How to let calico use K8s etcd?
1
I read the calico docs, it says calico will start an etcd instance when it starts, but I noticed that the K8s cluster will start an etcd pod, when the cluster starts. I want calico use that etcd node, so I do the following action:
Use calicoctl do test, create a config file:
# cat myconfig.yml
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: etcdv3
etcdEndpoints: https://10.100.1.20:2379
etcdKeyFile: /etc/kubernetes/pki/etcd/server.key
etcdCertFile: /etc/kubernetes/pki/etcd/server.crt
etcdCACertFile: /etc/kubernetes/pki/etcd/ca.crt
the etcd config info came from /etc/kubernetes/manifests/etcd.yaml
# cat /etc/kubernetes/manifests/etcd.yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
creationTimestamp: null
labels:
component: etcd
tier: control-plane
name: etcd
namespace: kube-system
spec:
containers:
- command:
- etcd
- --advertise-client-urls=https://127.0.0.1:2379
- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --client-cert-auth=true
- --data-dir=/var/lib/etcd
- --initial-advertise-peer-urls=https://127.0.0.1:2380
- --initial-cluster=t-k8s-a1=https://127.0.0.1:2380
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --listen-client-urls=https://127.0.0.1:2379
- --listen-peer-urls=https://127.0.0.1:2380
- --name=t-k8s-a1
- --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
- --peer-client-cert-auth=true
- --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
- --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- --snapshot-count=10000
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
image: k8s.gcr.io/etcd-amd64:3.2.18
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /bin/sh
- -ec
- ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
--cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key
get foo
failureThreshold: 8
initialDelaySeconds: 15
timeoutSeconds: 15
name: etcd
resources: {}
volumeMounts:
- mountPath: /var/lib/etcd
name: etcd-data
- mountPath: /etc/kubernetes/pki/etcd
name: etcd-certs
hostNetwork: true
priorityClassName: system-cluster-critical
volumes:
- hostPath:
path: /var/lib/etcd
type: DirectoryOrCreate
name: etcd-data
- hostPath:
path: /etc/kubernetes/pki/etcd
type: DirectoryOrCreate
name: etcd-certs
status: {}
still refused
# calicoctl get nodes --config ./myconfig.yml
Failed to create Calico API client: dial tcp 10.100.1.20:2379: connect: connection refused
# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
kube-system calico-node-5nbwz 2/2 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system calico-node-m967m 2/2 Running 0 22h 10.100.1.20 t-k8s-a1 <none>
kube-system calico-typha-64fc9d86dd-g8m54 1/1 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-5thqv 1/1 Running 0 1d 192.168.1.2 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-gm5zs 1/1 Running 0 1d 192.168.1.3 t-k8s-b2 <none>
kube-system etcd-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-apiserver-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-controller-manager-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-9rgmd 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-z75kc 1/1 Running 0 1d 10.100.1.21 t-k8s-b2 <none>
kube-system kube-scheduler-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
testalex etcd-deployment-5b5d67bb84-nr7vc 1/1 Running 0 1d 192.168.1.26 t-k8s-b2 <none>
testalex k8s-alert-76f97ccf49-gffgb 1/1 Running 0 1d 192.168.1.18 t-k8s-b2 <none>
testalex k8s-monitor-7ddcb74b87-75vxb 1/1 Running 0 1d 192.168.1.27 t-k8s-b2 <none>
testalex mysql-deployment-858464457f-nznq5 1/1 Running 0 1d 192.168.1.16 t-k8s-b2 <none>
kubernetes calico
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
add a comment |
1
I read the calico docs, it says calico will start an etcd instance when it starts, but I noticed that the K8s cluster will start an etcd pod, when the cluster starts. I want calico use that etcd node, so I do the following action:
Use calicoctl do test, create a config file:
# cat myconfig.yml
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: etcdv3
etcdEndpoints: https://10.100.1.20:2379
etcdKeyFile: /etc/kubernetes/pki/etcd/server.key
etcdCertFile: /etc/kubernetes/pki/etcd/server.crt
etcdCACertFile: /etc/kubernetes/pki/etcd/ca.crt
the etcd config info came from /etc/kubernetes/manifests/etcd.yaml
# cat /etc/kubernetes/manifests/etcd.yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
creationTimestamp: null
labels:
component: etcd
tier: control-plane
name: etcd
namespace: kube-system
spec:
containers:
- command:
- etcd
- --advertise-client-urls=https://127.0.0.1:2379
- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --client-cert-auth=true
- --data-dir=/var/lib/etcd
- --initial-advertise-peer-urls=https://127.0.0.1:2380
