Toggle nav

Binary install without package manager

Big picture

Install Calico binary on non-cluster hosts without a package manager.

Value

Install Calico directly when a package manager isn’t available, or your provisioning system can easily handle copying binaries to hosts.

Before you begin…

1. Ensure the Calico datastore is up and accessible from the host
2. Ensure the host meets the minimum system requirements
3. If you want to install Calico with networking (so that you can communicate with cluster workloads), you should choose the container install method
4. Install and configure calicoctl

How to

This guide covers installing Felix, the Calico daemon that handles network policy.

Step 1: Download and extract the binary

This step requires Docker, but it can be run from any machine with Docker installed. It doesn’t have to be the host you will run it on (i.e your laptop is fine).

1. Use the following command to download the calico/node image.

   docker pull calico/node:v3.16.10
   

2. Confirm that the image has loaded by typing docker images.

   REPOSITORY       TAG           IMAGE ID       CREATED         SIZE
   calico/node      v3.16.10        e07d59b0eb8a   2 minutes ago   42MB
   

3. Create a temporary calico/node container.

   docker create --name container calico/node:v3.16.10
   

4. Copy the calico-node binary from the container to the local file system.

   docker cp container:/bin/calico-node calico-node
   

5. Delete the temporary container.

   docker rm container
   

6. Set the extracted binary file to be executable.

   chmod +x calico-node
   

Step 2: Copy the calico-node binary

Copy the binary from Step 1 to the target machine, using any means (scp, ftp, USB stick, etc.).

Step 3: Create environment file

Use the following guidelines and sample file to define the environment variables for starting Calico on the host. For more help, see the Felix configuration reference.

For an etcdv3 datastore set the following

For a Kubernetes datastore set the following

Sample EnvironmentFile - save to /etc/calico/calico.env

FELIX_DATASTORETYPE=etcdv3
FELIX_ETCDENDPOINTS=https://calico-datastore.example.com:2379
FELIX_ETCDCAFILE="/pki/ca.pem"
FELIX_ETCDCERTFILE="/pki/client-cert.pem"
FELIX_ETCDKEYFILE="/pki/client-key.pem"

Step 4: Create a start-up script

Felix should be started at boot by your init system and the init system must be configured to restart Felix if it stops. Felix relies on that behavior for certain configuration changes.

If your distribution uses systemd, then you could use the following unit file:

[Unit]
Description=Calico Felix agent
After=syslog.target network.target

[Service]
User=root
EnvironmentFile=/etc/calico/calico.env
ExecStartPre=/usr/bin/mkdir -p /var/run/calico
ExecStart=/usr/local/bin/calico-node -felix
KillMode=process
Restart=on-failure
LimitNOFILE=32000

[Install]
WantedBy=multi-user.target

Once you’ve configured Felix, start it up via your init system.

service calico-felix start

Step 5: Initialize the datastore

You should configure a node resource for each host running Felix. In this case, the database is initialized after creating the first node resource. For a deployment that does not include the Calico/BGP integration, the specification of a node resource just requires the name of the node; for most deployments this will be the same as the hostname.

calicoctl create -f - <<EOF
- apiVersion: projectcalico.org/v3
  kind: Node
  metadata:
    name: <node name or hostname>
EOF

The Felix logs should transition from periodic notifications that Felix is in the state wait-for-ready to a stream of initialization messages.