Stack Overflow
Stack Overflow

Questions tagged [project-calico]

Project Calico aims to simplify, scale, and secure cloud networks.

Per the project website, Project Calico aims to be:

Simple

Let's remove the complexity

Traditional SDNs are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified networking model designed for the demands of today's cloud-native applications.

Scalable

From dev/test to enterprise deployment

Unlike SDNs that require a central controller, limiting scalability, Calico is built on a fully distributed, scale-out architecture. So it scales smoothly from a single developer laptop to large enterprise deployments.

Secure

Policy-based micro-segmentation

Defining secure network policy used to be reserved for skilled network engineers. Calico's powerful micro-segmentation capabilities build on a simple policy language that naturally expresses the developer's intent.

171 questions
1
vote
1 answer

I can't access the pod which scheduled to the another node. But i can access the pod which scheduled to the current node

I can't access the pod which scheduled to the another node. But i can access the pod which scheduled to the current node, vice versa, when I on the another node, I only can access the pod which scheduled on current node, And can't access the pod…
Esc
  • 521
  • 13
  • 30
1
vote
0 answers

Relationship between cali*(veth) and flannel.1(vxlan) in Canal CNI

I'm using Canal as the CNI for my Kubernetes cluster. In worker nodes, using ip addr I can see veth interface like cali*. I know this interface will communicate with flannel.1 # ip addr 18: flannel.1: mtu 1450 qdisc…
biao
  • 311
  • 3
  • 10
1
vote
1 answer

Kubernetes NetworkPlugin cni failed to set up pod

regarding to below logs which I used describe pod, my pods stuck in pending state due to “FailedCreatePodSandBox” there is some key note: -I use calico as CNI. -this log repeat multple time, I just past here this one as sample. -the ip…
alireza71
  • 339
  • 1
  • 3
  • 14
1
vote
2 answers

what are the Kubernetes modules directly communicating with etcd

I was trying to understand how exactly the kubernetes modules interacts with etcd. I understand kubernetes modules by themselves are stateless and they keep the states in etcd. But I am confused when it comes to how modules are interacting with…
joe
  • 1,136
  • 9
  • 17
1
vote
1 answer

How kubernetes decides which network plugin to call for IPAM?

I am trying to understand how kubernetes knows whom to call to get IP address to the pod? Is it mentioned in the ConfigMap? Can you share any pointers to learn more on this?
Bharath Thiruveedula
  • 391
  • 1
  • 4
  • 14
1
vote
1 answer

Kubernetes Services reachable only on POD's host

I have a 3-nodes bare metal cluster installed with KUBEADM (buildt with intel NUC running CentOS 7). The master node is provided with 2 different network interfaces, one for external access and the second is configured to be the DHCP server of the…
luke035
  • 342
  • 2
  • 17
1
vote
0 answers

debugging istio Content-based routing

I am getting to know Istio through bookinfo sample app. At this point, I am testing the Content-based routing and as part of the debugging process I have to use a curl command on the Istio-ingress pod but it's not there (which is weird because…
mariam triki
  • 23
  • 5
1
vote
0 answers

How to set different (from defaults) mask in cluster-cidr in Kubernetes?

I've deployed a Kubernetes 1.10.4 Cluster ( 3 Masters, 2 Workers ) using Kubespray deployment tool ( with kubeadm experimental feature flag enabled ). By the way I'm using Canal as 'kube_network_plugin'. My costumer have some networking constraints.…
Pedro Lopes
  • 11
  • 1
1
vote
2 answers

kubernetes HA cluster masters nodes not ready

I have deployed a kubernetes HA cluster using the next config.yaml: etcd: endpoints: - "http://172.16.8.236:2379" - "http://172.16.8.237:2379" - "http://172.16.8.238:2379" networking: podSubnet: "192.168.0.0/16" apiServerExtraArgs: …
Asier Gomez
  • 6,034
  • 18
  • 52
  • 105
1
vote
0 answers

Kubernetes kube-dns Pause container in crashloop with Error adding network: failed to Statfs \"/proc/54226/ns/net\":

I have a Kubernetes onebox deployment with the following (containerized) components, all running as --net=host, with kubelet running as a privileged Docker container with the kubernetes flag --allow-privileged set to…
efkh
  • 11
  • 2
1
vote
1 answer

Cannot update Calico CNI config on Kubernetes cluster

I discovered that, until a few months ago, the "hostPort" configuration for Pods was not going to work with CNI based integrations. This meant that, for any Kubernetes cluster using Calico, it was not possible to directly expose a Pod's port…
Emanuele Casadio
  • 585
  • 5
  • 13
1
vote
3 answers

Accessing kubernetes pod directly from a machine in the same network

I have 4 servers on the same network; 10.0.0.10: Kubernetes master 10.0.0.11: Kubernetes node 1 10.0.0.12: Kubernetes node 2 10.0.0.20: Normal ubuntu server (kubernetes not installed) I set up a kubernetes cluster following the instruction in…
Hiro
  • 11
  • 1
  • 4
1
vote
0 answers

Spark's Ability to co-exist with CNI on mesos

With Spark-18232 allowing for CNI network names to be supplied for the executor, I am having issues getting the executor to work either with or without dynamic allocation of executors. I keep getting the following stack trace below. I am using…
John Leach
  • 518
  • 1
  • 3
  • 9
1
vote
2 answers

Best Practise to expose service in kubernetes using Calico

Having set up a kubernetes cluster with calico for the one-ip-per-pod networking, I'm wondering what the best practise is to expose services to the outside world. IMHO I got two options here, BGP'ing the internal pod IP's (172...) to an edge…
Meiko Watu
  • 451
  • 1
  • 4
  • 11
1
vote
0 answers

Checking container connectivity with ping in a Calico network of Docker containers

While checking the connectivity of Docker container in Calico VPN an error occurs. Here's the command and error snapshot: root@ubuntu12# docker exec Container1 ping -c 4 www.google.com rpc error: code = 2 desc = "oci runtime error: exec failed:…
Arpit Yadav
  • 11
  • 2
1 2 3
11 12