Stack Overflow
Stack Overflow

Questions tagged [project-calico]

Project Calico aims to simplify, scale, and secure cloud networks.

Per the project website, Project Calico aims to be:

Simple

Let's remove the complexity

Traditional SDNs are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified networking model designed for the demands of today's cloud-native applications.

Scalable

From dev/test to enterprise deployment

Unlike SDNs that require a central controller, limiting scalability, Calico is built on a fully distributed, scale-out architecture. So it scales smoothly from a single developer laptop to large enterprise deployments.

Secure

Policy-based micro-segmentation

Defining secure network policy used to be reserved for skilled network engineers. Calico's powerful micro-segmentation capabilities build on a simple policy language that naturally expresses the developer's intent.

160 questions
17
votes
3 answers

How to allow access to kubernetes api using egress network policy?

Init container with kubectl get pod command is used to get ready status of other pod. After Egress NetworkPolicy was turned on init container can't access Kubernetes API: Unable to connect to the server: dial tcp 10.96.0.1:443: i/o timeout. CNI is…
Igor Stepin
  • 198
  • 7
10
votes
0 answers

Kube-proxy or ELB "delaying" packets of HTTP requests

We're running a web API app on Kubernetes (1.9.3) in AWS (set with KOPS). The app is a Deployment and represented by a Service (type: LoadBalancer) which is actually an ELB (v1) on AWS. This generally works - except that some packets (fragments of…
ArAr
  • 121
  • 2
6
votes
3 answers

Whitelist "kube-system" namespace using NetworkPolicy

I have a multi-tenant cluster, where multi-tenancy is achieved via namespaces. Every tenant has their own namespace. Pods from a tenant cannot talk to pods of other tenants. However, some pods in every tenant have to expose a service to the…
mitchkman
  • 4,963
  • 7
  • 30
  • 55
5
votes
4 answers

calico/node is not ready: BIRD is not ready: BGP not established

I'm running Kubernetes 1.13.2, setup using kubeadm and struggling with getting calico 3.5 up and running. The cluster is run on top of KVM. Setup: kubeadm init --apiserver-advertise-address=10.255.253.20 --pod-network-cidr=192.168.0.0/16 modified…
phone_melter
  • 53
  • 1
  • 1
  • 3
5
votes
1 answer

Monitor or log dropped network traffic for Kubernetes NetworkPolicy

I'm interested in using Kubernetes NetworkPolicy to control network policy. I want to know if the NetworkPolicy is blocking traffic so I can either fix the policies or fix/stop whatever is in violation. We use Calico and they view this as a paid…
Ben Mathews
  • 2,629
  • 1
  • 17
  • 25
4
votes
1 answer

Kubernetes DNS no longer resolving names

I have a cluster consisting of 6 servers, 3 masters and 3 workers. Up to this morning everything worked fine, until I removed two workers from the cluster. Now the internal DNS is not working anymore. I cannot resolve an internal name. Apparently…
Paul
  • 16,535
  • 5
  • 46
  • 70
4
votes
2 answers

kubernetes networkpolicy namespaceSelector select when namespace has no labels

I am trying to add a calico network policy to allow my namespace to talk to kube-system namespace. But in my k8s cluster kube-system has no labels attached to it, so I am not able to select pods in there. Below is what I tried but its not…
Hemant_Negi
  • 1,555
  • 14
  • 22
4
votes
1 answer

Use Calico for policy and networking on AWS EKS?

AWS EKS makes use of their own CNI plugin and there are docs that allow you to install Calico for managing policy. For a number of reasons, I'd like to have Calico manage networking as well. Based on the installation instructions I can't seem to…
Valdis R
  • 2,065
  • 1
  • 18
  • 35
4
votes
2 answers

Logging for Kubernetes Calico NetworkPolicy?

I am new to Kubernetes NetworkPolicy and the Network plugin calico. I have successfully implemented calico in my Kubernetes cluster: [root@node1 ~]# kubectl get po --all-namespaces -o wide | grep calico kube-system …
user4889345
4
votes
2 answers

etcd error when trying to start service rejected send message

I am using ubuntu 14.04 and Im configuring etcd for use with calico, but the service does not work. This is my etcd.conf file: # vim:set ft=upstart ts=2 et: description "etcd" author "etcd maintainers" start on stopped rc RUNLEVEL=[2345] stop on…
Asier Gomez
  • 4,779
  • 15
  • 42
  • 92
3
votes
1 answer

Unable to setup Calico on Kubernetes

Trying to set up Calico on-premises Kubernetes cluster. Initializing cluster kubeadm init --pod-network-cidr=192.168.0.0/16 Using https://docs.projectcalico.org/manifests/calico.yaml manifest. ~# calicoctl node status Calico process is…
Jonas
  • 3,329
  • 1
  • 33
  • 56
3
votes
2 answers

Calico based pod is not coming up

I am setting up a pod using calico but it keeps on failing with some authorization error. By default following is the node cidr of my system: [root@k8master-1 ~]# kubeadm config view | grep Subnet podSubnet: 10.244.0.0/16 serviceSubnet:…
drifter
  • 239
  • 2
  • 9
3
votes
3 answers

unable to recognize "calico.yaml": no matches for kind "Deployment" in version "apps/v1beta1"

I receive the following error when i try to download calico.yaml files for the pod network unable to recognize "calico.yaml": no matches for kind "Deployment" in version "apps/v1beta1" unable to recognize "calico.yaml": no matches for kind…
parrot_boy
  • 43
  • 1
  • 4
3
votes
2 answers

How to stop kubernetes from reporting to usage.projectcalico.org?

I found that my kubernetes cluster was sending reports to usage.projectcalico.org, how can this be disabled and how exactly is it using usage.projectcalico.org?
Alex Cohen
  • 3,616
  • 8
  • 35
  • 74
3
votes
0 answers

Network Policy whitelist IP

I'm using Kubernetes on IBM Cloud and I'm trying to create a whitelist policy to be applied to the ingress. I have installed calico to create kubernetes policies https://console.bluemix.net/docs/containers/cs_network_policy.html#network_policies and…
Leonardo Carraro
  • 982
  • 1
  • 8
  • 22
1
2 3
10 11