Warning: You're not viewing the latest copy of this page.

Enabling IPVS in Kubernetes

Calico has support for kube-proxy’s ipvs proxy mode. Calico ipvs support is activated automatically if Calico detects that kube-proxy is running in that mode.

ipvs mode provides greater scale and performance vs iptables mode. However, it comes with some limitations. In IPVS mode:

Calico requires additional iptables packet mark bits in order to track packets as they pass through IPVS.
Calico needs to be configured with the port range that is assigned to Kubernetes NodePorts. If services do use NodePorts outside Calico’s expected range, Calico will treat traffic to those ports as host traffic instead of pod traffic.
Calico does not support Kubernetes services that make use of a locally-assigned ExternalIP. Calico does support ExternalIPs that are implemented via an external load balancer.

Calico will detect if you change kube-proxy’s proxy mode after Calico has been deployed. Any Kubernetes ipvs-specific configuration needs to be configured before changing the kube-proxy proxy mode to ipvs.

Rate this Page:

Provide Feedback Get Help via Slack Training