Update Calico and Canal

- Updating to use calico-node v2.6.7
- A few updates to their manifests too
This commit is contained in:
Erik Stidham 2018-02-05 13:34:59 -06:00
parent 4175431dcd
commit 60bfc56e8e
3 changed files with 31 additions and 4 deletions

View file

@ -29,9 +29,9 @@ kubeadm_version: "{{ kube_version }}"
etcd_version: v3.2.4
# TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults
# after migration to container download
calico_version: "v2.6.2"
calico_version: "v2.6.7"
calico_ctl_version: "v1.6.1"
calico_cni_version: "v1.11.0"
calico_cni_version: "v1.11.2"
calico_policy_version: "v1.0.0"
calico_rr_version: "v0.4.0"
flannel_version: "v0.10.0"

View file

@ -28,6 +28,9 @@ spec:
tolerations:
- effect: NoSchedule
operator: Exists
# Minimize downtime during a rolling upgrade or deletion; tell Kubernetes to do a "force
# deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods.
terminationGracePeriodSeconds: 0
containers:
# Runs calico/node container on each Kubernetes node. This
# container programs network policy and routes on each
@ -53,6 +56,11 @@ spec:
configMapKeyRef:
name: calico-config
key: cluster_type
# Set noderef for node controller.
- name: CALICO_K8S_NODE_REF
valueFrom:
fieldRef:
fieldPath: spec.nodeName
# Disable file logging so `kubectl logs` works.
- name: CALICO_DISABLE_FILE_LOGGING
value: "true"

View file

@ -148,14 +148,21 @@ spec:
name: canal-config
key: etcd_endpoints
# Disable Calico BGP. Calico is simply enforcing policy.
- name: CALICO_NETWORKING
value: "false"
- name: CALICO_NETWORKING_BACKEND
value: "none"
# Cluster type to identify the deployment type
- name: CLUSTER_TYPE
value: "kubespray,canal"
# Disable file logging so `kubectl logs` works.
- name: CALICO_DISABLE_FILE_LOGGING
value: "true"
# Set noderef for node controller.
- name: CALICO_K8S_NODE_REF
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: FELIX_HEALTHENABLED
value: "true"
# Etcd SSL vars
- name: ETCD_CA_CERT_FILE
valueFrom:
@ -178,6 +185,18 @@ spec:
fieldPath: spec.nodeName
securityContext:
privileged: true
livenessProbe:
httpGet:
path: /liveness
port: 9099
periodSeconds: 10
initialDelaySeconds: 10
failureThreshold: 6
readinessProbe:
httpGet:
path: /readiness
port: 9099
periodSeconds: 10
volumeMounts:
- mountPath: /lib/modules
name: lib-modules