Cilium integration with Flannel (beta)

Cilium integration with Flannel (beta)

Warning

Since availability of CNI Chaining the recommended way to run Cilium on top of Flannel is Generic Veth Chaining.

This guide contains the necessary steps to run Cilium on top of your Flannel cluster.

If you have a cluster already set up with Flannel you will not need to install Flannel again.

This Cilium integration with Flannel was performed with Flannel 0.10.0 and Kubernetes >= 1.9. If you find any issues with previous Flannel versions please feel free to reach out to us to help you.

Note

This is a beta feature. Please provide feedback and file a GitHub issue if you experience any problems.

Flannel installation

NOTE: If kubeadm is used, then pass --pod-network-cidr=10.244.0.0/16 to kubeadm init to ensure that the podCIDR is set.

kubectl apply -f  https://raw.githubusercontent.com/cilium/cilium/v1.9/examples/kubernetes/addons/flannel/flannel.yaml

Wait until all pods to be in ready state before preceding to the next step.

Cilium installation

Note

First, make sure you have Helm 3 installed. Helm 2 is no longer supported.

Setup Helm repository:

helm repo add cilium https://helm.cilium.io/

Deploy Cilium release via Helm:

helm install cilium cilium/cilium --version 1.9.8 \
  --namespace kube-system \
  --set flannel.enabled=true

Set flannel.uninstallOnExit=true if you want Cilium to uninstall itself when the Cilium pod is stopped.

If the Flannel bridge has a different name than cni0, you must specify the name by setting flannel.masterDevice=....

Cilium might not come up immediately on all nodes, since Flannel only sets up the bridge network interface that connects containers with the outside world when the first container is created on that node. In this case, Cilium will wait until that bridge is created before marking itself as Ready.

Limitations

Flannel chaining lacks support of the following:

L7 policy enforcement