No results found

Your search did not match any results.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Try one of the popular searches shown below.
  • Start a new search.
Trending Questions
 

Installing and using Calico on Oracle Container Engine (OKE)

There are many cluster networking options for Kubernetes.

Author: Ali Mukadam

Updated:

About Ali Mukadam



Technical Director, Asia Pacific Center of Excellence.
For the past 16 years, Ali has held technical presales, architect and industry consulting roles in BEA Systems and Oracle across Asia Pacific, focusing on middleware and application development. Although he pretends to be Thor, his real areas of expertise are Application Development, Integration, SOA (Service Oriented Architecture) and BPM (Business Process Management). An early and worthy Docker and Kubernetes adopter, Ali also leads a few open source projects (namely terraform-oci-oke) aimed at facilitating the adoption of Kubernetes and other cloud native technologies on Oracle Cloud Infrastructure.

More tutorials from this author:
Deploying Verrazzano on Oracle Container Engine for Kubernetes (OKE)
Deploying the Argo CD on Oracle Container Engine for Kubernetes (OKE)
Installing and using Calico on Oracle Container Engine (OKE)

Tags

graalvm devops

Back to tutorials

There are many cluster networking options for Kubernetes. Two of the most popular are:

Graph: Software-Defined Networking Ideas with Kubernetes

Flannel is a simple and easy way to configure a layer 3 network fabric designed for Kubernetes. It is also used by default by Oracle Container Services for use with Kubernetes (aka Kubernetes on Oracle Linux) and by Oracle Container Engine (OKE).

Calico provides both a layer 3 networking and a network policy engine. Its policy engine can also be used together with Flannel.

In this post, we’ll deploy Calico for network pod policy.

Manually installing Calico

If you have manually created the OKE Cluster using the cli or the Oracle Cloud Infrastructure (OCI) console, obtain the kubeconfig file and setup your KUBECONFIG environment variable:

export KUBECONFIG=/path/to/kubeconfig

                        

Download the Calico policy-only manifest for the Kubernetes API datastore:

curl \

                        https://docs.projectcalico.org/v3.6/getting-started/kubernetes/installation/hosted/kubernetes-datastore/policy-only/1.7/calico.yaml \
                        -O
                        

By default, the pod CIDR block on OKE is 10.244.0.0/16. Set this as an environment variable:

export POD_CID="10.244.0.0/16"

                        

Then replace the default pod CIDR block value (192.168.0.0/16) in the calico.yaml. You can skip this step if your pod CIDR block is 192.168.0.0/16.

sed -i -e "s?192.168.0.0/16?$POD_CIDR?g" calico.yaml

                        

If your cluster consists of more than 50 worker nodes, then you need to do one additional step:

sed -i -e '

                                s/typha_service_name:\s"none"/typha_service_name: calico-typha/g' calico.yaml
                                

Apply the manifest:

kubectl apply -f calico.yaml

                        

Calico also recommends a minimum of 3 replicas in production environment and 1 replica per every 200 nodes:

kubectl -n kube-system scale --current-replicas=1 --replicas=3 deployment/calico-typha

                        

The installation steps and other recommendations can be viewed on the Calico website.

Installing Calico when provisioning with terraform-oci-oke module

If you are provisioning your cluster with the terraform-oci-oke module, there is an option to automate its installation. Set the following variables in your terraform.tfvars file

create_bastion = "true"

                        install_calico = "true"
                        

Run Terraform apply again:

terraform apply -auto-approve

                        

The Calico installation script in terraform-oci-oke also handles the cases when you have more than 50 nodes in your cluster and and the number of replicas needed are calculated and scaled to accordingly.

Testing Calico

If you want to test Calico as a network pod policy engine, there are some very excellent recipes. You should be able to take them all for a spin.

Alternatively, you can also try the tutorials on the Calico website.