Stack Overflow
Stack Overflow

Questions tagged [calico]

Project Calico is an open-source networking and security solution for Kubernetes. Use this tag to mark questions related to the project.

Project Calico

Project Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

207 questions
1
vote
1 answer

Create HostEndpoint resouce using calico operator

Is it possible to create resource: apiVersion: projectcalico.org/v3 kind: HostEndpoint using calico operator? I want to get rid of calicoctl.
Jonas
  • 4,683
  • 4
  • 45
  • 81
1
vote
1 answer

Kubernetes: How does CNI take advantage of BPG?

When learning the Kubernetes CNI, I heard some plugins are using the BGP or VXLAN under the hood. On the internet, border gateway protocol (BGP) manages how packets are routed between edge routers. Autonomous systems (AS) are network routers managed…
Ryan Lyu
  • 4,180
  • 5
  • 35
  • 51
1
vote
1 answer

Calico Cloud - Egress domain network policy issue

I am trying to configure egress traffic using domains via Calico Cloud. I am aware that DNS feature is possible with paid Calico Enterprise or Calico Cloud as mentioned here. I am using calico cloud trial. I am able to access Egress traffic using…
PjoterS
  • 12,841
  • 1
  • 22
  • 54
1
vote
2 answers

Protect Kubernetes hosts

I have a kubernetes cluster with calico. I want to prevent routing through external interfaces to reach the internal clusterIPs of the cluster. I am planning to use this. For which interfaces should the hostendpoint be defined? Is it only the…
Parvathy Mohan
  • 89
  • 11
1
vote
1 answer

Allow only in-cluster ingress for calico network policy

I want to create a globalnetworkpolicy for an interface. I am using Calico HostendPoint for the interface and defining globalnetworkpolicy for the hostendpoint. I would like to create a globalnetworkpolicy that allows only ingress from within the…
Parvathy Mohan
  • 89
  • 11
1
vote
2 answers

Is it possible to change the CNI plugin to Calico in GKE?

It seems like EKS (AWS) has the support for some CNIs here but we couldn't find any similar doc for GKE (GCP) is it possible to change the CNI plugins of GKE clusters? Can I change the CNI of our GKE v1.18.x cluster to Calico with IP-in-IP…
Oli
  • 651
  • 8
  • 17
1
vote
1 answer

DNS Resolution Failure on Kubernetes/Calico with MySQL setup

Ive hit a wall I'm hoping the SO community can advise on where to go next. I've set up a 6 node kubernetes cluster with calico as the networking service. I've only got two pods, the dns debugging pods from kubernetes and a mysql pod. Well and the…
The Kaese
  • 419
  • 5
  • 15
1
vote
1 answer

calico network dependency on killall.sh in k3s

I have a k3s cluster that have system pods with calico policy applied: kube-system pod/calico-node-xxxx kube-system pod/calico-kube-controllers-xxxxxx kube-system pod/metrics-server-xxxxx kube-system …
solveit
  • 869
  • 2
  • 12
  • 32
1
vote
1 answer

How can I change config of istiod deployment using istio-operator?

I am setting up istio controlplane using istio-operator on an EKS cluster with calico CNI. After installing istio on the cluster, I got to know that new pods are not coming up and the reason I got after googling is given below: Istio Installation…
Ankit Arora
  • 155
  • 1
  • 2
  • 8
1
vote
1 answer

K8s pods running in diffrent node can't communicate with each other

I have k8s cluster with two node, master and worker node, installed Calico. I initialized cluster and installed calico with following commands # Initialize cluster kubeadm init --apiserver-advertise-address=
I_dont_know
  • 21
  • 5
1
vote
2 answers

does calico also run in ipvs mode when kube proxy is runing in ipvs mode

I understood kube-proxy can run in iptables or ipvs mode. Also, calico sets up iptables rules. But does calico iptables rules are only installed when kube proxy is running in iptables mode OR these iptables rules are installed irrespective to…
Amit
  • 141
  • 6
1
vote
2 answers

Kubernetes calico-node issue - running 0/1

Hi I have two virtual machine in a local server with ubuntu 20.04 and i want to build a small cluster for my microservices. I ran the following step to setup my cluster but I got issue with calico-nodes. They are running with…
ki_ha1984
  • 31
  • 1
  • 4
1
vote
1 answer

EKS Block specific external IP from viewing nginx application

I have an EKS cluster with an nginx deployment on namespace gitlab-managed-apps. Exposing the application to the public from ALB ingress. I'm trying to block a specific Public IP (ex: x.x.x.x/32) from accessing the webpage. I tried Calico and K8s…
Sinethra Seneviratne
  • 25
  • 6
1
vote
1 answer

Pods can't connect to kube dns

I followed the next guide https://computingforgeeks.com/deploy-kubernetes-cluster-on-ubuntu-with-kubeadm/ in BareMetal Ubuntu 20.04 with 2 nodes. I chose Docker as my Container Runtime and started the cluster with sudo kubeadm init…
Ernesto Solano
  • 71
  • 1
  • 7
1
vote
0 answers

Kubernetes masters and nodes in different subnets

We want to setup a Kubernetes cluster with 3 masters inside sddc isolated cloud and the worker nodes inside the private network. The connection from private network to the cloud is implemented by Load Balance and all required ports to Kubernetes…
Victor
  • 11
  • 1
1 2 3
13 14