Stack Overflow
Stack Overflow

Questions tagged [calico]

Project Calico is an open-source networking and security solution for Kubernetes. Use this tag to mark questions related to the project.

Project Calico

Project Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

207 questions
0
votes
0 answers

no matches for kind "CalicoAPIConfig" in version "projectcalico.org/v3

My calico is configured to be associated with etcd, so I create a configfile to configure the etcd's ca certificate, certs and key, but when I apply the config file, notes me that didn't have this kind. This file is the template I copied from the…
Esc
  • 521
  • 13
  • 30
0
votes
0 answers

What starts the apiserver and CNI containers in Kubernetes cluster?

I have a one-node cluster deployed with kubespray. I tried 2.14 - the same thing. The cluster successfully starts after deployment, and works for a long time. When I restart the machine all the docker container (apiserver, scheduler, cni, calico,…
Yuki
  • 3,857
  • 5
  • 25
  • 43
0
votes
1 answer

k8s - pod can ping external ip, but cannot wget?

Running a clean install of microk8s 1.19 on Fedora 32, I am able to ping an external IP address, but when I try to wget, I get "no route to host" (this is the output of commands run from a busybox pod): / # wget x.x.x.x Connecting to x.x.x.x…
JDS
  • 153
  • 9
0
votes
1 answer

calico unable to ping other PODs created using calico network

I setup to stateful pods running on 2 different worker node and I am unable to ping the pods. Following is the pool file: apiVersion: projectcalico.org/v3 kind: IPPool metadata: name: rack.ippool-1 spec: cidr: 192.168.16.0/24 blockSize: 24 …
drifter
  • 389
  • 1
  • 5
  • 17
0
votes
1 answer

Kubernetes pods cannot access HTTPS sites

Just installed Kubernetes cluster using kubespray. 3 master nodes and 3 worker nodes + 2 haproxy nodes in front of master nodes with keepalived. Everything works perfectly except for one thing. When I try to update packages on alpine or ubuntu…
Blz
  • 193
  • 1
  • 2
  • 6
0
votes
0 answers

Kubernetes Pod Oubound Traffic DNAT rule

We run K8S cluster in private network behind firewall with nasty reverse NAT rules that prevent our hosts to connect to themselves over public IPs. Problem From inside a pod I need to connect to the service that is resolved to public IP 203.X.X.X…
Anton Andrushchenko
  • 11
  • 1
0
votes
0 answers

It has different defaultgateway between masters and workers

I have installed K8s cluster with master1 and worker1 They has each different default gateway. It could communicate between pods on same node. It couldn't communicate between pods on master and pods on worker. I configured calico overlay between…
canerbis
  • 21
  • 1
0
votes
0 answers

How can http call details on CNI layer of Kubernetes can be fetch?

I need to fetch http call details on CNI layer of Kubernetes. I am using calico plugin to manage network policies.
charmi zala
  • 113
  • 1
  • 2
  • 12
0
votes
0 answers

Set pod IP using Minikube (k8s) + Calico Plugin

I'm doing some tests with minikube + calico plugin to see if I can set the pod IP on pod creation. I've open the minikube proxy and sent: { "apiVersion": "v1", "kind": "Pod", "metadata": { "name": "pod2", "annotations":…
AFMeirelles
  • 409
  • 3
  • 8
  • 25
0
votes
2 answers

Kubernetes cluster on bare metal by kubeadm

I'm trying to create a single control-plane cluster with kubeadm on 3 bare metal nodes (1 master and 2 workers) running on Debian 10 with Docker as a container runtime. Each node has an external IP and internal IP. I want to configure a cluster on…
fish
  • 27
  • 1
  • 2
0
votes
0 answers

Kubernetes service can't connect to external services or internet

My ASP.NET Core Api webapplications can't connect to any server outside the cluster. Even access to the internet seems to be blocked. This problem only occurs when the my application is hosted in my on-premis Ubuntu cluster. When running in the…
Marcel Beeker
  • 163
  • 1
  • 13
0
votes
1 answer

Kubernetes + calico + replicaSet

So I found myself in a pretty sticky situation. I'm trying to create a simple replicaSet, but unfortunately I ran into some problems with the calico. I have 2 VM running on OracleVM. I have them configured to use enp0s8 interface. The IP of the…
minihulk22
  • 149
  • 3
  • 14
0
votes
2 answers

Kubernetes Ingress network policy working as expected, egress is blocking all traffic

I have installed Calico on EKS from here. I have two namespaces, foo and bar, both labeled with a label 'purpose', and containing one app pod each. When I import the following Ingress-only policy into the foo namespace, it works exactly as expected;…
GDev
  • 428
  • 1
  • 5
  • 14
0
votes
2 answers

Kubelet Master stays in KubeletNotReady because of cni missing

Kubelet has been initialized with pod network for Calico : sudo kubeadm init --pod-network-cidr=192.168.0.0/16 --image-repository=someserver Then i get calico.yaml v3.11 and applied it : sudo kubectl --kubeconfig="/etc/kubernetes/admin.conf" apply…
Albz
  • 41
  • 1
  • 5
0
votes
0 answers

kubernetes internal network monitoring without any sidecar

I have k8s cluster with 1000 of services and high internal network communication. I want to monitor all HTTP requests (status code, response time, ...) between them. I already tried istio and Linkerd but both need sidecar containers and cause…
sadegh
  • 153
  • 2
  • 14
1 2 3
13 14