Add ConfigMap for basic configuration options
Container settings moved from deamonset yaml to a separate configmap.
This commit is contained in:
parent
fec253abaf
commit
9acb8cd954
6 changed files with 83 additions and 14 deletions
|
@ -19,4 +19,5 @@
|
||||||
when: inventory_hostname == groups['kube-master'][0]
|
when: inventory_hostname == groups['kube-master'][0]
|
||||||
|
|
||||||
- include: tasks/calico-policy-controller.yml
|
- include: tasks/calico-policy-controller.yml
|
||||||
when: enable_network_policy is defined and enable_network_policy == True
|
when: ( enable_network_policy is defined and enable_network_policy == True ) or
|
||||||
|
( kube_network_plugin == 'canal' )
|
||||||
|
|
|
@ -1,3 +1,12 @@
|
||||||
|
- name: Create canal ConfigMap
|
||||||
|
run_once: true
|
||||||
|
kube:
|
||||||
|
name: "canal-config"
|
||||||
|
kubectl: "{{bin_dir}}/kubectl"
|
||||||
|
filename: "/etc/kubernetes/canal-config.yaml"
|
||||||
|
resource: "configmap"
|
||||||
|
namespace: "kube-system"
|
||||||
|
|
||||||
- name: Start flannel and calico-node
|
- name: Start flannel and calico-node
|
||||||
run_once: true
|
run_once: true
|
||||||
kube:
|
kube:
|
||||||
|
|
|
@ -5,11 +5,9 @@
|
||||||
"type": "calico",
|
"type": "calico",
|
||||||
"etcd_endpoints": "{{ etcd_access_endpoint }}",
|
"etcd_endpoints": "{{ etcd_access_endpoint }}",
|
||||||
"log_level": "info",
|
"log_level": "info",
|
||||||
{% if enable_network_policy is defined and enable_network_policy == True %}
|
"policy": {
|
||||||
"policy": {
|
"type": "k8s"
|
||||||
"type": "k8s"
|
},
|
||||||
},
|
|
||||||
{% endif %}
|
|
||||||
"kubernetes": {
|
"kubernetes": {
|
||||||
"kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
|
"kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,12 @@
|
||||||
dest: /etc/flannel-network.json
|
dest: /etc/flannel-network.json
|
||||||
backup: yes
|
backup: yes
|
||||||
|
|
||||||
- name: Canal | Write canal configuration
|
- name: Canal | Write canal configmap
|
||||||
|
template:
|
||||||
|
src: canal-config.yml.j2
|
||||||
|
dest: /etc/kubernetes/canal-config.yaml
|
||||||
|
|
||||||
|
- name: Canal | Write canal node configuration
|
||||||
template:
|
template:
|
||||||
src: canal-node.yml.j2
|
src: canal-node.yml.j2
|
||||||
dest: /etc/kubernetes/canal-node.yaml
|
dest: /etc/kubernetes/canal-node.yaml
|
||||||
|
|
22
roles/network_plugin/canal/templates/canal-config.yml.j2
Normal file
22
roles/network_plugin/canal/templates/canal-config.yml.j2
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
# This ConfigMap can be used to configure a self-hosted Canal installation.
|
||||||
|
# See `canal.yaml` for an example of a Canal deployment which uses
|
||||||
|
# the config in this ConfigMap.
|
||||||
|
kind: ConfigMap
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: canal-config
|
||||||
|
data:
|
||||||
|
# Configure this with the location of your etcd cluster.
|
||||||
|
etcd_endpoints: "{{ etcd_access_endpoint }}"
|
||||||
|
|
||||||
|
# The interface used by canal for host <-> host communication.
|
||||||
|
# If left blank, then the interface is chosing using the node's
|
||||||
|
# default route.
|
||||||
|
flanneld_iface: "{{ canal_iface }}"
|
||||||
|
|
||||||
|
# Whether or not to masquerade traffic to destinations not within
|
||||||
|
# the pod network.
|
||||||
|
masquerade: "{{ canal_masquerade }}"
|
||||||
|
|
||||||
|
# Cluster name for Flannel etcd path
|
||||||
|
cluster_name: "{{ cluster_name }}"
|
|
@ -47,10 +47,23 @@ spec:
|
||||||
containers:
|
containers:
|
||||||
- name: "flannel-server-helper"
|
- name: "flannel-server-helper"
|
||||||
image: "{{ flannel_server_helper_image_repo }}:{{ flannel_server_helper_image_tag }}"
|
image: "{{ flannel_server_helper_image_repo }}:{{ flannel_server_helper_image_tag }}"
|
||||||
|
env:
|
||||||
|
# Cluster name
|
||||||
|
- name: CLUSTER_NAME
|
||||||
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: cluster_name
|
||||||
|
# The location of the etcd cluster.
|
||||||
|
- name: FLANNELD_ETCD_ENDPOINTS
|
||||||
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: etcd_endpoints
|
||||||
args:
|
args:
|
||||||
- "--network-config=/etc/flannel-network.json"
|
- "--network-config=/etc/flannel-network.json"
|
||||||
- "--etcd-prefix=/{{ cluster_name }}/network"
|
- "--etcd-prefix=/$(CLUSTER_NAME)/network"
|
||||||
- "--etcd-server={{ etcd_endpoint }}"
|
- "--etcd-server=$(FLANNELD_ETCD_ENDPOINTS)"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: "networkconfig"
|
- name: "networkconfig"
|
||||||
mountPath: "/etc/flannel-network.json"
|
mountPath: "/etc/flannel-network.json"
|
||||||
|
@ -60,22 +73,40 @@ spec:
|
||||||
- name: flannel
|
- name: flannel
|
||||||
image: "{{ flannel_image_repo }}:{{ flannel_image_tag }}"
|
image: "{{ flannel_image_repo }}:{{ flannel_image_tag }}"
|
||||||
env:
|
env:
|
||||||
|
# Cluster name
|
||||||
|
- name: CLUSTER_NAME
|
||||||
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: cluster_name
|
||||||
# The location of the etcd cluster.
|
# The location of the etcd cluster.
|
||||||
- name: FLANNELD_ETCD_ENDPOINTS
|
- name: FLANNELD_ETCD_ENDPOINTS
|
||||||
value: "{{ etcd_access_endpoint }}"
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: etcd_endpoints
|
||||||
# The interface flannel should run on.
|
# The interface flannel should run on.
|
||||||
- name: FLANNELD_IFACE
|
- name: FLANNELD_IFACE
|
||||||
value: "{{ canal_iface }}"
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: flanneld_iface
|
||||||
# Perform masquerade on traffic leaving the pod cidr.
|
# Perform masquerade on traffic leaving the pod cidr.
|
||||||
- name: FLANNELD_IP_MASQ
|
- name: FLANNELD_IP_MASQ
|
||||||
value: "{{ canal_masquerade }}"
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: masquerade
|
||||||
|
# Set etcd-prefix
|
||||||
|
- name: DOCKER_OPT_ETCD_PREFIX
|
||||||
|
value: "-etcd-prefix=/$(CLUSTER_NAME)/network"
|
||||||
# Write the subnet.env file to the mounted directory.
|
# Write the subnet.env file to the mounted directory.
|
||||||
- name: FLANNELD_SUBNET_FILE
|
- name: FLANNELD_SUBNET_FILE
|
||||||
value: "/run/flannel/subnet.env"
|
value: "/run/flannel/subnet.env"
|
||||||
command:
|
command:
|
||||||
- "/bin/sh"
|
- "/bin/sh"
|
||||||
- "-c"
|
- "-c"
|
||||||
- "/opt/bin/flanneld -etcd-endpoints {{ etcd_access_endpoint }} -etcd-prefix /{{ cluster_name }}/network {% if canal_iface %}-iface {{ canal_iface }}{% endif %}"
|
- "/opt/bin/flanneld -etcd-prefix /$(CLUSTER_NAME)/network"
|
||||||
ports:
|
ports:
|
||||||
- hostPort: 10253
|
- hostPort: 10253
|
||||||
containerPort: 10253
|
containerPort: 10253
|
||||||
|
@ -94,7 +125,10 @@ spec:
|
||||||
env:
|
env:
|
||||||
# The location of the etcd cluster.
|
# The location of the etcd cluster.
|
||||||
- name: ETCD_ENDPOINTS
|
- name: ETCD_ENDPOINTS
|
||||||
value: "{{ etcd_access_endpoint }}"
|
valueFrom:
|
||||||
|
configMapKeyRef:
|
||||||
|
name: canal-config
|
||||||
|
key: etcd_endpoints
|
||||||
# Disable Calico BGP. Calico is simply enforcing policy.
|
# Disable Calico BGP. Calico is simply enforcing policy.
|
||||||
- name: CALICO_NETWORKING
|
- name: CALICO_NETWORKING
|
||||||
value: "false"
|
value: "false"
|
||||||
|
|
Loading…
Reference in a new issue