Calico integration

14
Anirban Sen Chowdhary

Transcript of Calico integration

Anirban Sen Chowdhary

Project Calico, a Tigera open-source project that provides a layer 3 network implementation, aimed at scalable datacenter deployments. This slides explains the components necessary to install Calico on Kubernetes for integrating with custom configuration management.

Calico Components

There are basically three components of a Calico/Kubernetes integration:

The calico/node docker container that run on the main Kubernetes master and each Kubernetes node in our cluster that contains the BGP agent which is required for Calico routing to occur, and the Felix agent for network policy rules.

The cni-plugin plugin that integrates directly with the Kubernetes kubelet process on each node and discover the pods created, adds them to Calico networking system.

The calico/kube-controllers container runs as a pod on top of Kubernetes also implements the NetworkPolicy API system.

Installing calico/node:

We have already seen in my previous slides https://www.slideshare.net/anir37/deploying-calico-on-docker to install calico/node.The calico/node container run directly through docker container on each node and can be done using the calicoctl utility to launch the container.

.

Installing the Calico CNI plugins :

The Kubernetes kubelet should be configured to use the calico and calico-ipam plugins. Download the binaries and make sure they're executable:

The Calico CNI plugins needs a standard CNI config file. The policy section is only needed when deploying the calico/kube-policy-controller for NetworkPolicy.

Installing the Calico network policy controller:

The calico/kube-policy-controller that implements the Kubernetes NetworkPolicy API system by the Kubernetes API for Pod, Namespace, and NetworkPolicy events and configuring Calico in response. It runs as a single pod.

To install the policy controller we need following:1) First we need to download the policy controller manifest.2) Then we need to modify <ETCD_ENDPOINTS> to point to our etcd cluster.3) Finally Install it using kubectl.

Following command to install kubectl :

Few minute after we can see the policy controller in Running state:

Configuring Kubernetes:

You can check more on this topic in one of my slides here: https://www.slideshare.net/anir37/deploying-calico-on-kubernetes-81907287

For more information visit

https://www.projectcalico.org/

https://docs.projectcalico.org/v2.6/introduction/

https://blog.tigera.io/tagged/calico