Calico Component Networking Operations

Prerequisites

The Docker and Kubernetes components (kubeadm, kubectl, and kubelet) have been installed on the node to be deployed.
The node to be deployed can properly pull Docker images.

Procedure

Set the Kubernetes master node during initialization.

In this section, the 10.244.0.0/16 network segment is used as the network driver CIDR and the default gateway is used as the network broadcast address. If you need to specify another network segment, modify the command accordingly.

        
             kubeadm init --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

After the initialization is complete, information in Figure 1 and Figure 2 are displayed. Check whether the pods information of the Kubernetes cluster is normal and whether the node status is NotReady. Back up the kubeadm join command in the output for future use. Then, deploy the network plane.

Figure 1 Successful initialization of the active Kubernetes node

Figure 2 Initialization status of the active Kubernetes node

Edit the Calico deployment YAML file.
Download the calico.yaml and calicoctl.yaml deployment files. The BGP IPIP mode recommended by Calico is deployed by default and you do not need to modify the configuration file. If you need to deploy the Calico component in VxLAN Only mode, see OVS Network Plane Management.

Deploy cluster network components.
Use kubectl to deploy cluster network components.
```
kubectl apply -f calico.yaml
kubectl apply -f calicoctl.yaml
alias calicoctl="kubectl exec -i -n kube-system calicoctl -- /calicoctl"
```
After the deployment is complete, the coredns service is in the Running state and the node is in the Ready state, as shown in Figure 3 and Figure 4.

Figure 3 Calico component installation

Figure 4 Calico component deployment status

Add nodes to the cluster.

On other Kubernetes nodes to be deployed, run the kubeadm join command backed up in Step 2 to add the nodes to be deployed to the Kubernetes cluster.

        
             kubeadm join <master-ip:port> --token <your-token> \
--discovery-token-ca-cert-hash sha256:<your-sha256-ca>

After the cluster nodes are added, "This node has joined the cluster" is displayed, as shown in Figure 5. The Calico component networking procedure is complete.

Figure 5 Adding nodes on the Calico network

Network Verification

Copy the following content and edit the Nginx deployment test YAML file to test the intra-node and cross-node communication capability.

        
         
           
           
             apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-arm-deployment
spec:
  selector:
    matchLabels:
      app: arm64v8_nginx
  replicas: 5
  template:
    metadata:
      labels:
        app: arm64v8_nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

            

          

        
       

Run the kubectl command to deploy the Nginx service. If information shown in Figure 6 is displayed, the Nginx service is running properly and the IP address has been allocated.
1

kubectl apply -f nginx.yaml
Figure 6 Calico networking service deployment test

Check that the node routing information and OVS bridge status are normal, as shown in Figure 7. Calico has configured the addresses in the IP pool for the container space. All service ports are mapped to Calico components in veth pair mode. Intra-node and inter-node communication can be implemented through routes.

Figure 7 Routing and workload of Calico network nodes

Parent topic: Networking Operation Practice