How to configure Calico Node IP Autodetection with Specific CIDRs

Article Number: 000021922

Environment

Rancher 2.x

RKE2

Situation

In environments where Kubernetes nodes (e.g., RKE2) have multiple network interfaces or IP addresses, it's often necessary to explicitly tell the Container Network Interface (CNI), such as Calico, which IP address to use for its internal communication and pod networking. If Calico automatically selects an incorrect interface (e.g., the interface of a management network instead of the intended data network), it can lead to network connectivity issues for pods or between nodes.

Resolution

Add the below config in the downstream cluster under the Additional Manifest tab in the Rancher UI during the creation to adjust the auto detection method for Calico:

apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
  name: rke2-calico
  namespace: kube-system
spec:
  valuesContent: |-
    installation:
      calicoNetwork:
        nodeAddressAutodetectionV4:
          firstFound: false
          cidrs:
            - "192.168.1.0/24" # Replace with your target CIDR