- Linux kernel 3.10 or later with required dependencies.
The following distributions have the required kernel, its dependencies, and are
known to work well with Calico and OpenShift.
- RedHat Linux 7
- CentOS 7
Calico must be able to manage
cali*interfaces on the host. When IPIP is enabled (the default), Calico also needs to be able to manage
Note: Many Linux distributions, such as most of the above, include NetworkManager. By default, NetworkManager does not allow Calico to manage interfaces. If your nodes have NetworkManager, complete the steps in Preventing NetworkManager from controlling Calico interfaces before installing Calico.
Calico v3.7 requires a key/value store accessible by all Calico components. On OpenShift, Calico can share an etcdv3 cluster with OpenShift, or you can set up an etcdv3 cluster dedicated to Calico.
Ensure that your hosts and firewalls allow the necessary traffic based on your configuration.
|Calico networking (BGP)||All||Bidirectional||TCP 179|
|Calico networking with IP-in-IP enabled (default)||All||Bidirectional||IP-in-IP, often represented by its protocol number
|All||etcd hosts||Incoming||Officially TCP 2379 but can vary|
|All||kube-apiserver host||Incoming||Often TCP 443 or 8443*|
* The value passed to kube-apiserver using the
--secure-port flag. If you cannot locate this, check the
targetPort value returned by
kubectl get svc kubernetes -o yaml.
Ensure that Calico has the
The simplest way to provide the necessary privilege is to run Calico as root or in a privileged container.
Calico v3.7 supports:
- OpenShift Origin 3.11
- OpenShift Container Platform 3.11
Refer to the OpenShift documentation for additional requirements.
Tip: If you are using one of the recommended distributions, you will already satisfy these.
ipip(if using Calico networking)