David Louks
1e79dcfcaa
Added ability to set calico vxlan vni and port. defaults to calico's … ( #6678 )
...
* Added ability to set calico vxlan vni and port. defaults to calico's documented defaults.
* Check if calico_network_backend is defined prior to checking value
* Removed calico hidden defaults for vxlan port and vni
* Fixed FELIX_VXLANVNI typo
2020-09-22 01:04:48 -07:00
Barry Melbourne
b6b26c710f
Add support for Calico CNI host-local IPAM plugin ( #6580 )
2020-09-17 02:44:46 -07:00
Florian Ruynat
ae5328c500
Update calico to 3.16.1 ( #6644 )
2020-09-10 03:45:46 -07:00
Hans Feldt
93698a8f73
Calico: update crds to v1 and cr ( #6360 )
...
* Update CustomResourceDefinition for kubecontrollersconfigurations.crd.projectcalico.org to v1
* Align ClusterRole for kube-controllers with upstream (calico)
2020-09-03 00:51:40 -07:00
Maxime Guyot
6245587dc8
Fix E306 in roles/network_plugin ( #6516 )
...
Signed-off-by: Miouge1 <maxime@root314.com>
2020-09-02 23:55:40 -07:00
Maxime Guyot
34d88ea6d9
Fix Ansible-lint E303 ( #6409 )
2020-08-31 03:30:20 -07:00
nic0las
f59d3fc4a3
Deviceroutesourceaddress ( #6508 )
...
* add FELIX_DEVICEROUTESOURCEADDRESS calico option
* add calico_use_default_route_src_ipaddr option
add calico_use_default_route_src_ipaddr option to use FELIX_DEVICEROUTESOURCEADDRESS calico option
* Update k8s-net-calico.yml
2020-08-27 02:07:01 -07:00
Florian Ruynat
6e2b8a5750
Add timeout to Get current version of calico cluster version, again ( #6493 )
2020-08-21 00:13:51 -07:00
Maxime Guyot
fe46349786
Fix ansible-lint E301 for commands fetching data ( #6465 )
2020-07-28 08:39:47 -07:00
Maxime Guyot
e70f27dd79
Add noqa and disable .ansible-lint global exclusions ( #6410 )
2020-07-27 06:24:17 -07:00
Konstantin Lebedev
4b80a7f6fe
Felix configuration via extraenvs of calico node ( #6433 )
2020-07-22 00:08:04 -07:00
Minjong Kim
b19f2e2d3d
Update the calico_veth_mtu setting to affect IP-in-IP users ( #6419 )
...
* Update calico_veth_mtu to FELIX_IPINIP variable
calico_veth_mtu is specified in the configuration, but since it only works for wireguard, modify it to work for IP-in-IP users.
* Update template with more cleaner expression
2020-07-21 23:58:18 -07:00
chenguoquan1024
e1873ab872
add calico-node selinux ( #6359 )
2020-07-15 00:22:38 -07:00
nurekage
017df7113d
Patch Calico for V3.14.0 missing CR and CRD ( #6276 )
2020-07-01 08:44:16 -07:00
Florian Ruynat
16ec5939c2
Update deprecated api ( #6245 )
2020-06-30 09:00:07 -07:00
Florian Ruynat
8213b1802b
Update calico to 1.15.0 + minor update to kube-ovn/weave ( #6306 )
2020-06-29 14:39:58 -07:00
Joel Seguillon
4c1e0b188d
Add .editorconfig file ( #6307 )
2020-06-29 12:39:59 -07:00
Yousong Zhou
a7b8708dfc
calico: use absolute path to docker, crictl binary ( #6253 )
...
