Questions tagged [project-calico]

Project Calico aims to simplify, scale, and secure cloud networks.

Per the project website, Project Calico aims to be:

Simple

Let's remove the complexity

Traditional SDNs are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified networking model designed for the demands of today's cloud-native applications.

Scalable

From dev/test to enterprise deployment

Unlike SDNs that require a central controller, limiting scalability, Calico is built on a fully distributed, scale-out architecture. So it scales smoothly from a single developer laptop to large enterprise deployments.

Secure

Policy-based micro-segmentation

Defining secure network policy used to be reserved for skilled network engineers. Calico's powerful micro-segmentation capabilities build on a simple policy language that naturally expresses the developer's intent.

171 questions

votes

0 answers

kubernetes Pod to Host networking is broken when workers have multiple network interfaces

I've setup a kubeadm cluster with calico CNI (v3.25). I have two worker nodes (worker A and worker B) where each node has multiple network cards (4). I launched a podA from workerA and podB from workerB. I am unable to connect from PodA to workerA…

asked Aug 11 '23 at 23:15

SKP

votes

1 answer

external server (not in k8s but in network ) not accessible from inside of service pod (ping, curl tried)

All apiVersion: projectcalico.org/v3 kind: NetworkPolicy metadata: name: allow-egress-external namespace: dev spec: selector: app == 'first-service' types: - Egress egress: - action: Allow destination: nets: …

kubernetes kubectl calico project-calico

asked Jul 27 '23 at 05:54

A.aayush.

votes

0 answers

Patch releases with tigera operator

I have noticed that various calico-related images (like https://hub.docker.com/r/calico/ctl/tags or https://hub.docker.com/r/calico/typha/tags) produce 2 types of tags: Simple version tags, like v3.26.1 Related longer tags like…

project-calico

asked Jul 03 '23 at 13:28

Michal

1,262
1
12
22

votes

1 answer

ArgoCD can't sync application: User "system:serviceaccount:calico-apiserver:calico-apiserver" cannot list resource "bgpfilters"

KinD Cluster with Calico, Tigera operator v3.26.0 ArgoCD - creating new application to sync prometheus-node-exporter Application won't sync, can't delete applications. App conditions show 3x errors, all read: error synchronizing cache state :…

kubernetes argocd project-calico

asked Jul 01 '23 at 20:56

800711

votes

0 answers

Configure service cidr of the cluster with calico policy only

Cluster -> pod cidr - 10.255.0.0/16 service cidr - 10.252.0.0/16 Using - https://github.com/projectcalico/calico/blob/master/manifests/calico-policy-only.yaml I am using flannel as cni plugin in the cluster and using calico for just network…

kubernetes networking kubernetes-networkpolicy project-calico

asked Feb 24 '23 at 06:28

devcodes

1,038
19
38

votes

0 answers

Why does minikube cluster goes away from kind cluster gets deleted?

So I first start a minikube cluster (1.25.2) using minikube start. Then I bring up a kind cluster using some kind-Calico-conf.yml file: $ kind create cluster --name=calico --config=./kind-Calico-conf.yml When I later delete this Calico cluster…

kubernetes project-calico

asked Dec 07 '22 at 08:01

CaTx

1,421
4
21
42

votes

0 answers

Can we use calico network policies and pod security groups in EKS simultaneously?

I am trying to control pod to pod communication in EKS at layer 3/4 of OSI model. I am thinking to choose calico for east-west traffic ( pod to pod communication ) and pod to pod security groups for south-west ( pod to AWS external services ). I…

kubernetes amazon-eks calico project-calico calico-project

asked Nov 24 '22 at 22:52

cloudbud

2,948
5
28
54

votes

0 answers

kubernetes pod not able to connect to database in same network

I've setup a kubernetes cluster in my network and a postgres database in same network. I am able to connect my java app to my postgres database if I run it over in a container or a VM. But some how when I deploy the same app in Kubernetes it is not…

kubernetes networking project-calico

asked Jul 19 '22 at 18:56

Alan

votes

1 answer

microk8s configuration location (current vs x1)

I have a microk8s installed on a ubuntu EC2 instance. I have kubernetes 1.21 with calico cni installed. These are installed with snap. I am trying to enable dual stack(ipv4 and ipv6) for the kubernetes. This requires changing config of kubernetes…

kubernetes microk8s calico project-calico calico-project

asked Apr 08 '22 at 20:37

infinite_loop

votes

1 answer

Calico Global Network Policy and ip table rules

I am trying to understand how do Calico Global Network Policies work "under the hood". Let's say I have lots of (namespaced) network policies. For example, the same policy deployed to lots of namespaces. Common example might be to block or allow…

kubernetes iptables project-calico kubernetes-networkpolicy kubernetes-networking

asked Feb 09 '22 at 00:26

sunspots

votes

1 answer

How to access ACR images from calico.yaml

I have a k3s cluster with calico pods calico-node-xxx & calico-kube-controllers-xxx running in kube-system namespace. I am using calico.yaml config in my project. Now, I want these images in calico.yaml to be pulled from my ACR repo instead of…

kubernetes k3s project-calico calico

asked Dec 06 '21 at 07:38

Thor

votes

1 answer

Deleting Iptables -S of calico

I am trying to delete all calico related Iptables using calico-script . After running this script most of the calico iptables is removed except these: root@Ubuntu-18-VM:~# iptables -S | grep -oP '(?

kubernetes iptables project-calico calico calicoctl

asked Aug 03 '21 at 14:27

solveit

votes

1 answer

Find out GKE Calico policy?

I have GKE cluster running with Version - 1.19.9-gke.1900 and trying to find out what type of Calcio policy is being used? I read through articles, calico provides different policy and below are the one's. VPC Native Calico with host-local…

networking google-kubernetes-engine project-calico calico gke-networking

asked Jul 26 '21 at 12:08

Surendar

votes

2 answers

How to delete calicoctl and iptables (created by calico installation) from my k3s

I have a K3s setup with calico pods [calico-node- & calico-kube-controllers-] running. On uninstalling K3s, calico pods get deleted but I see that calicoctl and iptables -S commands still running and shows data. I want to delete calico (including…

kubernetes project-calico calico calicoctl

asked Jul 26 '21 at 07:59

solveit

votes

1 answer

DNSSelector support in Kubernetes Network policy

I am trying to implement Kubernetes Network policy in my application on the basis of domain name to control the Egress and Ingress calls to the pod. I found DNSSelector but it seems from there last comment that this feature is not implemented in…

kubernetes coredns project-calico calico kubernetes-networkpolicy

asked Jun 29 '21 at 10:13

solveit

Prev 1 2 3

…

11 12 Next