Cluster ->
pod cidr - 10.255.0.0/16
service cidr - 10.252.0.0/16
Using - https://github.com/projectcalico/calico/blob/master/manifests/calico-policy-only.yaml
I am using flannel as cni plugin in the cluster and using calico for just network policies.I have defined CALICO_IPV4POOL_CIDR (in the calico/node daemonset) as the cluster-cidr or pod-cidr which is 10.255.0.0/16.
But when I add netpol for my pod to egress to service cidr , my workload still fails to reach to endpoint 10.252.0.1/443.
netpol ->
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: pod-egress-to-k8s-services
spec:
podSelector:
matchLabels:
name: pod
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 10.252.0.0/16
Is there a way to define service cidr in calico explicitly ?
