Stack Overflow
Stack Overflow

Questions tagged [calico]

Project Calico is an open-source networking and security solution for Kubernetes. Use this tag to mark questions related to the project.

Project Calico

Project Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

207 questions
0
votes
2 answers

Starting with Calico network policy in Kubernetes

I have a application running with kubernetes orchestrator. I want to implement calico network policy on the basis of CIDR so that I can control the pod's traffic (incoming and outgoing). I am looking for prerequisite installation (any plugin) and…
solveit
  • 869
  • 2
  • 12
  • 32
0
votes
0 answers

NodeLocal DNSCache with Calico/BPF

We have an EKS cluster with Calico/BPF enabled (no Kube-proxy). Before BPF we used to run NodeLocal DNSCache in our clusters and it worked fine: https://kubernetes.io/docs/tasks/administer-cluster/nodelocaldns/ However, we have issues running it in…
Wookash
  • 1
0
votes
1 answer

Wordpress+Mysql deployment don't get IP address from another pool

My deployment is about Wordpress and MYsql. I already defined a new pool and a new namespace and I was trying to make that my pods get an ip address from this new pool defined but they never get one. My namespace file yaml apiVersion: v1 kind:…
MaryStadhes
  • 3
  • 2
0
votes
1 answer

Q: Rancher + Calico + Ununtu 20.04 bare metal - no access to service network (10.43.0.10)

Looking for a peice of advice on troubleshooting an issue with Rancher + Calico on a bare metal Ubuntu 20.04. Here is the issue. We have few Rancher (2.5.7) clusters built on top of Ubuntu 20.04 running on KVM(Proxmox) VMs. All clusters have similar…
Dmitry Kerov
  • 11
  • 1
0
votes
1 answer

Unable to connect to k8s cluster using master/worker IP

I am trying to install a Kubernetes cluster with one master node and two worker nodes. I acquired 3 VMs for this purpose running on Ubuntu 21.10. In the master node, I installed kubeadm:1.21.4, kubectl:1.21.4, kubelet:1.21.4 and docker-ce:20.4. I…
Abhinav Sharma
  • 27
  • 8
0
votes
2 answers

Kubernetes cluster with firewall enabled on CentOS(calico) not working

I've bringing up Kubernetes cluster with calico as CNI on CentOS 7 with firewall enabled. I've master and worker nodes. I was able to bring up cluster and able to list the nodes and Kubernetes system pods, all are working fine. However I'm unable to…
Karthik Prasad
  • 9,662
  • 10
  • 64
  • 112
0
votes
1 answer

Calico's network policy can't select kubernetes.default service

I'm using google spark-operator and some calico network policies to protect the namespaces. The Spark driver pods need to be able to communicate with the kubernetes service in the default namespace to speak with the api-server. This is what I get…
Doctor
  • 7,115
  • 4
  • 37
  • 55
0
votes
1 answer

Istio Installation successful but not able to deploy POD

I have successfully installed Istio in k8 cluster. Istio version is 1.9.1 Kubernetes CNI plugin used: Calico version 3.18 (Calico POD is up and running) kubectl get pod -A istio-system istio-egressgateway-bd477794-8rnr6 1/1 …
Gowmi
  • 559
  • 2
  • 22
0
votes
1 answer

How do I debug this Kubernetes coreDNS error?

What does this error from my coredns pod log mean and how do I debug it? [ERROR] plugin/errors: 2 2858211404501823821.6843583298703021155. HINFO: read udp 192.168.27.16:47449->67.207.67.3:53: i/o timeout The behavior is odd. A single test pod will…
user3877654
  • 1,045
  • 1
  • 16
  • 40
0
votes
0 answers

Unable to Join Kubernetes Cluster with Windows Worker Node using containerd and Calico CNI

I'm trying to add a Windows Worker Node in the Kubernetes cluster using containerd and Calico CNI. It failed to join the cluster after running the kubeadm join command in Powershell with the following error after: [preflight] Running pre-flight…
user15566847
  • 1
0
votes
0 answers

DNS lookup still getting blocked even when authorized

My rule allowing DNS with Calico's Network Policy isn't working. Using CURL with a DNS is still blocked ! My use case : I want all external networking to be dropped except communication to an S3 service. Allowing ONLY the S3's ip works as everything…
Doctor
  • 7,115
  • 4
  • 37
  • 55
0
votes
0 answers

By using kubectl exec -i calicoctl -- /calicoctl create -f - < file.yaml. able to run in cli getting error in azure devops pipeline

021-03-13T08:42:55.8392238Z ##[section]Starting: kubectl exec 2021-03-13T08:42:55.8405006Z ============================================================================== 2021-03-13T08:42:55.8405352Z Task :…
shabbir1226
  • 1
0
votes
1 answer

Unable to "get" my calico node using calicoctl

I am trying to examine my node to potentially fix my nodes, but the command "get" is failing. the error is Failed to create Calico API client... error parsing document: fields in document are not recognized or are in the wrong location: clusters,…
user3877654
  • 1,045
  • 1
  • 16
  • 40
0
votes
2 answers

Updating kubernetes with kOps causes calico-node to fail with "BIRD is not ready: BGP not established"

Let me preface this by saying this is running on a production cluster, so any 'destructive' solution that will cause downtime will not be an option (unless absolutely necessary). My environment I have a Kubernetes cluster (11 nodes, 3 of which are…
hhaslam11
  • 191
  • 2
  • 7
  • 24
0
votes
2 answers

Kubernetes nodes have unreachable routes

I maintain a Kubernetes cluster. The nodes are in an intranet with 10.0.0.0/8 IPs, and the pod network range is 192.168.0.0/16. The problem is, some of the worker nodes have unreachable routes to pod networks on other nodes, like: 0.0.0.0 …
Moycat
  • 1
  • 2
1 2 3
13 14