Stack Overflow
Stack Overflow

Questions tagged [calico]

Project Calico is an open-source networking and security solution for Kubernetes. Use this tag to mark questions related to the project.

Project Calico

Project Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

207 questions
0
votes
0 answers

What Kubernetes CNI works out of the box?

I cannot get nodes to communicate with one another in a setup with a handful of nodes. My kubernetes setup with CNI configuration is very minimal: I do kubeadm init --pod-network-cidr=192.168.0.0/16 and then I join my other two hosts. I was trying…
Adam Miller
  • 1,756
  • 1
  • 25
  • 44
0
votes
0 answers

Can we use calico network policies and pod security groups in EKS simultaneously?

I am trying to control pod to pod communication in EKS at layer 3/4 of OSI model. I am thinking to choose calico for east-west traffic ( pod to pod communication ) and pod to pod security groups for south-west ( pod to AWS external services ). I…
cloudbud
  • 2,948
  • 5
  • 28
  • 54
0
votes
0 answers

Kubernetes calico use another network interface of the host

The worker nodes in my setup have additional NIC to the default Ethernet interface(s). I would like to use the other interfaces for the network connectivity between the pods using Calico. Ofcourse there are other ways (using multus etc.) to add…
Nav89
  • 53
  • 1
  • 7
0
votes
0 answers

GKE Calico-node VPA -> how configure best? should it be actually disabled?

GKE managed kubernetes 1.22.12-gke.500, calico CNI v3.21.5-gke.1 provided by google and included is calico-node-vertical-autoscaler (cpvpa:v0.8.3-gke.1). https://github.com/kubernetes-sigs/cluster-proportional-vertical-autoscaler/tree/v0.8.3 Default…
siwasaki
  • 263
  • 2
  • 9
0
votes
0 answers

NodePort service only responds in the worker node which pod is running

I am using one master node and two worker nodes with kubeadm and calico as CNI. $ kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready control-plane 3d20h v1.24.3 worker-1 Ready worker …
Ellisein
  • 878
  • 6
  • 17
0
votes
1 answer

calico-kube-controller stays in pending state

I have a new install of kubernetes on Ubuntu-18 using version 1.24.3 with Calico. The calico-controller will not start: $ sudo kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS …
Dean Schulze
  • 9,633
  • 24
  • 100
  • 165
0
votes
1 answer

K8s 'calico' pods not starting: "Failed to create default IPv4 IP pool: 10.244.0.0/16 error=resource does not exist:"

I'm new to Kubernetes, so please bear with me. I deployed K8s on Ubuntu 20.04 and am having issues with the 'kalico' pods and also the coreDNS pods: root@k8s-master:~# kubectl get pods -A NAMESPACE NAME …
SamAndrew81
  • 152
  • 1
  • 10
0
votes
1 answer

EKS + Calico netpol issues (only daemonset?)

I've got the following situation: EKS 1.21 (installed via eksctl) 2 managed node groups (1xspot->currently m type, 1xon_demand->t type) tigera-operator v3.23.1 elasticsearch deployed via elasitc-operator (in logging ns) filebeat running as…
tke
  • 1
  • 1
0
votes
1 answer

Pods on different node not working kubernetes

I hope someone can give me some help about this issue. I'm testing a containerized microservice over a kubernetes cluster made by 2 nodes: Merry -> master (and worker) Pippin -> worker This is my deployment: kind: Deployment metadata: name:…
Matteo Di Nome
  • 59
  • 4
0
votes
1 answer

There are 2 networking component installed on node master, Weave and Calico. how can I completely remove Calico from my kubernetes cluster?

Weave has overlap with host's IP address and its pod stuck in CrashLoopBackOff state. There is a need to remove Calico first as I have no clue about working 2 Networking module on master! emo@master:~$ sudo kubectl get pod -A NAMESPACE NAME …
Mohamad Moradkhani
  • 11
  • 2
0
votes
1 answer

microk8s configuration location (current vs x1)

I have a microk8s installed on a ubuntu EC2 instance. I have kubernetes 1.21 with calico cni installed. These are installed with snap. I am trying to enable dual stack(ipv4 and ipv6) for the kubernetes. This requires changing config of kubernetes…
infinite_loop
  • 131
  • 1
  • 10
0
votes
0 answers

curl request to cluster node port hangs on initializing NSS with certpath

I am attempting to make a local request to the kubernetes cluster that is hosted on my server, the cluster's NodePort is listening at the following address 172.20.120.1:30280. External client in production are required to make requests to…
tiger_groove
  • 956
  • 2
  • 17
  • 46
0
votes
1 answer

How to use node's IP instead of pod IP for egress using IPv6?

I'm using dual-stack Kubernetes (1.23.2 with Calico as CNI). From one of my pods I want to create a connection to another device which is external to the Kubernetes installation. The connection will pass through an (also external) LB /…
Andreas Florath
  • 4,418
  • 22
  • 32
0
votes
1 answer

Kubernetes: MetalLB not load balancing the requests properly

I've setup a kubernetes cluster with LoadBalancer type service using MetalLB and was able to get the external IP working for it. The only issue is that when I access the LB service IP on port 80 from master node, only the pods running on master node…
Bombardy
  • 1
0
votes
1 answer

How to allow trafic from some ip ranges to aks external loadbalancer

I'm trying to allow traffic from only some ip ranges to an loadbalancer in an AKS, so I am trying with calico using a GlobalNetworkPolicy but its not working, what i'm doing wrong? apiVersion: crd.projectcalico.org/v1 kind:…
niva rojas
  • 101
  • 1
  • 10
1 2 3
13 14