As Kubernetes does not provide native support for inter-pod networking, MCP uses Calico as an L3 networking provider for all Kubernetes deployments through the Container Network Interface (CNI) plugin. The CNI plugin establishes a standard for the network interface configuration in Linux containers.
Calico ensures propagation of a container IP address to all Kubernetes Nodes over the BGP protocol, as well as provides network connectivity between the containers. It also provides dynamic enforcement of the Kubernetes network policies. Calico uses the etcd key-value store or the Kubernetes API datastore as a configuration data storage.
Calico runs in a container called calico-node
on every node in a
Kubernetes cluster. The calico-node
container is controlled by the
operating system directly as a systemd
service.
The calico-node
container incorporates the following main Calico services:
The Kubernetes controllers for Calico are deployed as a single pod
in a Calico kube-controllers
deployment that runs as a Kubernetes addon.
The Kubernetes controllers for Calico are only required when using
the etcd datastore, which is the default configuration in MCP.
The Kubernetes controllers for Calico are enabled by default and are
as follows: