Stack Overflow
Stack Overflow

Questions tagged [project-calico]

Project Calico aims to simplify, scale, and secure cloud networks.

Per the project website, Project Calico aims to be:

Simple

Let's remove the complexity

Traditional SDNs are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified networking model designed for the demands of today's cloud-native applications.

Scalable

From dev/test to enterprise deployment

Unlike SDNs that require a central controller, limiting scalability, Calico is built on a fully distributed, scale-out architecture. So it scales smoothly from a single developer laptop to large enterprise deployments.

Secure

Policy-based micro-segmentation

Defining secure network policy used to be reserved for skilled network engineers. Calico's powerful micro-segmentation capabilities build on a simple policy language that naturally expresses the developer's intent.

171 questions
2
votes
1 answer

pod routes don't match IP

I'm using Kubernetes 1.5.2 in CoreOS 1235.6.0 on bare metal, with calico v1.0.2 for the overlay network. Containers are getting correct IP addresses, but their routes don't match: / # ip addr show 1: lo: mtu 65536 qdisc…
Chris Jones
  • 4,815
  • 6
  • 34
  • 28
2
votes
2 answers

How to fix calico.yaml for kubernetes cluster?

Trying several options to resolve the issue with weave-net (How to fix weave-net CrashLoopBackOff for the second node?), I have decided to try calico instead of weave-net. The documentation for kubernetes tells I need only one or another. The…
Andrew
  • 2,055
  • 2
  • 20
  • 27
2
votes
1 answer

starting calicoctl container on coreos

I have CoreOS beta (1153.4.0) I'm trying to run calicoctl to check if my calico networking is properly configured. so I'm trying to run a calicoctl rkt container with the command rkt run quay.io/calico/ctl and I get the output image: using image…
ufk
  • 30,912
  • 70
  • 235
  • 386
1
vote
1 answer

Calico Cloud - Egress domain network policy issue

I am trying to configure egress traffic using domains via Calico Cloud. I am aware that DNS feature is possible with paid Calico Enterprise or Calico Cloud as mentioned here. I am using calico cloud trial. I am able to access Egress traffic using…
PjoterS
  • 12,841
  • 1
  • 22
  • 54
1
vote
2 answers

Protect Kubernetes hosts

I have a kubernetes cluster with calico. I want to prevent routing through external interfaces to reach the internal clusterIPs of the cluster. I am planning to use this. For which interfaces should the hostendpoint be defined? Is it only the…
Parvathy Mohan
  • 89
  • 11
1
vote
1 answer

calico network dependency on killall.sh in k3s

I have a k3s cluster that have system pods with calico policy applied: kube-system pod/calico-node-xxxx kube-system pod/calico-kube-controllers-xxxxxx kube-system pod/metrics-server-xxxxx kube-system …
solveit
  • 869
  • 2
  • 12
  • 32
1
vote
1 answer

Kubernetes Egress call restrict with namespace

I have application running in K3s and want to implement network policy based on namespace only. Let's assume that currently I have three namespace A, B and C. I want to allow egress (external call to internet from pod) for namespace-A and remaining…
solveit
  • 869
  • 2
  • 12
  • 32
1
vote
1 answer

EKS Block specific external IP from viewing nginx application

I have an EKS cluster with an nginx deployment on namespace gitlab-managed-apps. Exposing the application to the public from ALB ingress. I'm trying to block a specific Public IP (ex: x.x.x.x/32) from accessing the webpage. I tried Calico and K8s…
Sinethra Seneviratne
  • 25
  • 6
1
vote
1 answer

Static ip adress for kubernetes pods with calico cni

I'm currently using 10.222.0.0/16 network for my pods on a single node cluster test environment. When I reboot the machine or redeploy pods they get the first ip address which has not been used previously. I want to prevent this from happening by…
Nyquillus
  • 179
  • 1
  • 5
  • 23
1
vote
1 answer

Why can't I reach a pod in another namespace using the format http://..pod.cluster.local?

I created a namespace and a pod in it like this: # Create the namespace kubectl create namespace one # Create the pod (NOTE - Without a service) kubectl run rest -n one --image nginx --labels app=rest --expose --port 80 I then created a second…
Don Rhummy
  • 24,730
  • 42
  • 175
  • 330
1
vote
1 answer

Pods can't ping each other in a kubernetes cluster spawned over nodes from two different subnets

I am trying to bring up an on-prem k8 cluster using kubespray with 3 master and 5 worker nodes. The node IPs are from 2 different subnets. Ansible inventory: hosts: saba-k8-vm-m1: ansible_host: 192.168.100.1 ip: 192.168.100.1 access_ip:…
Raji
  • 115
  • 7
1
vote
2 answers

Kubernetes - calico IP_AUTODETECTION_METHOD impossible to set

I want to force the interface, setting the IP_AUTODETECTION_METHOD: $ kubectl set env daemonset/calico-node -n calico-system IP_AUTODETECTION_METHOD=interface=ens192 daemonset.apps/calico-node env updated But nothing happens: $ kubectl set env…
Ivan
  • 11
  • 1
  • 3
1
vote
0 answers

K8s DNS resolutions not working for all pods

I currently have a k8s cluster setup on my Ubuntu machine using kubeadm. For the CNI, I am using calico. I am debugging the following DNS issue (I've seen numerous posts for this): [ERROR] plugin/errors: 2 kubernetes.default. A: read udp…
stoneman
  • 25
  • 5
1
vote
2 answers

route missed in kubernetes with calico

I am installing k8s with calico on centos8, everything looks well but I couldn't ping each other between pods. I am using k8s as DATASTORE of calico, the deployment file is in calico.yaml I don't know why there are some route missed, any suggestions…
Hundred
  • 21
  • 4
1
vote
1 answer

Kubernets PODs running on different host, not able to establish TCP connection

I have Kubernets 1.20.1 cluster with single master and single worker configured with ipvs mode. Using calico CNI calico/cni:v3.16.1. Cluster running on OS RHEL 8 kernel 4.18.0-240.10 with firewalld and selinux disabled. Running one netshoot pod…
sfgroups
  • 18,151
  • 28
  • 132
  • 204
1 2 3
11 12