- --initial-cluster=t-k8s-a1=https://127.0.0.1:2380
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --listen-client-urls=https://127.0.0.1:2379
- --listen-peer-urls=https://127.0.0.1:2380
- --name=t-k8s-a1
- --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
- --peer-client-cert-auth=true
- --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
- --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- --snapshot-count=10000
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
image: k8s.gcr.io/etcd-amd64:3.2.18
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /bin/sh
- -ec
- ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
--cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key
get foo
failureThreshold: 8
initialDelaySeconds: 15
timeoutSeconds: 15
name: etcd
resources: {}
volumeMounts:
- mountPath: /var/lib/etcd
name: etcd-data
- mountPath: /etc/kubernetes/pki/etcd
name: etcd-certs
hostNetwork: true
priorityClassName: system-cluster-critical
volumes:
- hostPath:
path: /var/lib/etcd
type: DirectoryOrCreate
name: etcd-data
- hostPath:
path: /etc/kubernetes/pki/etcd
type: DirectoryOrCreate
name: etcd-certs
status: {}
still refused
# calicoctl get nodes --config ./myconfig.yml
Failed to create Calico API client: dial tcp 10.100.1.20:2379: connect: connection refused
# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
kube-system calico-node-5nbwz 2/2 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system calico-node-m967m 2/2 Running 0 22h 10.100.1.20 t-k8s-a1 <none>
kube-system calico-typha-64fc9d86dd-g8m54 1/1 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-5thqv 1/1 Running 0 1d 192.168.1.2 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-gm5zs 1/1 Running 0 1d 192.168.1.3 t-k8s-b2 <none>
kube-system etcd-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-apiserver-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-controller-manager-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-9rgmd 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-z75kc 1/1 Running 0 1d 10.100.1.21 t-k8s-b2 <none>
kube-system kube-scheduler-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
testalex etcd-deployment-5b5d67bb84-nr7vc 1/1 Running 0 1d 192.168.1.26 t-k8s-b2 <none>
testalex k8s-alert-76f97ccf49-gffgb 1/1 Running 0 1d 192.168.1.18 t-k8s-b2 <none>
testalex k8s-monitor-7ddcb74b87-75vxb 1/1 Running 0 1d 192.168.1.27 t-k8s-b2 <none>
testalex mysql-deployment-858464457f-nznq5 1/1 Running 0 1d 192.168.1.16 t-k8s-b2 <none>
kubernetes calico
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
add a comment |
1
1
1
I read the calico docs, it says calico will start an etcd instance when it starts, but I noticed that the K8s cluster will start an etcd pod, when the cluster starts. I want calico use that etcd node, so I do the following action:
Use calicoctl do test, create a config file:
# cat myconfig.yml
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: etcdv3
etcdEndpoints: https://10.100.1.20:2379
etcdKeyFile: /etc/kubernetes/pki/etcd/server.key
etcdCertFile: /etc/kubernetes/pki/etcd/server.crt
etcdCACertFile: /etc/kubernetes/pki/etcd/ca.crt
the etcd config info came from /etc/kubernetes/manifests/etcd.yaml
# cat /etc/kubernetes/manifests/etcd.yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
creationTimestamp: null
labels:
component: etcd
tier: control-plane
name: etcd
namespace: kube-system
spec:
containers:
- command:
- etcd
- --advertise-client-urls=https://127.0.0.1:2379
- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --client-cert-auth=true
- --data-dir=/var/lib/etcd
- --initial-advertise-peer-urls=https://127.0.0.1:2380
- --initial-cluster=t-k8s-a1=https://127.0.0.1:2380
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --listen-client-urls=https://127.0.0.1:2379
- --listen-peer-urls=https://127.0.0.1:2380
- --name=t-k8s-a1
- --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
- --peer-client-cert-auth=true
- --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
- --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- --snapshot-count=10000
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
image: k8s.gcr.io/etcd-amd64:3.2.18
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /bin/sh
- -ec
- ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
--cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key
get foo
failureThreshold: 8
initialDelaySeconds: 15
timeoutSeconds: 15
name: etcd
resources: {}
volumeMounts:
- mountPath: /var/lib/etcd
name: etcd-data
- mountPath: /etc/kubernetes/pki/etcd
name: etcd-certs
hostNetwork: true
priorityClassName: system-cluster-critical
volumes:
- hostPath:
path: /var/lib/etcd
type: DirectoryOrCreate
name: etcd-data