To avoid the following error (ignored when pipefail is off)
RUNNING HANDLER [network_plugin/calico : containerd | delete calico-node containers] *******************************************************************************
changed: [node1] => {"attempts": 1, "changed": true, "cmd": "crictl pods --name calico-node-* -q | xargs -I% --no-run-if-empty bash -c \"crictl stopp % && crictl rmp %\"", "delta": "0:00:00.004240", "end": "2020-06-10 03:32:41.316955", "rc": 0, "start": "2020-06-10 03:32:41.312715", "stderr": "/bin/sh: crictl: command not found", "stderr_lines": ["/bin/sh: crictl: command not found"], "stdout": "", "stdout_lines": []}
2020-06-10 03:22:08 -07:00
Flavien
7ff8fc259b
Support all taints in network plugins manifests ( #6208 )
...
flannel, ovn and multus network plugins did not support all taint keys. This
update changes the tolerations to support them all.
According to the documentation:
```
There are two special cases: An empty key with operator Exists matches all keys,
values and effects which means this will tolerate everything. An empty effect matches
all effects with key key.
```
Usage of the empty `key` and `effect` ensures the network plugin daemonset will
be deployed on every nodes (ex: in case of custom taints, or NoExecute effect)
2020-06-02 05:38:15 -07:00
Sergey
cc507d7ace
disable bird-check flag for probes of calico-node pods when calico_network_backend is not 'bird'. ( #6217 )
2020-06-01 12:44:14 -07:00
Florian Ruynat
3ff6a2e7ff
Update default (erroneous) backend value for calico ( #6031 )
2020-04-27 00:03:39 -07:00
Florian Ruynat
1ee3ff738e
Add option to enable usage reports to calico servers ( #6030 )
2020-04-27 00:03:30 -07:00
Florian Ruynat
299e35ebe4
Cleanup unused/erroneous variables ( #6003 )
2020-04-24 01:54:07 -07:00
Florian Ruynat
ca45d5ffbe
Fix retries keyword missing until instruction ( #5989 )
2020-04-21 07:20:56 -07:00
Florian Ruynat
83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os ( #5964 )
2020-04-17 05:51:06 -07:00
Alexander Kross
0d675cdd1a
Update Calico to v3.13.2, Multus to v3.4.1. Add ConfigMap get permission to allow calico-node access to kubeadm config. ( #5912 )
2020-04-09 07:27:43 -07:00
Anshul Sharma
79a6b72a13
Removed deprecated label kubernetes.io/cluster-service ( #5372 )
2020-03-30 01:19:53 -07:00
hfinucane
158d998ec4
Support configuring the Calico iptables insert mode ( #5473 )
...
* Support configuring the insert mode
Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration
so nothing should change for existing deployments.
This allows coexistence with other firewall management technologies.
* Add a note to the sample config
2020-03-14 06:36:35 -07:00
Sergey
e60b9f796e
add calico VXLAN mode, update docs and vars in sample inventory ( #5731 )
...
* calico VXLAN mode
* check vars if calico backend defined
2020-03-12 01:20:37 -07:00
Chad Swenson
a15a0b5eb9
Make calico iptables lock timeout configurable ( #5658 )
...
Adds `calico_iptables_lock_timeout_secs` variable to calico DS yaml.
2020-02-19 02:28:25 -08:00
Matthew Mosesohn
b35b816287
Raise typha max connections to 300 ( #5527 )
...
Raises limit from 100 to 300 because the default is far too low
and the pod can handle 300 with the given resources.
Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
2020-01-10 00:24:33 -08:00
Etienne Champetier
2c2ffa846c
Calico: update to 3.11.1, allow to configure calico_iptables_backend ( #5514 )
...
I've tested this update by deploying a containerd / etcd cluster on top CentOS7,
MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-01-08 02:27:40 -08:00
Matthew Mosesohn
7da2083986
Add toleration for calico-typha on master ( #5405 )
...
Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
2019-12-05 06:24:32 -08:00
Jacopo Secchiero
97764921ed
Fix calico name resolution ( #5291 )
2019-11-11 04:01:41 -08:00
Matthew Mosesohn
2c4e6b65d7
Raise delay and retry for rotate tokens ( #5304 )
...
Change-Id: I87844b43b9a18064e7a99567ce57c1ca1ffcc4a8
2019-10-30 01:56:52 -07:00
Matthew Mosesohn
94d4ce5a6f
Retry cleaning up calico-node container ( #5302 )
...
