Installing Calico on Kubernetes

Calico can be installed on a Kubernetes cluster in a number of configurations. This document gives an overview of the most popular approaches, and provides links to each for more detailed information.

Requirements

Calico can run on any Kubernetes cluster which meets the following criteria.

  • The kubelet must be configured to use CNI network plugins (e.g --network-plugin=cni).
  • The kube-proxy must be started in iptables proxy mode. This is the default as of Kubernetes v1.2.0.
  • The kube-proxy must be started without the --masquerade-all flag, which conflicts with Calico policy.
  • The Kubernetes NetworkPolicy API requires at least Kubernetes version v1.3.0.
  • When RBAC is enabled, the proper accounts, roles, and bindings must be defined and utilized by the Calico components. Examples exist for both the etcd and kubernetes api datastores.

Calico Hosted Install

Installs the Calico components as a DaemonSet entirely using Kubernetes manifests through a single kubectl command. This method is supported for Kubernetes versions >= v1.4.0.

Custom Installation

In addition to the hosted approach above, the Calico components can also be installed using your own orchestration mechanisms (e.g ansible, chef, bash, etc)

Follow the integration guide if you’re using a Kubernetes version < v1.4.0, or if you would like to integrate Calico into your own installation or deployment scripts.

Third-party solutions

Several third-party vendors also provide tools to install Kubernetes with Calico in a variety of environments.

Name Description
ACS Engine Deploys Kubernetes clusters on Azure with an option to enable Calico policy.
Google Container Engine A managed Kubernetes environment by Google using Calico for network policy.
Heptio AWS Quickstart Uses kubeadm and CloudFormation to build Kubernetes clusters on AWS using Calico for networking and network policy enforcement.
IBM Cloud Kubernetes Service A managed Kubernetes environment by IBM using Calico for networking and network policy enforcement.
Kismatic Enterprise Toolkit Fully-automated, production-grade Kubernetes operations on AWS and other clouds.
Kops A popular Kubernetes project for launching production-ready clusters on AWS, as well as other public and private cloud environments.
Kubernetes kube-up Deploys Calico on GCE using the same underlying open-source infrastructure as Google’s GKE platform.
Kubespray A Kubernetes project for deploying Kubernetes on GCE.
StackPointCloud Deploys a Kubernetes cluster with Calico to AWS in 3 steps using a web-based interface.
Typhoon Deploys free and minimal Kubernetes clusters with Terraform.