Azure

About Calico Cloud on Azure

You can use Calico Cloud policy with one of the following networking options.

• Azure user-defined routes: This option provides networking without overlays. Disable Calico Cloud networking by setting CALICO_NETWORKING_BACKEND to none in cnx-node. (Also called "policy-only mode".) Refer to Configuring cnx-node and Azure user-defined routes for more information.

• Calico VXLAN: Install Calico Cloud using VXLAN encapsulation for pod traffic.

• Azure CNI IPAM plug-in: Configure Calico Cloud to use the Azure CNI plug-in instead of the Calico Cloud CNI plug-in.

Azure user-defined routes

To configure Azure user-defined routes (UDR):

• Create an Azure route table and associate it with the VMs subnet.

• Enable IP forwarding enabled in your VM network interfaces.

On Kubernetes, also complete the following.

• Ensure that the selected pod's subnet is a part of your Azure virtual network IP range.

• Include the name of your routing table in the configuration file of your Kubernetes Azure cloud provider.

Does Azure support Calico Cloud networking?

Calico in VXLAN mode is supported on Azure. However, IPIP packets are blocked by the Azure network fabric.