Adding kube-proxy-replacement support in cilium (#6334)

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
This commit is contained in:
Arthur Outhenin-Chalandre 2020-07-30 11:46:31 +02:00 committed by GitHub
parent 8425c2363b
commit 3550e3c145
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 30 additions and 2 deletions

View file

@ -68,6 +68,11 @@ packet_ubuntu16-kube-router-svc-proxy:
extends: .packet extends: .packet
when: manual when: manual
packet_debian10-cilium-svc-proxy:
stage: deploy-part2
extends: .packet
when: manual
packet_debian10-containerd: packet_debian10-containerd:
stage: deploy-part2 stage: deploy-part2
extends: .packet extends: .packet

View file

@ -9,7 +9,7 @@ To generate this Matrix run `./tests/scripts/md-table/main.py`
amazon | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | amazon | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
centos7 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: | centos7 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: |
centos8 | :white_check_mark: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: | centos8 | :white_check_mark: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: |
debian10 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | debian10 | :x: | :x: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: |
debian9 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | debian9 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: |
fedora30 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | fedora30 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: |
fedora31 | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: | :x: | fedora31 | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: | :x: |

View file

@ -27,7 +27,14 @@ kubeadm_use_hyperkube_image: False
kube_proxy_mode: ipvs kube_proxy_mode: ipvs
## Delete kube-proxy daemonset if kube_proxy_remove set, e.g. kube_network_plugin providing proxy services ## Delete kube-proxy daemonset if kube_proxy_remove set, e.g. kube_network_plugin providing proxy services
kube_proxy_remove: "{{ (kube_network_plugin == 'kube-router') and (kube_router_run_service_proxy is defined and kube_router_run_service_proxy)| bool }}" kube_proxy_remove: >-
{%- if kube_network_plugin == 'kube-router' -%}
{{ (kube_router_run_service_proxy is defined and kube_router_run_service_proxy)| bool }}
{%- elif kube_network_plugin == 'cilium' -%}
{{ (cilium_kube_proxy_replacement is defined and cilium_kube_proxy_replacement == 'strict')| bool }}
{%- else -%}
false
{%- endif -%}
# A string slice of values which specify the addresses to use for NodePorts. # A string slice of values which specify the addresses to use for NodePorts.
# Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32). # Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32).

View file

@ -26,6 +26,8 @@ cilium_enable_prometheus: false
cilium_enable_portmap: false cilium_enable_portmap: false
# Monitor aggregation level (none/low/medium/maximum) # Monitor aggregation level (none/low/medium/maximum)
cilium_monitor_aggregation: medium cilium_monitor_aggregation: medium
# Kube Proxy Replacement mode (strict/probe/partial)
cilium_kube_proxy_replacement: probe
# If upgrading from Cilium < 1.5, you may want to override some of these options # If upgrading from Cilium < 1.5, you may want to override some of these options
# to prevent service disruptions. See also: # to prevent service disruptions. See also:

View file

@ -140,3 +140,5 @@ data:
# Enable legacy services (prior v1.5) to prevent from terminating existing # Enable legacy services (prior v1.5) to prevent from terminating existing
# connections with services when upgrading Cilium from < v1.5 to v1.5. # connections with services when upgrading Cilium from < v1.5 to v1.5.
enable-legacy-services: "{{cilium_enable_legacy_services}}" enable-legacy-services: "{{cilium_enable_legacy_services}}"
kube-proxy-replacement: "{{ cilium_kube_proxy_replacement }}"

View file

@ -0,0 +1,12 @@
---
# Instance settings
cloud_image: debian-10
mode: separate
# Kubespray settings
kube_network_plugin: cilium
deploy_netchecker: true
enable_network_policy: true
dns_min_replicas: 1
cilium_kube_proxy_replacement: strict