- hostPath:
path: /etc/kubernetes/pki/etcd
type: DirectoryOrCreate
name: etcd-certs
status: {}
still refused
# calicoctl get nodes --config ./myconfig.yml
Failed to create Calico API client: dial tcp 10.100.1.20:2379: connect: connection refused
# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
kube-system calico-node-5nbwz 2/2 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system calico-node-m967m 2/2 Running 0 22h 10.100.1.20 t-k8s-a1 <none>
kube-system calico-typha-64fc9d86dd-g8m54 1/1 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-5thqv 1/1 Running 0 1d 192.168.1.2 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-gm5zs 1/1 Running 0 1d 192.168.1.3 t-k8s-b2 <none>
kube-system etcd-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-apiserver-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-controller-manager-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-9rgmd 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-z75kc 1/1 Running 0 1d 10.100.1.21 t-k8s-b2 <none>
kube-system kube-scheduler-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
testalex etcd-deployment-5b5d67bb84-nr7vc 1/1 Running 0 1d 192.168.1.26 t-k8s-b2 <none>
testalex k8s-alert-76f97ccf49-gffgb 1/1 Running 0 1d 192.168.1.18 t-k8s-b2 <none>
testalex k8s-monitor-7ddcb74b87-75vxb 1/1 Running 0 1d 192.168.1.27 t-k8s-b2 <none>
testalex mysql-deployment-858464457f-nznq5 1/1 Running 0 1d 192.168.1.16 t-k8s-b2 <none>
kubernetes calico
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
I read the calico docs, it says calico will start an etcd instance when it starts, but I noticed that the K8s cluster will start an etcd pod, when the cluster starts. I want calico use that etcd node, so I do the following action:
Use calicoctl do test, create a config file:
# cat myconfig.yml
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: etcdv3
etcdEndpoints: https://10.100.1.20:2379
etcdKeyFile: /etc/kubernetes/pki/etcd/server.key
etcdCertFile: /etc/kubernetes/pki/etcd/server.crt
etcdCACertFile: /etc/kubernetes/pki/etcd/ca.crt
the etcd config info came from /etc/kubernetes/manifests/etcd.yaml
# cat /etc/kubernetes/manifests/etcd.yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
creationTimestamp: null
labels:
component: etcd
tier: control-plane
name: etcd
namespace: kube-system
spec:
containers:
- command:
- etcd
- --advertise-client-urls=https://127.0.0.1:2379
- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --client-cert-auth=true
- --data-dir=/var/lib/etcd
- --initial-advertise-peer-urls=https://127.0.0.1:2380
- --initial-cluster=t-k8s-a1=https://127.0.0.1:2380
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --listen-client-urls=https://127.0.0.1:2379
- --listen-peer-urls=https://127.0.0.1:2380
- --name=t-k8s-a1
- --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
- --peer-client-cert-auth=true
- --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
- --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- --snapshot-count=10000
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
image: k8s.gcr.io/etcd-amd64:3.2.18
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /bin/sh
- -ec
- ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
--cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key
get foo
failureThreshold: 8
initialDelaySeconds: 15
timeoutSeconds: 15
name: etcd
resources: {}
volumeMounts:
- mountPath: /var/lib/etcd
name: etcd-data
- mountPath: /etc/kubernetes/pki/etcd
name: etcd-certs
hostNetwork: true
priorityClassName: system-cluster-critical
volumes:
- hostPath:
path: /var/lib/etcd
type: DirectoryOrCreate
name: etcd-data
- hostPath:
path: /etc/kubernetes/pki/etcd
type: DirectoryOrCreate
name: etcd-certs
status: {}
still refused
# calicoctl get nodes --config ./myconfig.yml
Failed to create Calico API client: dial tcp 10.100.1.20:2379: connect: connection refused
# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
kube-system calico-node-5nbwz 2/2 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system calico-node-m967m 2/2 Running 0 22h 10.100.1.20 t-k8s-a1 <none>
kube-system calico-typha-64fc9d86dd-g8m54 1/1 Running 0 22h 10.100.1.21 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-5thqv 1/1 Running 0 1d 192.168.1.2 t-k8s-b2 <none>
kube-system coredns-78fcdf6894-gm5zs 1/1 Running 0 1d 192.168.1.3 t-k8s-b2 <none>
kube-system etcd-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-apiserver-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-controller-manager-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-9rgmd 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
kube-system kube-proxy-z75kc 1/1 Running 0 1d 10.100.1.21 t-k8s-b2 <none>
