Stack Overflow
Stack Overflow

Questions tagged [calico]

Project Calico is an open-source networking and security solution for Kubernetes. Use this tag to mark questions related to the project.

Project Calico

Project Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

207 questions
0
votes
1 answer

Kubernetes API server failed to resolve webhook on EKS with Calico CNI

I'm trying to deploy an application in AWS EKS. I have created an EKS cluster with Calico CNI by following the official Calico documentation. I have also installed the AWS load balancer controller by following the docs here. Here is my cluster,…
Iftieaq
  • 1,904
  • 2
  • 15
  • 26
0
votes
0 answers

Cannot access from Init container with calico NetworkPolicy

I have below namespaces for my app backend-api <-- API pod deployed here backend-db <-- redis instance deployed here In backend API pod, there's an iniit container that will populate the db first I have below NetworkPolicy (I have deployed calico…
ivcode
  • 235
  • 2
  • 14
0
votes
1 answer

How to access ACR images from calico.yaml

I have a k3s cluster with calico pods calico-node-xxx & calico-kube-controllers-xxx running in kube-system namespace. I am using calico.yaml config in my project. Now, I want these images in calico.yaml to be pulled from my ACR repo instead of…
Thor
  • 305
  • 1
  • 2
  • 11
0
votes
1 answer

Temporary failure in name resolution for pod running on kubeadm worker node

I run Kafka inside Kubernetes cluster on VMWare with a ControlPlane and one worker node. From the ControlPlane node my client can communicate with Kafka, but from my worker node this ends up in this error …
Oana
  • 537
  • 5
  • 11
0
votes
1 answer

Is there anyway I can read the configured vxlan VNI and vxlan port for calico CNI plugin in Kubernetes Cluster?

I have a Kubernetes cluster with Calico Networking and vxlan mode enabled. I want to know what is the VNI and vxlan port number being used by the CNI. I know I can get it by capturing traffic and looking into the packet. But I wanted to know if…
Ahamed
  • 1
  • 1
0
votes
0 answers

Windows pods unable to resolve DNS and/or communicate with Linux Pods within K8s cluster

I've been encountering few major issues with my K8s cluster: Windows pods running on my Windows nodes are unable to communicate (internally within the cluster) with my linux pods or services. BUT my Linux pods are able to communicate with my…
wtfacoconut
  • 334
  • 1
  • 8
0
votes
1 answer

AKS Inter communication between Pods not working

Recently I have created private AKS via Terraform, every thing went OK, how is it possible that two pods within the same namespace are unable to communicate with each other? AKS version= 1.19.11 coredns:1.6.6 # kubectl get svc NAME TYPE …
Satyam Pandey
  • 593
  • 2
  • 10
  • 32
0
votes
0 answers

K8s cluster blocks udp traffic reach to upstream server when source IP getting changed(to support source ip preservation)

As soon as I add the ‘use_orginal_src_ip’ configuration in envoy proxy to preserve the source IP, the upstream server stops receiving traffic. Setup details: network device outside k8s cluster -> envoy proxy(k8s pod) -> upstream service(k8s…
Rajen Patel
  • 49
  • 1
  • 9
0
votes
0 answers

Kubernetes: CoreDNS does not resolve my domain

I have two kubernetes pods running via Docker Desktop like below When My Application goes to resolve https://auth.local.bindumoney.com then I got following error log at CoreDNS [ERROR] plugin/errors: 2 auth.local.bindumoney.com. A: read udp…
Hasanuzzaman
  • 1,822
  • 5
  • 36
  • 54
0
votes
1 answer

Calico CNI in eks and StateFulSets

I started using Calico CNI v3.20.0 on eks cluster. I installed it using the following kubectl apply -f https://docs.projectcalico.org/manifests/calico-vxlan.yaml All looks good except pods that are part of statefulset can't seem to resolve DNS…
jack
  • 21
  • 3
0
votes
1 answer

Deleting Iptables -S of calico

I am trying to delete all calico related Iptables using calico-script . After running this script most of the calico iptables is removed except these: root@Ubuntu-18-VM:~# iptables -S | grep -oP '(?
solveit
  • 869
  • 2
  • 12
  • 32
0
votes
1 answer

Find out GKE Calico policy?

I have GKE cluster running with Version - 1.19.9-gke.1900 and trying to find out what type of Calcio policy is being used? I read through articles, calico provides different policy and below are the one's. VPC Native Calico with host-local…
Surendar
  • 45
  • 1
  • 6
0
votes
2 answers

How to delete calicoctl and iptables (created by calico installation) from my k3s

I have a K3s setup with calico pods [calico-node- & calico-kube-controllers-] running. On uninstalling K3s, calico pods get deleted but I see that calicoctl and iptables -S commands still running and shows data. I want to delete calico (including…
solveit
  • 869
  • 2
  • 12
  • 32
0
votes
1 answer

Network policy not working with daemonset pods

Is a network policy applicable to pods of a daemonset? I have a default deny network policy for all ingress and egress for all pods. However, it does not seem to seem to be applied for pods belonging to the daemonset. apiVersion:…
Parvathy Mohan
  • 89
  • 11
0
votes
1 answer

DNSSelector support in Kubernetes Network policy

I am trying to implement Kubernetes Network policy in my application on the basis of domain name to control the Egress and Ingress calls to the pod. I found DNSSelector but it seems from there last comment that this feature is not implemented in…
solveit
  • 869
  • 2
  • 12
  • 32
1 2 3
13 14