Version: 3.18 (latest)

Google Compute Engine

To deploy Calico Enterprise in Google Compute Engine (GCE), you must ensure that traffic between containers on different hosts is not dropped by the GCE fabric. There are a few different options for doing this depending on your deployment.

IP-in-IP encapsulation

Container traffic routing can be enabled by setting IP-in-IP encapsulation and NAT outgoing on the configured Calico Enterprise IP pools.

See the IP pool configuration reference for information on how to configure Calico Enterprise IP pools.

GCE cloud routes

Traffic routing in GCE can be achieved by utilizing GCE cloud routes and running Calico Enterprise in policy-only mode. Kubernetes GCE cloud provider integration simplifies route configuration by enabling Kubernetes to handle creating routes.

Enabling workload-to-WAN traffic

To allow Calico Enterprise networked containers to reach resources outside of GCE, you must configure outgoing NAT on your Calico Enterprise IP pool.

Google Compute Engine

IP-in-IP encapsulation​

GCE cloud routes​

Enabling workload-to-WAN traffic​

IP-in-IP encapsulation

GCE cloud routes

Enabling workload-to-WAN traffic