Calico

warning

Limitations: AWS, VMWare supports IP-in-IP encapsulation type. Azure supports VXLAN encapsulation type.

Versions Supported

3.27.x

Create Bind Mounts for Edge Deployments

In Edge deployments, Calico requires a bind mount on the host machine. Without the bind mount, it's possible for the Calico pods to be stuck in the init state. Use the following example to create a bind mount from /var/lib/calico on the Edge host. When you build an installer ISO with the bind_mounts block, the folders specified in the block will be mounted. For more information about building the installer ISO, refer to Build Installer ISO.

#cloud-config
stylus:
  site:
    debug: true
    insecureSkipVerify: false
    paletteEndpoint: api.console.spectrocloud.com
    name: edge-appliance-1
    caCerts:
      - |
        -----BEGIN CERTIFICATE-----

        -----END CERTIFICATE-----

install:
  bind_mounts:
    - /var/lib/calico

Connectivity Issues in Virtual Machine Environments

Due to a known issue with VMware's VMXNET3 adapter, which is widely used in different virtual machine management services, including VMware vSphere and Hyper-V, Calico Pods may face network connectivity issues.

Before deploying clusters with Calico in VXLAN mode, disable checksum offloading on your virtual host using the following the command. Replace <interface-name> with the name of the network interface on your host. Refer to Calico known issue #9433 for more information.

ethtool --offload <interface-name> tx off

Alternatively, if deploying an Edge host in a virtual machine environment using a VMXNET3 adapter and enabling an overlay network for your cluster, add the following commands in the user-data file at the boot stage. Replace <interface-name> with the name of the network interface on your Edge host.

stages:
  initramfs:
    - name: "Disable UDP segmentation"
      commands:
        - ethtool --offload <interface-name> tx-udp_tnl-segmentation off
        - ethtool --offload <interface-name> tx-udp_tnl-csum-segmentation off

3.26.x

Create Bind Mounts for Edge Deployments

In Edge deployments, Calico requires a bind mount on the host machine. Without the bind mount, it's possible for the Calico pods to be stuck in the init state. Use the following example to create a bind mount from /var/lib/calico on the Edge host. When you build an installer ISO with the bind_mounts block, the folders specified in the block will be mounted. For more information about building the installer ISO, refer to Build Installer ISO.

#cloud-config
stylus:
  site:
    debug: true
    insecureSkipVerify: false
    paletteEndpoint: api.console.spectrocloud.com
    name: edge-appliance-1
    caCerts:
      - |
        -----BEGIN CERTIFICATE-----

        -----END CERTIFICATE-----

install:
  bind_mounts:
    - /var/lib/calico

3.25.x

Create Bind Mounts for Edge Deployments

In Edge deployments, Calico requires a bind mount on the host machine. Without the bind mount, it's possible for the Calico pods to be stuck in the init state. Use the following example to create a bind mount from /var/lib/calico on the Edge host. When you build an installer ISO with the bind_mounts block, the folders specified in the block will be mounted. For more information about building the installer ISO, refer to Build Installer ISO.

#cloud-config
stylus:
  site:
    debug: true
    insecureSkipVerify: false
    paletteEndpoint: api.console.spectrocloud.com
    name: edge-appliance-1
    caCerts:
      - |
        -----BEGIN CERTIFICATE-----

        -----END CERTIFICATE-----

install:
  bind_mounts:
    - /var/lib/calico

3.24.x

Create Bind Mounts for Edge Deployments

In Edge deployments, Calico requires a bind mount on the host machine. Without the bind mount, it's possible for the Calico pods to be stuck in the init state. Use the following example to create a bind mount from /var/lib/calico on the Edge host. When you build an installer ISO with the bind_mounts block, the folders specified in the block will be mounted. For more information about building the installer ISO, refer to Build Installer ISO.

#cloud-config
stylus:
  site:
    debug: true
    insecureSkipVerify: false
    paletteEndpoint: api.console.spectrocloud.com
    name: edge-appliance-1
    caCerts:
      - |
        -----BEGIN CERTIFICATE-----

        -----END CERTIFICATE-----

install:
  bind_mounts:
    - /var/lib/calico

3.23.x

Create Bind Mounts for Edge Deployments

In Edge deployments, Calico requires a bind mount on the host machine. Without the bind mount, it's possible for the Calico pods to be stuck in the init state. Use the following example to create a bind mount from /var/lib/calico on the Edge host. When you build an installer ISO with the bind_mounts block, the folders specified in the block will be mounted. For more information about building the installer ISO, refer to Build Installer ISO.

#cloud-config
stylus:
  site:
    debug: true
    insecureSkipVerify: false
    paletteEndpoint: api.console.spectrocloud.com
    name: edge-appliance-1
    caCerts:
      - |
        -----BEGIN CERTIFICATE-----

        -----END CERTIFICATE-----

install:
  bind_mounts:
    - /var/lib/calico

Deprecated

All versions below version 3.23.x are deprecated.

Troubleshooting

The following are some tips to troubleshoot issues with the Calico CNI.

• A daemon set is installed, the calico-node pod should be deployed on all the nodes in the cluster to provide networking.

• For any issues with networking, check the logs of the calico-node and calico-kube-controller pods on the cluster.

Terraform

Use the following Terraform snippet to reference the Calico CNI pack in your Terraform template.

data "spectrocloud_registry" "public_registry" {
  name = "Public Repo"
}

data "spectrocloud_pack_simple" "calico" {
  name    = "cni-calico"
  version = "3.27.0"
  type = "helm"
  registry_uid = data.spectrocloud_registry.public_registry.id
}

References

• Calico Documentation