Change-Id: Iad27b107860213759c7ae51f0891d7e5e7c6d96b
2019-10-28 05:11:25 -07:00
Matthew Mosesohn
a1fff30bd9
Generate TLS certs for calico typha ( #5258 )
...
* Generate TLS certs for calico typha
Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707
* Add group vars note
Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
2019-10-17 07:02:38 -07:00
Sergey
81d57fe658
set calico_datastore default value in role kubespray-default ( #5259 )
2019-10-17 05:58:38 -07:00
Hugo Blom
9dfb25cafd
fix typo ( #5275 )
2019-10-16 18:26:38 -07:00
Matthew Mosesohn
af6456d1ea
Fix selector for calico-typha deployment ( #5253 )
...
Change-Id: I79f43379cbe1c495cb416f0572e65f695d5ec2b8
2019-10-16 07:53:42 -07:00
Matthew Mosesohn
fb591bf232
Apply workaround for NetworkManager and calico ( #5230 )
...
Change-Id: I5cb2bdf1a57707c1b8da3e5ac0c80e5c353480a4
2019-10-02 04:37:07 -07:00
陈谭军
99dbc6d780
clean-up doc,spelling mistakes ( #5206 )
2019-09-26 04:25:08 -07:00
Erwan Miran
f18e77f1db
Blocksize for calico default pool should be configurable ( #5198 )
2019-09-25 04:44:00 -07:00
Matthew Mosesohn
27ec548b88
Add support for k8s v1.16.0-beta.2 ( #5148 )
...
Cleaned up deprecated APIs:
apps/v1beta1
apps/v1beta2
extensions/v1beta1 for ds,deploy,rs
Add workaround for deploying helm using incompatible
deployment manifest.
Change-Id: I78b36741348f47a999df3841ee63cf4e6f377830
2019-09-10 12:06:54 -07:00
Matthew Mosesohn
184ac6a4e6
Parse calico nodes as json ( #5114 )
2019-08-27 10:16:42 -07:00
Matthew Mosesohn
7e1645845f
Allow calico settings to be modified ( #5101 )
...
Previous logic used calicoctl.sh create --skip-exists, which
allowed setting initial values, but not permitting changes.
2019-08-23 00:01:19 -07:00
Matthew Mosesohn
023108a733
Refactor calico route reflector to run in k8s cluster ( #4975 )
...
* Refactor calico-rr to run in k8s cluster with taint
Change-Id: I75a3169ff5b36ce8302fc7ef1c32d3eb697b5afa
* add preinstall checks
* rework calico/rr role
Change-Id: I2f0a7e6cb77cf91ad4a615923680760d2e5d9ca8
* add empty calico-rr group
Change-Id: I006c0a60db9b72d02245bf8fdfabcf982144a5ad
2019-08-08 07:37:22 -07:00
Aleksey Kasatkin
fb9103acd3
Update calico-typha deployment to address v3.7.x changes ( #5003 )
...
* Update calico-typha deployment to address v3.7.x changes
So that calico-typha works for Calico v3.7.x.
* Apply changes for v3.7.x only.
2019-07-24 09:12:16 -07:00
Sergey Kolekonov
428e52e0d1
Fix calico handler for containerd ( #4985 )
...
crictl tool must be used to delete containers in case of containerd
deployment
2019-07-16 08:35:24 -07:00
Matthew Mosesohn
23ae6027ab
remove support for calico v2.x ( #4974 )
...
* Remove support for calico below version v3.0.0
Change-Id: If8fe3036b9e054901a8b2c48516eff1e1271970f
* Update main.yml
* fixup node peering
Change-Id: Ifac4d363deba826f0c80e390ce80a28df9827323
* fixups
Change-Id: Ic35417330af6741962003b3930604393c90804d1
* fixups
Change-Id: I0ea82d634bb0c81d9b7dc50569c70988bc8d3a3b
2019-07-15 07:47:09 -07:00