Configuring settings to enable Azure Cloud Provider

Configure Calico to manage network policy only mode, and Azure to handle network routes.

Kubernetes settings

  1. Open the config.yaml file in the /<installation_directory>/cluster folder.

  2. Edit your config.yaml file and update the file with the following parameters:

     kube_controller_manager_extra_args:
 - --allocate-node-cidrs=true
 kubelet_extra_args:
 - --enable-controller-attach-detach=true

Calico settings

  1. Open the config.yaml file in the /<installation_directory>/cluster folder.

  2. Edit your config.yaml file and update the file with the following parameters: 

     calico_ip_autodetection_method: can-reach=<ip>
 calico_ipam_subnet: usePodCidr
 calico_ipam_type: host-local
 calico_ipip_enabled: false
 calico_networking_backend: none

View the following table for a description of the parameters:

Parameters Example Description
calico_ip_autodetection_method can-reach= The method to use to autodetect the IPv4 address for this host.

Note: Be sure to review the network documentation on the parameter. See Network settings for more information.
calico_ipam_subnet usePodCidr The IPAM subnet cidr. Set this value to usePodCidr.
calico_ipam_type host-local The filename of the IPAM plugin executable. Set this value to host-local.
calico_ipip_enabled false Allows Calico to be run on IP over IP mode. This setting is also needed in some cloud environment such as OpenStack, where virtual machines are not allowed to work as routers. Set this value to false.
calico_networking_backend none Describes which BGP networking backend to use. Set this value to none.

Azure Provider configuration settings

  1. Open the config.yaml file in the /<installation_directory>/cluster folder.

  2. In your config.yaml file, edit and add the azure key with the following subkeys: 

     azure:
   cloud_provider_conf:
   cloud_provider
    • The cloud_provider_conf section describes the cloud provider settings that are passed to the kubelet service and Kubernetes apiserver.
    • The cloud_provider_controller_conf section describes the settings that are passed to the Kubernetes controller manager.
    • Installing creates the corresponding JSON file with the listed values and placed into the /etc/cfc/conf folder.

  3. In the config.yaml file, update the cloud_provider_conf and cloud_provider_controller_conf key with the Azure cloud provider configuration parameters.

See Azure cloud provider configuration Opens in a new tab documentation for a description of all the supported cloud provider parameters for the Azure provider.

Your config.yaml file might resemble the following content:

  azure:
    cloud_provider_conf:
      resourceGroup: "<name>"
      subscriptionId: "0000000-0000-0000-0000-000000000000"
      tenantId: "0000000-0000-0000-0000-000000000000"
      useManagedIdentityExtension: true
      useInstanceMetadata: true
    cloud_provider_controller_conf:
      aadClientId: "0000000-0000-0000-0000-000000000000"
      aadClientSecret: "0000000-0000-0000-0000-000000000000"
      cloud: "AzurePublicCloud"
      cloudProviderBackoff: false
      location: "eastus"
      resourceGroup: "<name>"
      routeTableName: "<name>"
      securityGroupName: "<name>"
      subscriptionId: "0000000-0000-0000-0000-000000000000"
      subnetName: "<name>"
      tenantId: "0000000-0000-0000-0000-000000000000"
      useManagedIdentityExtension: false
      useInstanceMetadata: true
      vnetName: "<name>"
      vnetResourceGroup: ""

Azure Cloud Provider is enabled.