biqiang Wu
78624c5bcb
When using cilium CNI, install Cilium CLI ( #9436 )
...
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
2022-10-30 17:02:45 -07:00
biqiang Wu
c681435432
Add switch cilium_enable_bandwidth_manager ( #9441 )
...
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
2022-10-28 03:08:31 -07:00
Kay Yan
32f3d92d6b
Remove PodSecurityPolicies in Calico ( #9395 )
2022-10-17 05:51:07 -07:00
Kay Yan
859df84b45
remove-psp-in-flannel ( #9365 )
2022-10-14 00:16:47 -07:00
Kay Yan
4701abff4c
upgrade-api-version-for-PodDisruptionBudget ( #9369 )
2022-10-10 17:51:02 -07:00
Rene Luria
3646dc0bd2
fix: remove trailing backslash and yaml indent ( #9339 )
...
* fix: remove trailing backslash
* fixed indent in cilium config template
2022-09-27 19:45:35 -07:00
biqiang Wu
31caab5f92
Fix: The Hubble certificate is faulty because the cluster name is hard coded ( #9340 )
...
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
2022-09-27 05:57:52 -07:00
Shelming.Song
d62c67a5f5
allow user to set env: FELIX_MTUIFACEPATTERN in calico-node.yml ( #9330 )
2022-09-26 21:57:45 -07:00
Ho Kim
18efdc2c51
Fix typos in calico ( #9327 )
2022-09-26 00:11:44 -07:00
Krystian Młynek
8acd33d0df
Calico: add wireguard support for Rocky Linux 9 ( #9287 )
2022-09-20 00:29:20 -07:00
Necatican Yıldırım
7da3dbcb39
Cilium 1.12 Upgrade ( #9225 )
...
* Drop support for Cilium < 1.10
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Synchronize Cilium templates for 1.11.7
Signed-off-by: necatican <contact@necatican.com>
* Set Cilium v1.12.1 as the default version
Signed-off-by: necatican <contact@necatican.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
Signed-off-by: necatican <contact@necatican.com>
2022-09-19 02:14:31 -07:00
Ho Kim
952cad8d63
Remove mutual exclusivity in calico: NAT and router mode ( #9255 )
...
* Add optional NAT support in calico router mode
* Add a blank line in front of lists
* Remove mutual exclusivity: NAT and router mode
* Ignore router mode from NAT
* Update calico doc
2022-09-13 00:19:07 -07:00
Ho Kim
09d9bc910e
Fix typos in calico comments ( #9254 )
2022-09-05 18:46:54 -07:00
lou-lan
133a7a0e1b
Add featureDetectOverride configration of calico ( #9249 )
2022-09-02 04:58:05 -07:00
蒋航
7ebb8c3f2e
make calico installation more stable ( #9227 )
...
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2022-08-30 21:13:01 -07:00
tasekida
220f149299
Fix abort because calicoctl.sh is not a full path ( #9217 )
2022-08-30 08:07:02 -07:00
Florian Ruynat
617b17ad46
Fix kube_ovn_hw_offload value ( #9218 )
2022-08-30 03:21:01 -07:00
Chad Swenson
de762400ad
Fixes for calico_datastore: etcd ( #9228 )
...
It seems that PR #8839 broke `calico_datastore: etcd` when it removed ipamconfig support for etcd mode.
This PR fixes some failing tasks when `calico_datastore == etcd`, but it does not restore ipamconfig support for calico in etcd mode. If someone wants to restore ipamconfig support for `calico_datastore: etcd` please submit a follow up PR for that.
2022-08-29 22:41:00 -07:00
Tristan
bbd1161147
9035: Make Cilium rolling-restart delay/timeout configurable ( #9176 )
...
See #9035
2022-08-22 02:37:44 -07:00
Thearas
ea29cd0890
add list nodes rules to cilium-operator clusterrole ( #9178 )
2022-08-18 01:02:36 -07:00
Samuel Liu
b36bb9115a
[calico] calico rr supports multiple groups ( #9134 )
...
* update calico rr
* fix bgppeer conf
* fix yamllint
* fix ansible lint
* fix calico deploy
* fix yamllint
* fix some typo
2022-08-18 00:52:37 -07:00
Florian Ruynat
307f598bc8
Move flannel to etcd datastore
2022-08-02 16:55:52 -07:00
Florian Ruynat
eb10249a75
Align canal templates with calico official ones (k8s datastore)
2022-08-02 16:55:52 -07:00
Denis Khachyan
8306adb102
update cilium to v1.11.7 ( #9119 )
2022-07-26 10:33:11 -07:00
忘尘
6525461d97
Add reset tasks specific to calico network_plugin ( #9103 )
2022-07-19 13:15:27 -07:00
Cyclinder
2e1863af78
feat: change default blockSize for calico ( #9055 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2022-07-19 13:05:27 -07:00
Samuel Liu
d821bed2ea
Fix some typo ( #9056 )
...
* fix ingress controller task name
* fix calico word
* add check typo
2022-07-11 09:49:48 -07:00
Mohamed Zaian
a7ba7cdcd5
[calico] add v3.23.2 and make it default ( #9041 )
2022-07-08 10:41:48 -07:00
Emin AKTAS
5071529a74
feat: upgrade cilium and add default variables ( #9065 )
...
