System requirements
Step 1: Verify cluster​
Verify that your cluster meets these requirements.
| Required | Supported |
|---|---|
| Platforms | All of the Calico Open Source Kubernetes deployments, except: - OpenShift - IBM Cloud Kubernetes Service (IKS) - K3s - Most clusters with Windows nodes. (We support Windows nodes on AKS.) - RKE |
| Architecture | Only AMD64 |
| Kubernetes version | - Minimum: v1.23 - Maximum: v1.28 If you have a later version than the maximum, contact Support. |
| CNIs | - Calico CNI v3.15 to v3.26 - Amazon VPC CNI - Azure CNI - GKE CNI |
| Browsers for Manager UI | Calico Cloud supports the latest version and "latest minus one" versions of the following browsers: - Chrome - Safari - Firefox |
Step 2: Verify cluster is not managed by a Kubernetes reconciler​
Calico Cloud cannot be installed on clusters that are managed by any kind of Kubernetes reconciler (for example, Addon-manager). To verify, look for an annotation called addonmanager.kubernetes.io/mode on either of the following resources. (The resources may not exist).
tigera-operatordeployment in thetigera-operatornamespace (Installation on AKS may still work if the mode is Reconcile, see AKS for an additional check.)calico-nodedaemonset in thekube-systemnamespace
If the following command finds addonmanager on either of the resources, then Addon-manager is being used. Find a different cluster to use.
kubectl get <type> -n <namespace> <resource-name> -o yaml | grep ' addonmanager.kubernetes.io/mode:'
Step 3: Prepare your infrastructure to connect to Calico Cloud​
Pods running in your Kubernetes cluster must allow outbound traffic to the following endpoints:
https://installer.calicocloud.io:443/*https://www.calicocloud.io:443/api/*- TCP to
<management-cluster>.calicocloud.io:9000
For each node, Docker must be able to pull images from the following endpoints:
quay.iocdn01.quay.iocdn02.quay.ious-docker.pkg.dev
These connections must be allowed by your Kubernetes cluster and also by the rest of your infrastructure. You won't be able to use Calico Cloud if other elements of your infrastructure, such as firewalls or security groups, restrict access to these endpoints.
Step 4: Verify platform-specific requirements​
If you using one of the following platforms, review further requirements. Otherwise, you are ready to connect your cluster in Manager UI: go to Managed clusters, and click Connect.