Questions tagged [project-calico]

Project Calico aims to simplify, scale, and secure cloud networks.

Per the project website, Project Calico aims to be:

Simple

Let's remove the complexity

Traditional SDNs are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified networking model designed for the demands of today's cloud-native applications.

Scalable

From dev/test to enterprise deployment

Unlike SDNs that require a central controller, limiting scalability, Calico is built on a fully distributed, scale-out architecture. So it scales smoothly from a single developer laptop to large enterprise deployments.

Secure

Policy-based micro-segmentation

Defining secure network policy used to be reserved for skilled network engineers. Calico's powerful micro-segmentation capabilities build on a simple policy language that naturally expresses the developer's intent.

171 questions

vote

2 answers

Calico prints "Hit error connecting to datastore: connection refused"

I created a cluster on an Ubuntu server using this command: > kubeadm init --cri-socket /var/run/dockershim.sock --control-plane-endpoint servername.local --apiserver-cert-extra-sans servername.local I added Calico like this: > curl…

networking kubernetes project-calico

asked Jan 05 '21 at 16:42

acl

vote

0 answers

How to troubleshot: Kubernetes pods not creating or terminating

I am new at K8s so I am having troubles getting to the button of the issue. Last week I installed a cluster with 1 master 2 nodes in centos with kubeadm: kubectl get nodes NAME STATUS ROLES AGE …

kubernetes devops kubernetes-helm project-calico

asked Dec 19 '20 at 15:10

Leandro De Mestico

vote

1 answer

Calico GlobalNetworkPolicy exclusion not working

Recently started with Calico network policies on a AKS cluster. The plan is to block all traffic for new namespaces with the exception of traffic destined for the coredeDNS pod labeled "kube-dns". The policy should not be applied to the namespaces:…

azure azure-aks project-calico kubernetes-networkpolicy

asked Nov 25 '20 at 11:03

marc veen

vote

2 answers

accessing Kubernetes from remote hosts

I'm pretty sure I have something misconfigured or missing something. my home network is 10.11.0.0/16 I setup a kubernetes instance with sudo kubeadm init --pod-network-cidr=10.166.0.0/16 Then I installed calico…

kubernetes debian project-calico metallb

asked Oct 31 '20 at 06:57

phomlish

vote

1 answer

Calico works well in my k8s, but I can't Ping clusterip on the node

I installed calico according to the steps on the official website, and it can run normally, and there is no error reported in the log. However, when I Ping the clusterip, the Ping fails, and there is no error in the pod log, so I can't locate the…

kubernetes project-calico calico cni

asked Oct 19 '20 at 08:11

Esc

vote

1 answer

how to deny egress to all namespaces, and allow ingress from some namespaces in kubernetes using network policies

Context: I am using EKS with calico plugin for network policies, and a managed node group. I have a namespace called "simon-test" in which I want to deny all egress from the namespace to others (so pods in simon-test will not be able to see other…

kubernetes project-calico kubernetes-networkpolicy kubernetes-networking

asked Oct 05 '20 at 08:51

Simon Ernesto Cardenas Zarate

2,636
1
28
42

vote

0 answers

Does kubernetes use calico plugin support network policy or not when kube-proxy use ipvs mode?

Does kubernetes use calico plugin support network policy or not when kube-proxy use ipvs mode? Kubernetes+calico+kube-proxy(iptables mode) support network policy function.But I do not know whether it takes effect when kube-proxy uses ipvs(nat) mode…

kubernetes project-calico

asked Aug 05 '20 at 02:02

mayidewenhen

vote

2 answers

Coredns in Crashloopbackoff state with calico network

I have a ubuntu 16.04 running in virtual box. I installed Kubernetes on it as a single node using kubeadm. But coredns pods are in Crashloopbackoff state. All other pods are running. Single interface(enp0s3) - Bridge Network Applied calico…

kubernetes project-calico coredns

asked Jul 27 '20 at 16:32

Nitish Goel

vote

1 answer

NetworkPolicy: Allow all ports except specific one

Here is the sample NetworkPolicy which allows connection to pods that have a label hello and allow port connection on 53 TCP and UDP and block all ports. How I can make this to allow all ports and block 53 TCP and UDP (egress). kind:…

kubernetes project-calico kubernetes-networkpolicy

asked Jul 14 '20 at 16:30

Vikas Rathore

8,242
8
35
54

vote

1 answer

how to explain couple of points on Kubernetes Calico Networking routing table?

Below is the output from ip route command in one of the worker nodes of Kubernetes cluster (aws based): $ip route default via 10.6.16.1 dev eth0 10.6.16.0/21 dev eth0 proto kernel scope link src 10.6.22.111 111.97.95.0/26 via 10.6.145.224 dev…

kubernetes project-calico kubernetes-networking

asked Jul 07 '20 at 16:34

Viji

vote

1 answer

kubernetes networking: pod cannot reach nodes

I have kubernetes cluster with 3 masters and 7 workers. I use Calico as cni. When I deploy Calico, the calico-kube-controllers-xxx fails because it cannot reach 10.96.0.1:443. 2020-06-23 13:05:28.737 [INFO][1] main.go 88: Loaded configuration from…

linux kubernetes project-calico

asked Jun 23 '20 at 13:22

fsilletti

vote

1 answer

Kubernetes on mixed os Linux and windows with Calico opensource

I came across an article which States that we can have mixed os in cluster. Article talk about having flannel as networking plugin but i want to use Calico opensource plugin instead as it provides encryption. Any idea if this is possible using…

linux windows kubernetes project-calico

asked May 12 '20 at 23:23

Shrijan Tiwari

vote

1 answer

Why is my GKE cluster upscaling when I create a namespace?

I'm observing a strange behaviour of a newly created cluster in GKE. Just after creating it, there is one node. When I create my first namespace, it autoscales up to 2 nodes, although the resources on the first node are still very low. What could be…

google-kubernetes-engine project-calico

asked May 07 '20 at 14:53

Alain B.

vote

1 answer

GKE update calico-node-vertical-autoscaler image version

I am using GKE cluster with master version 1.15.9-gke.24 and linkerd2 as proxy for my gRPC services. From my cluster I saw calico node vertical autoscaler pod is in CrashLoopBackOff state. From log I see following $ kubectl logs -f…

kubernetes google-kubernetes-engine project-calico linkerd

asked May 03 '20 at 10:48

hoque

5,735
1
19
29

vote

1 answer

switching kubernetes CNI from weave to calico

i installed a kubeadm v1.17 cluster with weave initially. I would like to switch it over to use calico. However, as i originally did not install the cluster with kubeadm init --pod-network-cidr=192.168.0.0/16 as per the docs, but with a…

kubernetes weave project-calico

asked Feb 28 '20 at 00:59

yee379

6,498
10
56
101

Prev 1 2 3

…

11 12 Next