Static IP to pods in Minikube using Calico CNI

Question

Is it not possible to allot a static IP address to a pod by annotating it while using minikube? I tried but it is not working for me. I followed the below documentation: https://docs.tigera.io/calico/latest/networking/ipam/use-specific-ip I think I have done everything properly as it says in the guide but its not working

I was expecting to see the ip address that I provided in annotation when doing kubectl get pods -o wide but istead, I still see the podip that was there earlier

Answer 1

Did you annotate your pod after it was already running, or before you started it? I found if I annotated a pod after it's already running, the IP address stayed as the original IP address until I restart/replace it.

If I annotate the pod, you can see the annotation applied BUT it still has the original IP:

jlutherthomas@Rezas-MBP ~ % kubectl annotate pods pingtest-pool2 cni.projectcalico.org/ipAddrs='["192.168.1.70"]'
pod/pingtest-pool2 annotated
jlutherthomas@Rezas-MBP ~ % kubectl describe pod pingtest-pool2                                                  
Name:             pingtest-pool2
Namespace:        default
Priority:         0
Service Account:  default
Node:             minikube/192.168.49.2
Start Time:       Thu, 19 Oct 2023 09:33:10 -0700
Labels:           <none>
Annotations:      cni.projectcalico.org/containerID: 240c7a4c27e48c6204515a266262fa81d8414e18cefd745298e76f274610b5eb
                  cni.projectcalico.org/ipAddrs: ["192.168.1.70"]
                  cni.projectcalico.org/podIP: 192.168.0.74/32
                  cni.projectcalico.org/podIPs: 192.168.0.74/32

Here we can see if I restart (replace) the pod, it then uses the correct, assigned IP address:

jlutherthomas@Rezas-MBP ~ % kubectl get pods -o wide           
NAME                        READY   STATUS    RESTARTS   AGE     IP             NODE       NOMINATED NODE   READINESS GATES
pingtest-pool2              1/1     Running   0          3m56s   192.168.0.74   minikube   <none>           <none>
jlutherthomas@Rezas-MBP ~ % kubectl get pod pingtest-pool2 -o yaml | kubectl replace --force -f -
pod "pingtest-pool2" deleted
pod/pingtest-pool2 replaced
jlutherthomas@Rezas-MBP ~ % kubectl get pods -o wide                                             
NAME                        READY   STATUS    RESTARTS   AGE   IP             NODE       NOMINATED NODE   READINESS GATES
pingtest-pool2              1/1     Running   0          4s    192.168.1.70   minikube   <none>           <none>

Attached a screenshot also showing that it works if I created the pod from scratch with the correct annotation: terminal output showing static ip

If you find that following these documentations (set IP pools - test networking) that minikube is not honouring any calico networking settings that you're applying to the cluster then you may have to re-start the minikube cluster with the correct CNI settings (calico doc does need an update):

minikube start --cni=false --network-plugin=cni --extra-config=kubeadm.pod-network-cidr=192.168.0.0/24
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.3/manifests/tigera-operator.yaml
curl -OL https://raw.githubusercontent.com/projectcalico/calico/v3.26.3/manifests/custom-resources.yaml
nano custom-resources.yaml

I changed the block size in the custom resources:

# This section includes base Calico installation configuration.
# For more information, see: https://projectcalico.docs.tigera.io/master/reference/installation/api#operator.tigera.io/v1.Installation
apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
  name: default
spec:
  # Configures Calico networking.
  calicoNetwork:
    # Note: The ipPools section cannot be modified post-install.
    ipPools:
    - blockSize: 26
      cidr: 192.168.0.0/24
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()

---

# This section configures the Calico API server.
# For more information, see: https://projectcalico.docs.tigera.io/master/reference/installation/api#operator.tigera.io/v1.APIServer
apiVersion: operator.tigera.io/v1
kind: APIServer
metadata:
  name: default
spec: {}

Then applied the custom resources. Networking (Calico) worked for me correctly and I had no problem with pod static IPs.