrict traffic between workloads based on specific security requirements.
This session is ideal for platform engineers, DevOps, and cloud engineers to have a clear understanding of these essential network policy patterns and how to apply them effectively in their Kubernetes environments.
Up and running with Calico BGP
Calico is known for its robust networking capabilities, with Border Gateway Protocol (BGP) at the core of its network architecture. BGP empowers Calico to extend Kubernetes beyond the limitations of a single cluster by enabling seamless networking between BGP-capable devices and Kubernetes clusters. This provides an elegant solution for connecting Kubernetes clusters to any on-premises or cloud-based network.
In this in-depth session, we will explore the intricacies of Calico BGP, starting with the fundamentals of peering Calico BGP with a single direct router. As we progress, we will delve into advanced topics such as multihop routers and crafting effective BGP filters. Attendees will gain hands-on knowledge and see real-world examples of how to pair Calico with industry-standard routers, including Cisco, Mikrotik, and Fortinet.
This event is ideal for network engineers, Kubernetes administrators, and IT professionals seeking to enhance their network infrastructure by leveraging the full potential of Calico BGP. Whether you’re looking to connect Kubernetes clusters across diverse environments or optimize your existing network architecture, this session will equip you with the practical skills and insights needed to succeed.
