System requirements
Node requirements
-
AMD64 processor
-
Linux kernel 3.10 or later with required dependencies. The following distributions have the required kernel, its dependencies, and are known to work well with Calico and OpenShift.
- RedHat Linux 7
- CentOS 7
Key/value store
Calico master requires a key/value store accessible by all Calico components. On OpenShift, Calico can share an etcdv3 cluster with OpenShift, or you can set up an etcdv3 cluster dedicated to Calico.
Network requirements
Ensure that your hosts and firewalls allow the necessary traffic based on your configuration.
| Configuration | Host(s) | Connection type | Port/protocol |
|---|---|---|---|
| Calico networking (BGP) | All | Bidirectional | TCP 179 |
| Calico networking with IP-in-IP enabled (default) | All | Bidirectional | IP-in-IP, often represented by its protocol number 4 |
| All | etcd hosts | Incoming | Officially TCP 2379 but can vary |
| All | kube-apiserver host | Incoming | Often TCP 443 or 8443* |
* The value passed to kube-apiserver using the --secure-port flag. If you cannot locate this, check the targetPort value returned by kubectl get svc kubernetes -o yaml.
OpenShift requirements
Calico master supports:
- OpenShift Origin 3.6 and 3.7
- OpenShift Container Platform 3.6 and 3.7
Refer to the OpenShift documentation for additional requirements.
Kernel dependencies
Tip: If you are using one of the recommended distributions, you will already satisfy these.
nf_conntrack_netlinksubsystemip_tables(for IPv4)ip6_tables(for IPv6)ip_setxt_setipt_setipt_rpfilteript_REJECTipip(if using Calico networking)