Skip to main content
Version: 3.27 (latest)

Customize Calico configuration

Big picture

Perform common customizations of a Calico installation.

Concepts

Calico operator

Calico is installed by an operator which manages the installation, upgrade, and general lifecycle of a Calico cluster. The operator is installed directly on the cluster as a Deployment, and is configured through one or more custom Kubernetes API resources.

Calico manifests

Calico can also be installed using raw manifests as an alternative to the operator. The manifests contain the necessary resources for installing Calico on each node in your Kubernetes cluster. Using manifests is not recommended as they cannot automatically manage the lifecycle of the Calico as the operator does. However, manifests may be useful for clusters that require highly specific modifications to the underlying Kubernetes resources.

How to

About customizing an operator install

Operator installations read their configuration from a specific set of Kubernetes APIs. These APIs are installed on the cluster as part of tigera-operator.yaml in the operator.tigera.io/v1 API group.

  • Installation: a singleton resource with name "default" that configures common installation parameters for a Calico cluster.
  • APIServer: a singleton resource with name "default" that configures installation of the Calico API server extension.

Configure the pod IP range

For many environments, Calico will auto-detect the correct pod IP range to use, or select an unused range on the cluster.

You can select a specific pod IP range by modifying the spec.calicoNetwork.ipPools array in the Installation API resource.

kind: Installation
apiVersion: operator.tigera.io/v1
metadata:
name: default
spec:
calicoNetwork:
ipPools:
- cidr: 198.51.100.0/24
note

the ipPools array can take at most one IPv4 and one IPv6 CIDR, and only takes effect when installing Calico for the first time on a given cluster. To add additional pools, see the IPPool API.

Use VXLAN

You can enable VXLAN in a cluster by setting the option on your IPv4 pool. You can also disable BGP via the spec.calicoNetwork.bgp field.

kind: Installation
apiVersion: operator.tigera.io/v1
metadata:
name: default
spec:
calicoNetwork:
bgp: Disabled
ipPools:
- cidr: 198.51.100.0/24
encapsulation: VXLAN