System requirements

Node requirements

  • AMD64 processor

  • Linux kernel 3.10 or later with required dependencies. The following distributions have the required kernel, its dependencies, and are known to work well with Calico and host protection.

    • RedHat Linux 7
    • CentOS 7
    • CoreOS Container Linux stable
    • Ubuntu 16.04
    • Debian 8

Key/value store

Calico v3.4 requires a key/value store accessible by all Calico components. The key/value store must be etcdv3.

Network requirements

Ensure that your hosts and firewalls allow the necessary traffic based on your configuration.

Configuration Host(s) Connection type Port/protocol  
Calico networking (BGP) All Bidirectional TCP 179  
Calico networking with IP-in-IP enabled (default) All Bidirectional IP-in-IP, often represented by its protocol number 4  
All etcd hosts Incoming Officially TCP 2379 but can vary ## Privileges

Ensure that Calico has the CAP_SYS_ADMIN privilege.

The simplest way to provide the necessary privilege is to run Calico as root or in a privileged container.

Kernel dependencies

Tip: If you are using one of the recommended distributions, you will already satisfy these.

  • nf_conntrack_netlink subsystem
  • ip_tables (for IPv4)
  • ip6_tables (for IPv6)
  • ip_set
  • xt_set
  • ipt_set
  • ipt_rpfilter
  • ipt_REJECT
  • ipip (if using Calico networking)