calico network connectivity failing between pods and services and pods in different hosts calico network connectivity failing between pods and services and pods in different hosts kubernetes kubernetes

calico network connectivity failing between pods and services and pods in different hosts


kubernetes project-calico calico bgp cni

Calico configured in BGP mode requires all of the instances to be located in the same subnet to work out of the box.

To use calico with deployments that are split across multiple availability zones you must:

Disable AWS source / destination check (see here):

You can do that using AWS CLI:

    aws ec2 modify-instance-attribute --no-source-dest-check --instance-id          $EC2_INSTANCE_ID --region <REGION-WHERE-EC2-INSTANCE-IS-LAUNCHED>

Or using the AWS console:

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
  2. In the navigation pane, choose Instances.
  3. Select the NAT instance, choose Actions, Networking, Change Source/Dest. Check.
  4. For the NAT instance, verify that this attribute is disabled. Otherwise, choose Yes, Disable.
  5. If the NAT instance has a secondary network interface, choose it from Network interfaces on the Description tab and choosethe interface ID to go to the network interfaces page. ChooseActions, Change Source/Dest. Check, disable the setting, and choose Save.*

Enable IPIP encapsulation and outgoing NAT on your Calico IP pools

(IPPool) represents a collection of IP addresses from which Calicoexpects endpoint IPs to be assigned. (see here how to set it up)

, then all of the Kubernetes instances must be located in the same subnet for Calico to work out of the box.

To enable the “CrossSubnet” IPIP feature, configure your Calico IP pool resources to enable IPIP mode to “CrossSubnet” like in the example below:

apiVersion: projectcalico.org/v3kind: IPPoolmetadata:  name: ippool-multi-azspec:  cidr: 192.168.0.0/16  ipipMode: CrossSubnetEOF

Example above refers to AWS cloud configuration taken from the Calico documentation. Please note that Calico docs has also information about GCP, Azure and IBM.

Remark: If you face another problems going "the hard way" you may want to use as a reference another cluster created by following calico guides below:

Lastly, it is worth to check is also this very good document about calico routing modes (it shows also cross subnets ipip mode).

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last