Gravity and Calico

Hello,

It seems at one time the older docs mentioned calico based on this https://github.com/gravitational/gravity/pull/14. The newer 6.x doesn’t seem to. Can I run calico on a gravity cluster? What should my cluster YAML file look like to build a k8s cluster that has calico on it? I want to leverage network policy and I prefer calico for features and because it’s the reference implementation that the k8s folks use to do design k8s network policy, at least not long ago it was.

Thanks
Bob

Calico / Canal isn’t currently offered as a supported deployment, so YMMV.

It should be possible to run Canal on the cluster, just by installing it. However, the usual problem is the quick look I take suggests the Canal reference yamls use privileged containers which we prevent in gravity. So the objects would need to be tweaked for fine grained permissions. If you want full on calico and not just the policy controller, there are networkInstall / networkUpgrade / networkRollback hooks that can be used to install an alternate network controller. But again this isn’t something we officially support, so YMMV.