Skip to main content
Calico Cloud documentation

Reference

APIs, CLI, architecture and design, and FAQ.

API and installation references

Tigera API

Learn about the Tigera API and how to use it.

Installation reference

Installation API reference

Image Assurance Installation reference

Image Assurance Installation API reference

REST API Reference

REST API reference

Resource definitions

Resource definitions

Calico Cloud resources (APIs) that you can manage using calicoctl.

BFD configuration

API for this Calico Enterprise resource.

BGP configuration

API for this Calico Cloud resource.

BGP peer

API for this Calico Cloud resource.

BGP Filter

API for this Calico Cloud resource.

Block affinity

IP address management block affinity

Calico node status

API for this Calico resource.

Container admission policy

Resource definition.

Compliance reports

Schedule reports and configure report scope.

Inventory report

API for this resource.

Network Access report

API for this resource.

Policy audit report

API for this resource.

CIS benchmark report

API for this resource.

Deep packet inspection

API for this Calico Cloud resource.

Felix configuration

API for this Calico Enterprise resource.

Egress gateway policy

API for this Calico Enterprise resource.

Global Alert

API for this Calico Enterprise resource.

Global network policy

API for this Calico Cloud resource.

Global network set

API for this Calico Cloud resource.

Global report

API for this Calico Cloud resource.

Global threat feed

API for this Calico Cloud resource.

Host endpoint

API for this Calico Cloud resource.

IP pool

API for this Calico Cloud resource.

IP reservation

API for this Calico resource.

IPAM configuration

IP address management global configuration

License key

API for this Calico Cloud resource.

Kubernetes controllers configuration

API for KubeControllersConfiguration resource.

Managed Cluster

API for this Calico Cloud resource.

Network policy

API for this Calico Cloud resource.

Network set

API for this Calico Cloud resource.

Node

API for this Calico Cloud resource.

PacketCapture

API for this Calico Cloud resource.

Remote cluster configuration

API for this Calico Cloud resource.

RuntimeSecurity

API for this Calico Cloud resource

Security event webhook

API for this Calico Enterprise resource.

Staged Global Network Policy

API for this resource.

Staged Kubernetes Network policy

API for this Calico Cloud resource.

Staged network policy

API for this Calico Cloud resource.

Tier

API for this Calico Cloud resource.

Workload endpoint

API for this Calico Cloud resource.

Component resources

Configuring the Calico Cloud CNI plugins

Details for configuring the Calico Cloud CNI plugins.

Configure resource requests and limits

Configure Resource requests and limits.

Configuring the Calico Cloud Kubernetes controllers

Calico Cloud Kubernetes controllers monitor the Kubernetes API and perform actions based on cluster state.

Prometheus metrics

Review metrics for the kube-controllers component if you are using Prometheus.

Configuring cnx-node

Customize cnx-node using environment variables.

Configuring Felix

Configure Felix, the daemon that runs on every machine that provides endpoints.

Prometheus metrics

Review metrics for the Felix component if you are using Prometheus.

Configuration on public clouds

Amazon Web Services

Advantages of using Calico Cloud in AWS.

Azure

Support for Calico Cloud in Azure.

Google Compute Engine

Methods to ensure that traffic between containers on different hosts is not dropped by GCE fabric.

Host endpoints

Host endpoints

Secure host network interfaces.

Creating policy for basic connectivity

Customize the Calico failsafe policy to protect host endpoints.

Creating host endpoint objects

To protect a host interface, start by creating a host endpoint object in etcd.

Selector-based policies

Apply ordered policies to endpoints that match specific label selectors.

Failsafe rules

Avoid cutting off connectivity to hosts because of incorrect network policies.

Pre-DNAT policy

Apply rules in a host endpoint policy before any DNAT.

Apply on forwarded traffic

Learn the subtleties using the applyOnForward option in host endpoint policies.

Summary of host endpoint policies

How different host endpoint rules affect packet flows.

Connection tracking

Workaround for Linux conntrack if Calico policy is not working as it should.

Architecture

'The Calico Cloud data path: IP routing and iptables'

Learn how packets flow between workloads in a datacenter, or between a workload and the internet.

Calico over Ethernet fabrics

Understand the interconnect fabric options in a Calico network.

Calico over IP fabrics

Understand considerations for implementing interconnect fabrics with Calico.

Other reference topics

Attribution

Attribution report

Frequently asked questions

Common questions that users ask about Calico Enterprise.