kube-system kube-scheduler-t-k8s-a1 1/1 Running 0 1d 10.100.1.20 t-k8s-a1 <none>
testalex etcd-deployment-5b5d67bb84-nr7vc 1/1 Running 0 1d 192.168.1.26 t-k8s-b2 <none>
testalex k8s-alert-76f97ccf49-gffgb 1/1 Running 0 1d 192.168.1.18 t-k8s-b2 <none>
testalex k8s-monitor-7ddcb74b87-75vxb 1/1 Running 0 1d 192.168.1.27 t-k8s-b2 <none>
testalex mysql-deployment-858464457f-nznq5 1/1 Running 0 1d 192.168.1.16 t-k8s-b2 <none>
kubernetes calico
kubernetes calico
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
edited Nov 21 '18 at 2:06
user1208081
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
asked Nov 19 '18 at 3:47
user1208081user1208081
1792318
1792318
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
2
When you install Calico on Kubernetes by default it will use the Kubernetes datastore (which uses etcdv3). Your calicoctl config under /etc/calico/calicoctl.cfg should looks something like this:
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: "kubernetes"
kubeconfig: "/path/to/.kube/config"
It works for me:
calicoctl get nodes
NAME
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
What is this IP10.100.1.20? container? server? where did you get it?
– Rico
Nov 20 '18 at 6:21
|
show 1 more comment
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53368054%2fhow-to-let-calico-use-k8s-etcd%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
2
When you install Calico on Kubernetes by default it will use the Kubernetes datastore (which uses etcdv3). Your calicoctl config under /etc/calico/calicoctl.cfg should looks something like this:
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: "kubernetes"
kubeconfig: "/path/to/.kube/config"
It works for me:
calicoctl get nodes
NAME
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
What is this IP10.100.1.20? container? server? where did you get it?
– Rico
Nov 20 '18 at 6:21
|
show 1 more comment
2
When you install Calico on Kubernetes by default it will use the Kubernetes datastore (which uses etcdv3). Your calicoctl config under /etc/calico/calicoctl.cfg should looks something like this:
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: "kubernetes"
kubeconfig: "/path/to/.kube/config"
It works for me:
calicoctl get nodes
NAME
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
What is this IP10.100.1.20? container? server? where did you get it?
– Rico
Nov 20 '18 at 6:21
|
show 1 more comment
2
2
2
When you install Calico on Kubernetes by default it will use the Kubernetes datastore (which uses etcdv3). Your calicoctl config under /etc/calico/calicoctl.cfg should looks something like this:
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: "kubernetes"
kubeconfig: "/path/to/.kube/config"
It works for me:
calicoctl get nodes
NAME
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
When you install Calico on Kubernetes by default it will use the Kubernetes datastore (which uses etcdv3). Your calicoctl config under /etc/calico/calicoctl.cfg should looks something like this:
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: "kubernetes"
kubeconfig: "/path/to/.kube/config"
It works for me:
calicoctl get nodes
NAME
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
ip-172-x-x-x.us-west-2.compute.internal
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
answered Nov 19 '18 at 5:36
RicoRico
27.5k94865
27.5k94865
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
What is this IP10.100.1.20? container? server? where did you get it?
– Rico
Nov 20 '18 at 6:21
|
show 1 more comment
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
What is this IP10.100.1.20? container? server? where did you get it?
– Rico
Nov 20 '18 at 6:21
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
doc says : Calico networking with the Kubernetes API datastore is beta because it does not yet support Calico IPAM
– user1208081
Nov 19 '18 at 5:42
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
Do you need IPAM? I don't see any mention of not being supported on the latest docs: docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– Rico
Nov 19 '18 at 5:55
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
here is the doc docs.projectcalico.org/v3.3/getting-started/kubernetes/…
– user1208081
Nov 19 '18 at 6:39
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
I see, I’ll take a look later...
– Rico
Nov 19 '18 at 6:54
What is this IP
10.100.1.20? container? server? where did you get it?– Rico
Nov 20 '18 at 6:21
What is this IP
10.100.1.20? container? server? where did you get it?– Rico
Nov 20 '18 at 6:21
|
show 1 more comment
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53368054%2fhow-to-let-calico-use-k8s-etcd%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
