Warning: You're not viewing the latest copy of this page.

System requirements

Node requirements

AMD64 processor
Linux kernel 3.10 or later with required dependencies. The following distributions have the required kernel, its dependencies, and are known to work well with Calico and Kubernetes.
- RedHat Linux 7
- CentOS 7
- CoreOS Container Linux stable
- Ubuntu 16.04
- Debian 8

Key/value store

Calico v3.1 requires a key/value store accessible by all Calico components. On Kubernetes, you can configure Calico to access an etcdv3 cluster directly or to use the Kubernetes API datastore.

Network requirements

Calico requires the network to allow the following types of traffic.

Traffic	Protocol	Port
BGP	TCP	179
IPIP*	4	n/a

* Our manifests enable IPIP by default. If you disable IPIP, you won’t need to allow IPIP traffic. Refer to Configuring IP-in-IP for more information.

Tip: On GCE, you can allow this traffic using firewall rules. In AWS, use EC2 security group rules.

Kubernetes requirements

Supported versions

We test Calico v3.1 against the following Kubernetes versions.

1.8
1.9
1.10

Other versions are likely to work, but we do not actively test Calico v3.1 against them.

CNI plug-in enabled

Calico is installed as a CNI plugin. The kubelet must be configured to use CNI networking by passing the --network-plugin=cni argument. (On kubeadm, this is the default.)

Other network providers

Calico must be the only network provider in each cluster. We do not currently support migrating a cluster with another network provider to use Calico networking.

Supported kube-proxy modes

Calico supports the following kube-proxy modes:

iptables (default)
ipvs (beta) Requires Kubernetes >=v1.9.3. Refer to Enabling IPVS in Kubernetes for more details.

IP pool configuration

The IP range selected for pod IP addresses cannot overlap with any other IP ranges in your network, including:

The Kubernetes service cluster IP range
The range from which host IPs are allocated

Our manifests default to 192.168.0.0/16 for the pod IP range except Canal/flannel, which defaults to 10.244.0.0/16. Refer to Configuring the pod IP range for information on modifying the defaults.

Kernel dependencies

Tip: If you are using one of the recommended distributions, you will already satisfy these.

nf_conntrack_netlink subsystem
ip_tables (for IPv4)
ip6_tables (for IPv6)
ip_set
xt_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip (if using Calico networking)

Provide Feedback Get Help via Slack Training