On Kubernetes, you can configure Calico to access an etcdv3 cluster directly or to More information about configuration at Security for host.Ĭalico v3.20 requires a key/value store accessible by all If a host firewall is needed, it can be configured by Calico HostEndpoint and GlobalNetworkPolicy. These may interfere with rules added by Calico and result in unexpected behavior. If your Linux distribution comes with installed Firewalld or another iptables manager it should be disabled. Preventing NetworkManager from controlling Calico interfaces If your nodes have NetworkManager, complete the steps in Note: Many Linux distributions, such as most of the above, include NetworkManager.īy default, NetworkManager does not allow Calico to manage interfaces. When VXLAN is enabled, Calico also needs to be able to manage the vxlan.calico interface. When IPIP isĮnabled (the default), Calico also needs to be able to manage tunl* interfaces. Known to work well with Calico and Kubernetes.Ĭalico must be able to manage cali* interfaces on the host. The following distributions have the required kernel, its dependencies, and are
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |