Add ConfigMap for basic configuration options
Container settings moved from deamonset yaml to a separate configmap.
This commit is contained in:
parent
fec253abaf
commit
9acb8cd954
6 changed files with 83 additions and 14 deletions
|
@ -19,4 +19,5 @@
|
|||
when: inventory_hostname == groups['kube-master'][0]
|
||||
|
||||
- include: tasks/calico-policy-controller.yml
|
||||
when: enable_network_policy is defined and enable_network_policy == True
|
||||
when: ( enable_network_policy is defined and enable_network_policy == True ) or
|
||||
( kube_network_plugin == 'canal' )
|
||||
|
|
|
@ -1,3 +1,12 @@
|
|||
- name: Create canal ConfigMap
|
||||
run_once: true
|
||||
kube:
|
||||
name: "canal-config"
|
||||
kubectl: "{{bin_dir}}/kubectl"
|
||||
filename: "/etc/kubernetes/canal-config.yaml"
|
||||
resource: "configmap"
|
||||
namespace: "kube-system"
|
||||
|
||||
- name: Start flannel and calico-node
|
||||
run_once: true
|
||||
kube:
|
||||
|
|
|
@ -5,11 +5,9 @@
|
|||
"type": "calico",
|
||||
"etcd_endpoints": "{{ etcd_access_endpoint }}",
|
||||
"log_level": "info",
|
||||
{% if enable_network_policy is defined and enable_network_policy == True %}
|
||||
"policy": {
|
||||
"type": "k8s"
|
||||
},
|
||||
{% endif %}
|
||||
"policy": {
|
||||
"type": "k8s"
|
||||
},
|
||||
"kubernetes": {
|
||||
"kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
|
||||
}
|
||||
|
|
|
@ -5,7 +5,12 @@
|
|||
dest: /etc/flannel-network.json
|
||||
backup: yes
|
||||
|
||||
- name: Canal | Write canal configuration
|
||||
- name: Canal | Write canal configmap
|
||||
template:
|
||||
src: canal-config.yml.j2
|
||||
dest: /etc/kubernetes/canal-config.yaml
|
||||
|
||||
- name: Canal | Write canal node configuration
|
||||
template:
|
||||
src: canal-node.yml.j2
|
||||
dest: /etc/kubernetes/canal-node.yaml
|
||||
|
|
22
roles/network_plugin/canal/templates/canal-config.yml.j2
Normal file
22
roles/network_plugin/canal/templates/canal-config.yml.j2
Normal file
|
@ -0,0 +1,22 @@
|
|||
# This ConfigMap can be used to configure a self-hosted Canal installation.
|
||||
# See `canal.yaml` for an example of a Canal deployment which uses
|
||||
# the config in this ConfigMap.
|
||||
kind: ConfigMap
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: canal-config
|
||||
data:
|
||||
# Configure this with the location of your etcd cluster.
|
||||
etcd_endpoints: "{{ etcd_access_endpoint }}"
|
||||
|
||||
# The interface used by canal for host <-> host communication.
|
||||
# If left blank, then the interface is chosing using the node's
|
||||
# default route.
|
||||
flanneld_iface: "{{ canal_iface }}"
|
||||
|
||||
# Whether or not to masquerade traffic to destinations not within
|
||||
# the pod network.
|
||||
masquerade: "{{ canal_masquerade }}"
|
||||
|
||||
# Cluster name for Flannel etcd path
|
||||
cluster_name: "{{ cluster_name }}"
|
|
@ -47,10 +47,23 @@ spec:
|
|||
containers:
|
||||
- name: "flannel-server-helper"
|
||||
image: "{{ flannel_server_helper_image_repo }}:{{ flannel_server_helper_image_tag }}"
|
||||
env:
|
||||
# Cluster name
|
||||
- name: CLUSTER_NAME
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: cluster_name
|
||||
# The location of the etcd cluster.
|
||||
- name: FLANNELD_ETCD_ENDPOINTS
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: etcd_endpoints
|
||||
args:
|
||||
- "--network-config=/etc/flannel-network.json"
|
||||
- "--etcd-prefix=/{{ cluster_name }}/network"
|
||||
- "--etcd-server={{ etcd_endpoint }}"
|
||||
- "--etcd-prefix=/$(CLUSTER_NAME)/network"
|
||||
- "--etcd-server=$(FLANNELD_ETCD_ENDPOINTS)"
|
||||
volumeMounts:
|
||||
- name: "networkconfig"
|
||||
mountPath: "/etc/flannel-network.json"
|
||||
|
@ -60,22 +73,40 @@ spec:
|
|||
- name: flannel
|
||||
image: "{{ flannel_image_repo }}:{{ flannel_image_tag }}"
|
||||
env:
|
||||
# Cluster name
|
||||
- name: CLUSTER_NAME
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: cluster_name
|
||||
# The location of the etcd cluster.
|
||||
- name: FLANNELD_ETCD_ENDPOINTS
|
||||
value: "{{ etcd_access_endpoint }}"
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: etcd_endpoints
|
||||
# The interface flannel should run on.
|
||||
- name: FLANNELD_IFACE
|
||||
value: "{{ canal_iface }}"
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: flanneld_iface
|
||||
# Perform masquerade on traffic leaving the pod cidr.
|
||||
- name: FLANNELD_IP_MASQ
|
||||
value: "{{ canal_masquerade }}"
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: masquerade
|
||||
# Set etcd-prefix
|
||||
- name: DOCKER_OPT_ETCD_PREFIX
|
||||
value: "-etcd-prefix=/$(CLUSTER_NAME)/network"
|
||||
# Write the subnet.env file to the mounted directory.
|
||||
- name: FLANNELD_SUBNET_FILE
|
||||
value: "/run/flannel/subnet.env"
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
- "/opt/bin/flanneld -etcd-endpoints {{ etcd_access_endpoint }} -etcd-prefix /{{ cluster_name }}/network {% if canal_iface %}-iface {{ canal_iface }}{% endif %}"
|
||||
- "/opt/bin/flanneld -etcd-prefix /$(CLUSTER_NAME)/network"
|
||||
ports:
|
||||
- hostPort: 10253
|
||||
containerPort: 10253
|
||||
|
@ -94,7 +125,10 @@ spec:
|
|||
env:
|
||||
# The location of the etcd cluster.
|
||||
- name: ETCD_ENDPOINTS
|
||||
value: "{{ etcd_access_endpoint }}"
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: canal-config
|
||||
key: etcd_endpoints
|
||||
# Disable Calico BGP. Calico is simply enforcing policy.
|
||||
- name: CALICO_NETWORKING
|
||||
value: "false"
|
||||
|
|
Loading…
Reference in a new issue