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: Emin Aktas <emin.aktas@trendyol.com>
2022-07-07 10:35:34 -07:00
Tom Stian Berget
e1f06dd406
Add support for the updated (startup|liveness|readiness)Probe.Port numbers in Cilium ( #9031 )
2022-06-27 11:00:59 -07:00
orange-llajeanne
b33896844e
apply calico bgp peer definition task to all nodes, but delegate to ( #8974 )
...
first control plane node
2022-06-24 19:42:57 -07:00
Cyclinder
c3c9a42502
support multus multi-architecture installation ( #9012 )
...
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2022-06-21 10:56:26 -07:00
Alessio Greggi
97b4d79ed5
feat: make kubernetes owner parametrized ( #8952 )
...
* feat: make kubernetes owner parametrized
* docs: update hardening guide with configuration for CIS 1.1.19
* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2022-06-17 01:34:32 -07:00
Calin Cristian Andrei
2de5c4821c
[calico] clean up workarounds for older versions
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
9efe145688
[calico] make 3.23.1 the default and drop 3.20.x and 3.19.x
2022-06-15 00:57:20 -07:00
Viktor Jacynycz
77de7cb785
Expose calico-typha metrics port ( #8855 )
2022-06-14 07:17:33 -07:00
Ho Kim
889454f2bc
Fix typo in calico check ( #8969 )
2022-06-13 14:10:12 -07:00
Ilya Margolin
cc6cbfbe71
Allow disabling calico CNI logs with calico_cni_log_file_path ( #8921 )
...
* Allow disabling calico CNI logs with calico_cni_log_file_path
Calico CNI logs up to 1G if it log a lot with current default settings:
log_file_max_size 100 Max file size in MB log files can reach before they are rotated.
log_file_max_age 30 Max age in days that old log files will be kept on the host before they are removed.
log_file_max_count 10 Max number of rotated log files allowed on the host before they are cleaned up.
See https://projectcalico.docs.tigera.io/reference/cni-plugin/configuration#logging
To save disk space, make the path configurable and allow disabling this log by setting
`calico_cni_log_file_path: false`
* Fix markdown
* Update roles/network_plugin/canal/templates/cni-canal.conflist.j2
Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2022-06-07 09:22:56 -07:00
mahjonp
8030e6f76c
fix 8893#issuecomment-1147154353 ( #8933 )
...
Signed-off-by: mahjonp <junpeng.man@gmail.com>
2022-06-06 12:40:21 -07:00
Kenichi Omichi
814760ba25
Use blocks for macvlan tasks for each distribution ( #8918 )
...
For the code readability, this adds blocks for each distribution.
2022-06-06 07:50:24 -07:00
vanyasvl
a4f752fb02
Add subjectAltName to calico-apiserver certificate ( #8907 )
...
* Add AltName to calico-apiserver certificate
* fix support for centos7 openssl
2022-06-06 07:38:23 -07:00
Daniil Muidinov
5c136ae3af
[calico] add 3.22.3 and 3.23.1 ( #8897 )
...
* [calico]
* add 3.22.3 and 3.23.1
* set 3.22.3 default
* fix download crd for calico 3.22.3 and upper
* update calico README.md
2022-05-31 13:27:23 -07:00
mahjonp
c927da00e0
Support cilium ip-masq-agent configuration ( #8893 )
...
* fix deploy Cilium with eBPF-based Masquerading failed
Signed-off-by: mahjonp <junpeng.man@gmail.com>
* forget to add the enable-ip-masq-agent flag
Signed-off-by: mahjonp <junpeng.man@gmail.com>
2022-05-31 09:26:53 -07:00
Kenichi Omichi
dc2a18e436
Merge pull request #8815 from simplekube-ro/dont_clobber_calico
...
[calico] don't clobber calico options set by the user
2022-05-24 10:25:48 -07:00
Ross Kusler
4c97ce747c
Adding support for the kube-router flag --cluster-asn flag ( #8837 )
2022-05-23 16:39:10 -07:00
Tamas Pasztor
9d3a894991
Possible remove ippools from cni config ( #8845 )
...
* Possible remove ippools from cni config
* Typo
* Update roles/network_plugin/calico/templates/cni-calico.conflist.j2
Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
* Update cni-calico.conflist.j2
Incorrectly deleted calico forwarding content.
* Update roles/network_plugin/calico/templates/cni-calico.conflist.j2
Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2022-05-19 23:45:13 -07:00
Samuel Liu
a28b58dbd0
[calico]use ipamconfig instead of calico ipam command ( #8839 )
...
* use ipamconfig instead of calico ipam command
* fix ansible lint
2022-05-19 11:13:20 -07:00
Samuel Liu
eea7bb7692
only need run this once ( #8833 )
...
calicoctl ipam xx
calicoctl apply xx
2022-05-17 09:52:27 -07:00
Calin Cristian Andrei
569a319ff5
[calico] don't clobber user set bgp configuration options that are not managed by kubespray
2022-05-12 15:50:38 +00:00
Calin Cristian Andrei
47812ec002
[calico] don't clobber user set ippool options that are not managed by kubespray
2022-05-12 15:50:05 +00:00