Requirements

✓ Install: Manifest install for Kubernetes clusters

✓ Platforms: Kubernetes, OpenShift, RKE, EKS, AKS

✓ Networking:

The following table summarizes the networking options and considerations.

note

If Calico CNI with VXLAN is used, BGP must be disabled. See the installation reference.

See the .

Earlier versions may work, but we do not actively test Calico for Windows against them, and they may have known issues and incompatibilities.

At least one Linux Kubernetes worker node to run Calico’s cluster-wide components that meets , and is installed with Calico v3.12+.
VXLAN or BGP without encapsulation is supported if using Calico CNI. IPIP (Calico’s default encapsulation mode) is not supported. Use the following command to turn off IPIP.

note

For operator-managed Linux Calico clusters, three Linux worker nodes are required in order to meet high-availability requirements for Typha.

Windows versions:
- Windows Server 1809 (build Build 17763.1432 or greater)
note
Be able to run commands as Administrator using PowerShell.
Container runtime: or containerd is installed and running. If containerd is running, it will be used as the container runtime otherwise Docker is assumed.
Remote access to the Windows node via Remote Desktop Protocol (RDP) or Windows Remote Management (WinRM)
If you are using Calico BGP networking, the RemoteAccess service must be installed for the Windows BGP Router.
Windows nodes support only a single IP pool type (so, if using a VXLAN pool, you should only use VXLAN throughout the cluster).
TLS v1.2 enabled. For example:

The VPC controllers must be installed to run Windows pods.
An instance role on the Windows instance must have permissions to get and get in the calico-system namespace (or kube-system namespace if you are using a non operator-managed Calico installation.)