Azure
About Calico Enterprise on Azure
You can use Calico Enterprise policy with one of the following networking options.
-
Azure user-defined routes: This option provides networking without overlays. Disable Calico Enterprise networking by setting
CALICO_NETWORKING_BACKENDtononeincnx-node. (Also called "policy-only mode".) Refer to Configuring cnx-node and Azure user-defined routes for more information. -
Calico VXLAN: Install Calico Enterprise using VXLAN encapsulation for pod traffic.
-
Azure CNI IPAM plug-in: Configure Calico Enterprise to use the Azure CNI plug-in instead of the Calico Enterprise CNI plug-in.
Azure user-defined routes
To configure Azure user-defined routes (UDR):
-
Create an Azure route table and associate it with the VMs subnet.
-
Enable IP forwarding enabled in your VM network interfaces.
On Kubernetes, also complete the following.
-
Ensure that the selected pod's subnet is a part of your Azure virtual network IP range.
-
Include the name of your routing table in the configuration file of your Kubernetes Azure cloud provider.
Does Azure support Calico Enterprise networking?
Calico in VXLAN mode is supported on Azure. However, IPIP packets are blocked by the Azure network fabric.