Azure
About Calico on Azure
You can use Calico policy with one of the following networking options.
-
Azure user-defined routes: This option provides networking without overlays. Disable Calico networking by setting
CALICO_NETWORKING_BACKENDtononeincalico/node. (Also called "policy-only mode".) Refer to Configuring calico/node and Azure user-defined routes for more information. -
Calico VXLAN: Install Calico using VXLAN encapsulation for pod traffic.
-
flannel (Kubernetes only): Refer to Installing Calico for policy and flannel for networking for specific instructions and a manifest. This option does use overlays.
-
Azure CNI IPAM plug-in: Configure Calico to use the Azure CNI plug-in instead of the Calico CNI plug-in.
Azure user-defined routes
To configure Azure user-defined routes (UDR):
-
Create an Azure route table and associate it with the VMs subnet.
-
Enable IP forwarding enabled in your VM network interfaces.
On Kubernetes, also complete the following.
-
Ensure that the selected pod's subnet is a part of your Azure virtual network IP range.
-
Include the name of your routing table in the configuration file of your Kubernetes Azure cloud provider.
Does Azure support Calico networking?
Calico in VXLAN mode is supported on Azure. However, IPIP packets are blocked by the Azure network fabric.