From 6ec45b10f142c963c51981078c1eca02255b2067 Mon Sep 17 00:00:00 2001 From: Kevin Lefevre Date: Mon, 16 Oct 2017 08:11:38 +0200 Subject: [PATCH] Update network-plugins to use portmap plugin (#1763) Portmap allow to use hostPort with CNI plugins. Should fix #1675 --- roles/network_plugin/calico/tasks/main.yml | 4 +- .../calico/templates/cni-calico.conf.j2 | 28 ------------- .../calico/templates/cni-calico.conflist.j2 | 39 +++++++++++++++++++ roles/network_plugin/canal/tasks/main.yml | 4 +- .../canal/templates/cni-canal.conf.j2 | 15 ------- .../canal/templates/cni-canal.conflist.j2 | 26 +++++++++++++ .../flannel/templates/cni-flannel.yml.j2 | 2 +- 7 files changed, 70 insertions(+), 48 deletions(-) delete mode 100644 roles/network_plugin/calico/templates/cni-calico.conf.j2 create mode 100644 roles/network_plugin/calico/templates/cni-calico.conflist.j2 delete mode 100644 roles/network_plugin/canal/templates/cni-canal.conf.j2 create mode 100644 roles/network_plugin/canal/templates/cni-canal.conflist.j2 diff --git a/roles/network_plugin/calico/tasks/main.yml b/roles/network_plugin/calico/tasks/main.yml index 3889e801c..f1fdbab21 100644 --- a/roles/network_plugin/calico/tasks/main.yml +++ b/roles/network_plugin/calico/tasks/main.yml @@ -15,8 +15,8 @@ - name: Calico | Write Calico cni config template: - src: "cni-calico.conf.j2" - dest: "/etc/cni/net.d/10-calico.conf" + src: "cni-calico.conflist.j2" + dest: "/etc/cni/net.d/10-calico.conflist" owner: kube - name: Calico | Create calico certs directory diff --git a/roles/network_plugin/calico/templates/cni-calico.conf.j2 b/roles/network_plugin/calico/templates/cni-calico.conf.j2 deleted file mode 100644 index 892391d11..000000000 --- a/roles/network_plugin/calico/templates/cni-calico.conf.j2 +++ /dev/null @@ -1,28 +0,0 @@ -{ - "name": "calico-k8s-network", -{% if cloud_provider is defined %} - "nodename": "{{ calico_kubelet_name.stdout }}", -{% else %} - "nodename": "{{ ansible_hostname }}", -{% endif %} - "type": "calico", - "etcd_endpoints": "{{ etcd_access_addresses }}", - "etcd_cert_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem", - "etcd_key_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem", - "etcd_ca_cert_file": "{{ etcd_cert_dir }}/ca.pem", - "log_level": "info", - "ipam": { - "type": "calico-ipam" - }, -{% if enable_network_policy %} - "policy": { - "type": "k8s" - }, -{% endif %} -{% if calico_mtu is defined and calico_mtu is number %} - "mtu": {{ calico_mtu }}, -{% endif %} - "kubernetes": { - "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml" - } -} diff --git a/roles/network_plugin/calico/templates/cni-calico.conflist.j2 b/roles/network_plugin/calico/templates/cni-calico.conflist.j2 new file mode 100644 index 000000000..abe43f7f7 --- /dev/null +++ b/roles/network_plugin/calico/templates/cni-calico.conflist.j2 @@ -0,0 +1,39 @@ +{ + "name": "cni0", + "cniVersion":"0.3.1", + "plugins":[ + { + {% if cloud_provider is defined %} + "nodename": "{{ calico_kubelet_name.stdout }}", + {% else %} + "nodename": "{{ ansible_hostname }}", + {% endif %} + "type": "calico", + "etcd_endpoints": "{{ etcd_access_addresses }}", + "etcd_cert_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem", + "etcd_key_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem", + "etcd_ca_cert_file": "{{ etcd_cert_dir }}/ca.pem", + "log_level": "info", + "ipam": { + "type": "calico-ipam" + }, + {% if enable_network_policy %} + "policy": { + "type": "k8s" + }, + {% endif %} + {% if calico_mtu is defined and calico_mtu is number %} + "mtu": {{ calico_mtu }}, + {% endif %} + "kubernetes": { + "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml" + } + }, + { + "type":"portmap", + "capabilities":{ + "portMappings":true + } + } + ] +} diff --git a/roles/network_plugin/canal/tasks/main.yml b/roles/network_plugin/canal/tasks/main.yml index 6d062cc15..aaa7c2a16 100644 --- a/roles/network_plugin/canal/tasks/main.yml +++ b/roles/network_plugin/canal/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: Canal | Write Canal cni config template: - src: "cni-canal.conf.j2" - dest: "/etc/cni/net.d/10-canal.conf" + src: "cni-canal.conflist.j2" + dest: "/etc/cni/net.d/10-canal.conflist" owner: kube - name: Canal | Create canal certs directory diff --git a/roles/network_plugin/canal/templates/cni-canal.conf.j2 b/roles/network_plugin/canal/templates/cni-canal.conf.j2 deleted file mode 100644 index b47d7f9dd..000000000 --- a/roles/network_plugin/canal/templates/cni-canal.conf.j2 +++ /dev/null @@ -1,15 +0,0 @@ -{ - "name": "canal-k8s-network", - "type": "flannel", - "delegate": { - "type": "calico", - "etcd_endpoints": "{{ etcd_access_addresses }}", - "log_level": "info", - "policy": { - "type": "k8s" - }, - "kubernetes": { - "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml" - } - } -} diff --git a/roles/network_plugin/canal/templates/cni-canal.conflist.j2 b/roles/network_plugin/canal/templates/cni-canal.conflist.j2 new file mode 100644 index 000000000..04a88c5b9 --- /dev/null +++ b/roles/network_plugin/canal/templates/cni-canal.conflist.j2 @@ -0,0 +1,26 @@ +{ + "name": "cni0", + "cniVersion":"0.3.1", + "plugins":[ + { + "type": "flannel", + "delegate": { + "type": "calico", + "etcd_endpoints": "{{ etcd_access_addresses }}", + "log_level": "info", + "policy": { + "type": "k8s" + }, + "kubernetes": { + "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml" + } + } + }, + { + "type":"portmap", + "capabilities":{ + "portMappings":true + } + } + ] +} diff --git a/roles/network_plugin/flannel/templates/cni-flannel.yml.j2 b/roles/network_plugin/flannel/templates/cni-flannel.yml.j2 index 165395c24..d26f04349 100644 --- a/roles/network_plugin/flannel/templates/cni-flannel.yml.j2 +++ b/roles/network_plugin/flannel/templates/cni-flannel.yml.j2 @@ -10,7 +10,7 @@ metadata: data: cni-conf.json: | { - "name":"cbr0", + "name":"cni0", "cniVersion":"0.3.1", "plugins":[ {