Stack Overflow
Stack Overflow

Questions tagged [project-calico]

Project Calico aims to simplify, scale, and secure cloud networks.

Per the project website, Project Calico aims to be:

Simple

Let's remove the complexity

Traditional SDNs are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified networking model designed for the demands of today's cloud-native applications.

Scalable

From dev/test to enterprise deployment

Unlike SDNs that require a central controller, limiting scalability, Calico is built on a fully distributed, scale-out architecture. So it scales smoothly from a single developer laptop to large enterprise deployments.

Secure

Policy-based micro-segmentation

Defining secure network policy used to be reserved for skilled network engineers. Calico's powerful micro-segmentation capabilities build on a simple policy language that naturally expresses the developer's intent.

171 questions
4
votes
1 answer

Use Calico for policy and networking on AWS EKS?

AWS EKS makes use of their own CNI plugin and there are docs that allow you to install Calico for managing policy. For a number of reasons, I'd like to have Calico manage networking as well. Based on the installation instructions I can't seem to…
Valdis R
  • 2,095
  • 1
  • 18
  • 36
4
votes
2 answers

Logging for Kubernetes Calico NetworkPolicy?

I am new to Kubernetes NetworkPolicy and the Network plugin calico. I have successfully implemented calico in my Kubernetes cluster: [root@node1 ~]# kubectl get po --all-namespaces -o wide | grep calico kube-system …
user4889345
4
votes
2 answers

etcd error when trying to start service rejected send message

I am using ubuntu 14.04 and Im configuring etcd for use with calico, but the service does not work. This is my etcd.conf file: # vim:set ft=upstart ts=2 et: description "etcd" author "etcd maintainers" start on stopped rc RUNLEVEL=[2345] stop on…
Asier Gomez
  • 6,034
  • 18
  • 52
  • 105
3
votes
1 answer

Calico - nf_conntrack_proto_sctp

I noticed this error in the calico log. calico-node [INFO][2355687] felix/int_dataplane.go 1660: attempted to modprobe nf_conntrack_proto_sctp error=exit status 1 output="" It attempts to turn on the nf_conntrack_proto_sctp kernel module, but the…
Tomáš Starý
  • 31
  • 2
3
votes
1 answer

"Calico CNI - calico-kube-controllers Failed to initialize Calico data store" error

I am running Calico CNI v3.19.1 on Kubernetes version v1.19.13. using CentOS Steam 8 and RHEL 8 OS for this cluster with 3 master and 3 nodes. when calico-kube-controller starts on the worker node. Its failing with [FATAL][1] main.go 118: Failed to…
sfgroups
  • 18,151
  • 28
  • 132
  • 204
3
votes
2 answers

Project Calico: Priority between "global policy" and "network policy"

I am testing Project Calico on a small Kubernetes cluster and I try to figure out which one between "global policy" and "network policy" will be applied to the data stream first. What I understand: the data path with Calico is that the pod's host…
adbkp
  • 31
  • 1
  • 2
3
votes
1 answer

Unable to setup Calico on Kubernetes

Trying to set up Calico on-premises Kubernetes cluster. Initializing cluster kubeadm init --pod-network-cidr=192.168.0.0/16 Using https://docs.projectcalico.org/manifests/calico.yaml manifest. ~# calicoctl node status Calico process is…
Jonas
  • 4,683
  • 4
  • 45
  • 81
3
votes
1 answer

calico network connectivity failing between pods and services and pods in different hosts

I have implemented a multi master HA kubernetes cluster and wanted to implement the Calico the hardway as described in here. I was able complete all the steps and my connectivity is not there between the pods and services and pods and other pods in…
Aruna Fernando
  • 101
  • 7
3
votes
1 answer

Calico pod doesn't schedule on newly added worker node

I ran into this issue earlier whereby I already have a working cluster with one master node and one worker node including the Calico CNI installed. I wanted to have another worker node, so what I did was; I cloned the existing worker node, change…
Joe S
  • 83
  • 1
  • 1
  • 11
3
votes
4 answers

Kubernetes - Calico-Nodes 0/1 Ready

We are deploying Jenkins on the K8s env, with 1 master and 4 worker nodes using calico network plugin, the pods are created on the time of Job run in Jenkins, but the issue is hostnames don't resolve, no error logs in Jenkins, on checking the pods,…
Sanjay M. P.
  • 919
  • 1
  • 16
  • 33
3
votes
2 answers

Calico & K8S on Azure - can't access pods

I'm starting with K8S. I installed 2 Debian 10 VMs on Azure (1 master node & 2 slaves). I installed the master node with this doc: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ I installed Calico with this…
tzouintzouin
  • 91
  • 6
3
votes
3 answers

unable to recognize "calico.yaml": no matches for kind "Deployment" in version "apps/v1beta1"

I receive the following error when i try to download calico.yaml files for the pod network unable to recognize "calico.yaml": no matches for kind "Deployment" in version "apps/v1beta1" unable to recognize "calico.yaml": no matches for kind…
parrot_boy
  • 43
  • 1
  • 4
3
votes
4 answers

How does kubernetes pod gets IP instead of container instead of it as CNI plugin works at container level

How does kubernetes pod gets IP instead of container instead of it as CNI plugin works at container level? How all containers of same pod share same network stack?
Bharath Thiruveedula
  • 391
  • 1
  • 4
  • 14
3
votes
0 answers

Network Policy whitelist IP

I'm using Kubernetes on IBM Cloud and I'm trying to create a whitelist policy to be applied to the ingress. I have installed calico to create kubernetes policies https://console.bluemix.net/docs/containers/cs_network_policy.html#network_policies and…
Leonardo Carraro
  • 1,532
  • 1
  • 11
  • 24
3
votes
0 answers

kubernetes windows worker node with calico can not deploy pods

I try to use kubeadm.exe join to join windows worker node but it's not working. Then I try to refer to this document nwoodmsft/SDN/CalicoFelix.md,after this, node status just like this # node status root@ysicing:~# kubectl get node -o wide NAME …
YsiCing
  • 81
  • 1
  • 9
1
2
3
11 12