kubeadm Hosted Install
This document outlines how to install Calico on a kubeadm cluster.
If you have already built your cluster with kubeadm, please review the
Requirements / Limitations at the bottom of
this page. It is likely you will need to recreate your cluster with the
--service-cidr arguments to kubeadm.
You can easily create a cluster compatible with these manifests by following the official kubeadm guide.
Calico installations require kubeadm initialized clusters to have set a
which should match the value set by
CALICO_IPV4POOL_CIDR in the manifest:
- name: CALICO_IPV4POOL_CIDR value: "192.168.0.0/16"
This value can be changed to any CIDR that does not overlap the cluster’s service CIDR.
The manifests are currently setup to use the CIDR
192.168.0.0/16 so you would initialize
the cluster with the following command:
kubeadm init --pod-network-cidr=192.168.0.0/16
Users who have deployed their own etcd cluster outside of kubeadm should use the Calico only manifest instead, as it does not deploy its own etcd.
To install this Calico and a single node etcd on a run the following command:
Note: The following manifest requires Kubernetes 1.6.0 or later.
kubectl apply -f https://docs.projectcalico.org/master/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml
To install Calico configured to use the Kubernetes API as its sole data source, run the following commands:
Note: The following manifests require Kubernetes 1.7.0 or later.
kubectl apply -f https://docs.projectcalico.org/master/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml kubectl apply -f https://docs.projectcalico.org/master/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
Using calicoctl in a kubeadm cluster
The simplest way to use calicoctl in kubeadm is by running it as a pod. See using calicoctl with Kubernetes for more information.
Requirements / Limitations
- This install assumes no other pod network configurations have been installed in /etc/cni/net.d (or equivilent directory).
- The CIDR(s) specified with the kubeadm flag
--cluster-cidr(pre 1.6) or
--pod-network-cidr(1.6+) must match the Calico IP Pools to have Network Policy function correctly. The default is
- The CIDR specified with the kubeadm flag
--service-cidrshould not overlap with the Calico IP Pool.
- The default CIDR for
- The calico.yaml(s) linked sets the Calico IP Pool to
- The default CIDR for