DirectorySecurity advisories
Sign in

Directory

calico-apiserver logo

calico-apiserver

Last changed
Get started with latest for free
docker pull cgr.dev/chainguard/calico-apiserver

Need access to a specific version? Contact us.

Sign in for updates

Get notified of upcoming product changes, critical vulnerability notifications and patches and more.

Sign in
Versions
Overview
Provenance
Specifications
SBOM
Vulnerabilities
Advisories

Calico is a networking and security solution that enables Kubernetes workloads and non-Kubernetes/legacy workloads to communicate seamlessly and securely.

Download this Image

The image is available on cgr.dev:

docker pull cgr.dev/chainguard/calico:latest

Installation

There are several ways you can install Calico onto a Kubernetes cluster. This document follows method recommended in the official Calico documentation which involves using the Tigera Calico operator.

After setting up and connecting to the Kubernetes cluster where you want to install Calico, install the Tigera Calico operator and custom resource definitions (CRDs).

kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.4/manifests/tigera-operator.yaml

Then apply the following YAML manifest to create two CRDs.

---
# ImageSet
apiVersion: operator.tigera.io/v1
kind: ImageSet
metadata:
  name: calico-v3.26.1
spec:
  images:
    - image: calico/node
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-node:latest)
    - image: calico/cni
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-cni:latest)
    - image: calico/kube-controllers
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-kube-controllers:latest)
    - image: calico/pod2daemon-flexvol
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-pod2daemon-flexvol:latest)
    - image: calico/csi
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-csi:latest)
    - image: calico/typha
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-typha:latest)
    - image: calico/node-driver-registrar
      digest: ... # Replace with $(crane digest cgr.dev/chainguard/calico-node-driver-registrar:latest)
    # This isn't used on Linux, but it needs to have a value containing a valid digest.
    - image: calico/windows-upgrade
      digest: sha256:0000000000000000000000000000000000000000000000000000000000000000

---
# Installation
apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
  name: default
spec:
  variant: Calico
  registry: cgr.dev
  imagePath: chainguard
  imagePrefix: calico-

The combination of these ImageSet and Installation CRDs serve as a drop in replacement for Step 2 of the upstream documentation. Together, these correctly rename the Calico images to their cgr.dev variants.

After creating the CRDs, you can ensure that the pods are running with a command like the following.

kubectl get pods -n calico-system
Licenses

Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:

  • MIT

  • Apache-2.0

  • LGPL-2.1-or-later

  • MIT

  • MPL-2.0

For a complete list of licenses, please refer to this Image's SBOM.

Software license agreement 
Related images
Category
application
kubernetes

Products

Chainguard Images

Developer

Open sourceDocs

Resources

Unchained blogChainguard LabsCustomer storiesScannersSecurityEducation

Company

AboutNewsroomCareersChainguard loveLegalContact

Follow

TwitterGitHubLinkedInTikTok

© 2024 Chainguard, Inc.