Add note on supported data planes for non-cluster hosts#2790
Add note on supported data planes for non-cluster hosts#2790alexh-tigera wants to merge 1 commit into
Conversation
✅ Deploy Preview for calico-docs-preview-next ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
❌ Deploy Preview for tigera failed. Why did it fail? →Built without sensitive environment variables
|
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds documentation clarifying which Calico data planes are supported for non-cluster hosts/VMs in bare-metal getting-started docs.
Changes:
- Introduces a new “Supported Data Planes” section for non-cluster hosts.
- Adds a compatibility table mapping OS versions to cluster vs non-cluster host data planes.
| BPF is not supported on a non-cluster host, but they are able to connect to a | ||
| BPF cluster. By default they will use nftables, but can be configured to use | ||
| iptables. |
| BPF cluster. By default they will use nftables, but can be configured to use | ||
| iptables. | ||
|
|
||
| | OS | Cluster Data Plane | Non Cluster Host Data Plane | |
| | RHEL 8 | \* | iptables | | ||
| | RHEL 9+ | \* | nftables (default) / iptables | | ||
| | Ubuntu | \* | nftables (default) / iptables | | ||
| | Debian | \* | nftables (default) / iptables | |
b6f7f61 to
fef3851
Compare
| | OS | Cluster Data Plane | Non-Cluster Host Data Plane | | ||
| | :-----: | :----------------: | :---------------------------: | | ||
| | RHEL 8 | Any | iptables | | ||
| | RHEL 9+ | Any | nftables (default) / iptables | | ||
| | Ubuntu | Any | nftables (default) / iptables | | ||
| | Debian | Any | nftables (default) / iptables | |
| BPF is not supported on a non-cluster host, but non-cluster hosts are able to | ||
| connect to a BPF cluster. By default a non-cluster host connecting to a BPF | ||
| cluster will use nftables, but can be configured to use iptables. |
| | RHEL 8 | Any | iptables | | ||
| | RHEL 9+ | Any | nftables (default) / iptables | | ||
| | Ubuntu | Any | nftables (default) / iptables | | ||
| | Debian | Any | nftables (default) / iptables | |
| @@ -58,6 +58,19 @@ To learn how to restrict traffic to/from hosts and VMs using Calico network poli | |||
| - Your operating system includes the `ipset` and `conntrack` kernel dependencies. | |||
| - For everything else, your non-cluster host or VM meets $[prodname] [system requirements](../install-on-clusters/requirements.mdx) | |||
ctauchen
left a comment
There was a problem hiding this comment.
A small thing about OS support.
Do you intend to backport this for older versions? That would probably make sense, with adjustments for supported versions.
|
|
||
| | OS | Cluster Data Plane | Non-Cluster Host Data Plane | | ||
| | :-----: | :----------------: | :---------------------------: | | ||
| | RHEL 8 | Any | iptables | |
There was a problem hiding this comment.
RHEL 8 is being removed for 3.23+. If you use this table for earlier versions, I suggest you include the (default) marker for iptables for RHEL 8, for consitency.
Product Version(s):
Calico Enterprise v3.24+
Link to docs preview:
SME review:
DOCS review:
Additional information:
Adds a note on the supported data planes for non-cluster hosts.
We never explicitly called out the data plane supported by non cluster hosts, and https://github.com/tigera/calico-private/pull/12294 now sets up the packages to handle it properly.
Merge checklist: