Commit graph

227 commits

Author SHA1 Message Date
Florian Ruynat
3ff6a2e7ff
Update default (erroneous) backend value for calico () 2020-04-27 00:03:39 -07:00
Florian Ruynat
1ee3ff738e
Add option to enable usage reports to calico servers () 2020-04-27 00:03:30 -07:00
Florian Ruynat
299e35ebe4
Cleanup unused/erroneous variables () 2020-04-24 01:54:07 -07:00
Florian Ruynat
ca45d5ffbe
Fix retries keyword missing until instruction () 2020-04-21 07:20:56 -07:00
Florian Ruynat
83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os () 2020-04-17 05:51:06 -07:00
Alexander Kross
0d675cdd1a
Update Calico to v3.13.2, Multus to v3.4.1. Add ConfigMap get permission to allow calico-node access to kubeadm config. () 2020-04-09 07:27:43 -07:00
Anshul Sharma
79a6b72a13
Removed deprecated label kubernetes.io/cluster-service () 2020-03-30 01:19:53 -07:00
hfinucane
158d998ec4
Support configuring the Calico iptables insert mode ()
* Support configuring the insert mode

Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration

so nothing should change for existing deployments.

This allows coexistence with other firewall management technologies.

* Add a note to the sample config
2020-03-14 06:36:35 -07:00
Sergey
e60b9f796e
add calico VXLAN mode, update docs and vars in sample inventory ()
* calico VXLAN mode

* check vars if calico backend defined
2020-03-12 01:20:37 -07:00
Chad Swenson
a15a0b5eb9
Make calico iptables lock timeout configurable ()
Adds `calico_iptables_lock_timeout_secs` variable to calico DS yaml.
2020-02-19 02:28:25 -08:00
Matthew Mosesohn
b35b816287 Raise typha max connections to 300 ()
Raises limit from 100 to 300 because the default is far too low
and the pod can handle 300 with the given resources.

Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
2020-01-10 00:24:33 -08:00
Etienne Champetier
2c2ffa846c Calico: update to 3.11.1, allow to configure calico_iptables_backend ()
I've tested this update by deploying a containerd / etcd cluster on top CentOS7,
MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-01-08 02:27:40 -08:00
Matthew Mosesohn
7da2083986 Add toleration for calico-typha on master ()
Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
2019-12-05 06:24:32 -08:00
Jacopo Secchiero
97764921ed Fix calico name resolution () 2019-11-11 04:01:41 -08:00
Matthew Mosesohn
2c4e6b65d7 Raise delay and retry for rotate tokens ()
Change-Id: I87844b43b9a18064e7a99567ce57c1ca1ffcc4a8
2019-10-30 01:56:52 -07:00
Matthew Mosesohn
94d4ce5a6f Retry cleaning up calico-node container ()
Change-Id: Iad27b107860213759c7ae51f0891d7e5e7c6d96b
2019-10-28 05:11:25 -07:00
Matthew Mosesohn
a1fff30bd9 Generate TLS certs for calico typha ()
* Generate TLS certs for calico typha

Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707

* Add group vars note

Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
2019-10-17 07:02:38 -07:00
Sergey
81d57fe658 set calico_datastore default value in role kubespray-default () 2019-10-17 05:58:38 -07:00
Hugo Blom
9dfb25cafd fix typo () 2019-10-16 18:26:38 -07:00
Matthew Mosesohn
af6456d1ea Fix selector for calico-typha deployment ()
Change-Id: I79f43379cbe1c495cb416f0572e65f695d5ec2b8
2019-10-16 07:53:42 -07:00
Matthew Mosesohn
fb591bf232 Apply workaround for NetworkManager and calico ()
Change-Id: I5cb2bdf1a57707c1b8da3e5ac0c80e5c353480a4
2019-10-02 04:37:07 -07:00
陈谭军
99dbc6d780 clean-up doc,spelling mistakes () 2019-09-26 04:25:08 -07:00
Erwan Miran
f18e77f1db Blocksize for calico default pool should be configurable () 2019-09-25 04:44:00 -07:00
Matthew Mosesohn
27ec548b88 Add support for k8s v1.16.0-beta.2 ()
Cleaned up deprecated APIs:
apps/v1beta1
apps/v1beta2
extensions/v1beta1 for ds,deploy,rs

Add workaround for deploying helm using incompatible
deployment manifest.
Change-Id: I78b36741348f47a999df3841ee63cf4e6f377830
2019-09-10 12:06:54 -07:00
Matthew Mosesohn
184ac6a4e6 Parse calico nodes as json () 2019-08-27 10:16:42 -07:00
Matthew Mosesohn
7e1645845f Allow calico settings to be modified ()
Previous logic used calicoctl.sh create --skip-exists, which
allowed setting initial values, but not permitting changes.
2019-08-23 00:01:19 -07:00
Matthew Mosesohn
023108a733 Refactor calico route reflector to run in k8s cluster ()
* Refactor calico-rr to run in k8s cluster with taint

Change-Id: I75a3169ff5b36ce8302fc7ef1c32d3eb697b5afa

* add preinstall checks

* rework calico/rr role

Change-Id: I2f0a7e6cb77cf91ad4a615923680760d2e5d9ca8

* add empty calico-rr group

Change-Id: I006c0a60db9b72d02245bf8fdfabcf982144a5ad
2019-08-08 07:37:22 -07:00
Aleksey Kasatkin
fb9103acd3 Update calico-typha deployment to address v3.7.x changes ()
* Update calico-typha deployment to address v3.7.x changes

So that calico-typha works for Calico v3.7.x.

* Apply changes for v3.7.x only.
2019-07-24 09:12:16 -07:00
Sergey Kolekonov
428e52e0d1 Fix calico handler for containerd ()
crictl tool must be used to delete containers in case of containerd
deployment
2019-07-16 08:35:24 -07:00
Matthew Mosesohn
23ae6027ab remove support for calico v2.x ()
* Remove support for calico below version v3.0.0

Change-Id: If8fe3036b9e054901a8b2c48516eff1e1271970f

* Update main.yml

* fixup node peering

Change-Id: Ifac4d363deba826f0c80e390ce80a28df9827323

* fixups

Change-Id: Ic35417330af6741962003b3930604393c90804d1

* fixups

Change-Id: I0ea82d634bb0c81d9b7dc50569c70988bc8d3a3b
2019-07-15 07:47:09 -07:00
Matthew Mosesohn
fd9bbcb157 Enable nodes to run calicoctl for calico kdd mode ()
* Enable nodes to run calicoctl

per-node tasks require waiting for calico-node to be applied

Change-Id: Ibe1076b7334a2da0332f2dd766fde0c3f172d1f2

* cleanup tasks that should run on master

Change-Id: I43a837879ef41596f14657ecd7f813899b6865ae

* Switch run_once calico logic to just run on first master

Change-Id: I6893711e354f63c5e1eaf6ac2e23d9a6347a555d
2019-07-15 01:59:06 -07:00
jlacoline
20c7e31ea3 Add calico 3.7.3 support ()
* Add calico 3.7.3 support

* add calico_datastore variable to policy controller role

* add missing clusterrole rules for calico policy controller

* disable calico kube controller when kdd mode is used for versions < 3.6
2019-07-09 12:42:28 -07:00
Julian Tabel
dc16ab92f4 fix for calico with kdd datastore ()
* fix for calico with kdd datastore

* remove AS number from daemonset

* revert changes to canal

* additionnal fixes for kdd datastore in calico
2019-07-08 12:20:03 +03:00
okamototk
4c8b93e5b9 containerd support ()
* Add limited containerd support

Containerd support for Ubuntu + Calico

* Added CRI-O support for ubuntu

* containerd support.

* Reset  containerd support.

* fix lint.

* implemented feedback

* Change task name cri xx instead of cri-o in reset task and timeout condition.

* set crictl to fixed version

* Use docker-ce's container.io package for containerd.

* Add check containerd is installable or not.

* Avoid stop docker when use containerd and optimize retry for reset.

* Add config.toml.

* Fixed containerd for kubelet.env.

* Merge PR 

* Remove unused ubuntu variable for containerd

* Polish code for containerd and cri-o

* Refactoring cri socket configuration.

* Configurable conmon.

* Remove unused crictl/runc download

* Now crictl and runc is downloaded by common crictl.yml.

* fixed yamllint error

* Fixed brokenfiles by conflict.

* Remove commented line in config.toml

* Remove readded v1.12.x version

* Fixed broken set_docker_image_facts

* Fix yamllint errors.

* Remove unused apt source

* Fix crictl could not be installed

* Add containerd config from skolekonov's PR 
2019-06-29 14:09:20 -07:00
Matthew Mosesohn
4348e78b24 Enable kubeadm etcd mode ()
* Enable kubeadm etcd mode

Uses cert commands from kubeadm experimental control plane to
enable non-master nodes to obtain etcd certs.

Related story: PROD-29434

Change-Id: Idafa1d223e5c6ceadf819b6f9c06adf4c4f74178

* Add validation checks and exclude calico kdd mode

Change-Id: Ic234f5e71261d33191376e70d438f9f6d35f358c

* Move etcd mode test to ubuntu flannel HA job

Change-Id: I9af6fd80a1bbb1692ab10d6da095eb368f6bc732

* rename etcd_mode to etcd_kubeadm_enabled

Change-Id: Ib196d6c8a52f48cae370b026f7687ff9ca69c172
2019-06-20 11:12:51 -07:00
Tony Fouchard
f67a24499b Allow to specify feature_control in calico cni config ()
* Allow to specify feature_control in calico cni config

* list length checking

* double check

* remove 2 conditions
2019-06-16 23:14:07 -07:00
Andreas Krüger
818aa7aeb1 Set dnsPolicy to ClusterFirstWithHostNet when hostNetwork is true () 2019-06-05 03:17:55 -07:00
MarkusTeufelberger
e67f848abc ansible-lint: add spaces around variables [E206] () 2019-05-02 14:24:21 -07:00
MarkusTeufelberger
88d919337e ansible-lint: don't compare to empty string [E602] () 2019-04-28 23:00:20 -07:00
grialeyur
82119ca923 Add support calico kubernetes datastore and typha. ()
* Add support calico kubernetes datastore and typha.

* Add typha_enabled to kubespray-defaults.
2019-04-25 05:00:48 -07:00
MarkusTeufelberger
424e59805f ansible-lint: Fix commands that are also available as module () 2019-04-23 22:18:00 -07:00
Andreas Krüger
d588532c9b Update probe timeouts, delays etc. ()
* Fix merge conflict

* Add check delay

* Add more liveness and readiness options to metrics-server
2019-04-23 14:46:02 -07:00
Matthew Mosesohn
05dc2b3a09 Use K8s 1.14 and add kubeadm experimental control plane mode ()
* Use K8s 1.14 and add kubeadm experimental control plane mode

This reverts commit d39c273d96.

* Cleanup kubeadm setup run on first master

* pin kubeadm_certificate_key in test

* Remove kubelet autolabel of kube-node, add symlink for pki dir

Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
2019-04-19 06:01:54 -07:00
andreyshestakov
78f6f6b889 Mark "Calico | Set global as_num" as "unchanged" ()
This command executes with "--skip-exists" parameter, so it is idempotent
and should not be marked as "changed".
2019-04-16 09:31:11 -07:00
Matthew Mosesohn
c5fb734098 Switch calicoctl from a container to a binary () 2019-04-15 04:24:04 -07:00
Matthew Mosesohn
d39c273d96 Revert "Use K8s 1.14 and add kubeadm experimental control plane mode ()" ()
This reverts commit 316508626d.
2019-04-11 12:52:43 -07:00
Matthew Mosesohn
316508626d Use K8s 1.14 and add kubeadm experimental control plane mode ()
* Use Kubernetes 1.14 and experimental control plane support

* bump to v1.14.0
2019-04-11 05:30:13 -07:00
Maxime Guyot
353afa7cb0 Fix ipip: false in calico v3 () 2019-04-10 05:50:15 -07:00
Matthew Mosesohn
4fe2aa6bf7 Use install_cni init container for cni copy for calico/canal () 2019-04-02 03:32:36 -07:00
ml
483f1d2ca0 Calico felix - Fix jinja2 boolean condition ()
* Fix jinja2 boolean condition

* Convert all felix variable to booleans instead.
2019-03-29 16:07:09 -07:00