richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7852 Commits
34 Branches
82 Tags
155 MiB
Tree: 2a52e5f08c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2a52e5f08c'
${ noResults }
kubespray/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml

132 lines
4.5 KiB
Raw Normal View History

set default value of name to "k8s-pod-network" (#8813) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
create separate options files for network plugins remove plugin options from common files
6 years ago
set default value of name to "k8s-pod-network" (#8813) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
move calico options from all.yml to k8s-cluster/k8s-net-calico.yml
6 years ago
Yamllint fixes (#4410) * Lint everything in the repository with yamllint * yamllint fixes: syntax fixes only * yamllint fixes: move comments to play names * yamllint fixes: indent comments in .gitlab-ci.yml file
6 years ago
move calico options from all.yml to k8s-cluster/k8s-net-calico.yml
6 years ago
create separate options files for network plugins remove plugin options from common files
6 years ago
add nat_outgoing_ipv6 to calico defaults and docs (#10866)
1 year ago
create separate options files for network plugins remove plugin options from common files
6 years ago
Add support for Calico CNI host-local IPAM plugin (#6580)
4 years ago
create separate options files for network plugins remove plugin options from common files
6 years ago
Update k8s-net-calico.yml (#11113) removed the confusing comment about defaulting to `kube_network_node_prefix` as we are not really defaulting to it when cni is Calico
10 months ago
feat: change default blockSize for calico (#9055) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
Blocksize for calico default pool should be configurable (#5198)
5 years ago
Calico: Ability to define the default IPPool CIDR (instead of kube_pods_subnet) (#4131) * Calico: Ability to define the default IPPool CIDR (instead of kube_pods_subnet) * Documentation for calico_pool_cidr (and calico_advertise_cluster_ips which has been forgotten...)
6 years ago
Possible remove ippools from cni config (#8845) * Possible remove ippools from cni config * Typo * Update roles/network_plugin/calico/templates/cni-calico.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> * Update cni-calico.conflist.j2 Incorrectly deleted calico forwarding content. * Update roles/network_plugin/calico/templates/cni-calico.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2 years ago
Changes to support Dual Stack networking
4 years ago
Possible remove ippools from cni config (#8845) * Possible remove ippools from cni config * Typo * Update roles/network_plugin/calico/templates/cni-calico.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> * Update cni-calico.conflist.j2 Incorrectly deleted calico forwarding content. * Update roles/network_plugin/calico/templates/cni-calico.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2 years ago
create separate options files for network plugins remove plugin options from common files
6 years ago
Calico: update files to handle multi-asn bgp peering conditions. (#6971) * update files to handle multi-asn bgp peering conditions. * put back in the serviceClusterIPs. Bad merge. * remove extraneous environment var. * update files as discussed with mirwan * update titles. * add not in. * add a conditional for using bgp to advertise cluster ips. Co-authored-by: marlow-h <mweston@habana.ai>
4 years ago
create separate options files for network plugins remove plugin options from common files
6 years ago
[PR-Calico]Support calico 3.4.0 (#4102) * Suport calico 3.4.0 Signed-off-by: wangxf1987 <xiaofeix.wang@gmail.com> * Remove symlink + cni conflist template when 3.3.0+, handle Canal, addition of install-cni: sidecar(3.3.0) or initontainer(3.4.0), KUBECONFIG_FILEPATH, calico_cert_dir, advertise cluster ips * scheduler.alpha.kubernetes.io/critical-pod deprecated since 1.12
6 years ago
Update calico to 1.15.0 + minor update to kube-ovn/weave (#6306)
4 years ago
Calico Docs: clarify the algorithm to calculate calico_veth_mtu (#7749) * Claico Docs: clarify the algorithm to calculate calico_veth_mtu * Update sample calico_veth_mtu
3 years ago
Update calico to 1.15.0 + minor update to kube-ovn/weave (#6306)
4 years ago
[PR-Calico]Support calico 3.4.0 (#4102) * Suport calico 3.4.0 Signed-off-by: wangxf1987 <xiaofeix.wang@gmail.com> * Remove symlink + cni conflist template when 3.3.0+, handle Canal, addition of install-cni: sidecar(3.3.0) or initontainer(3.4.0), KUBECONFIG_FILEPATH, calico_cert_dir, advertise cluster ips * scheduler.alpha.kubernetes.io/critical-pod deprecated since 1.12
6 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Add serviceExternalIPs option for calico installation (#6928)
4 years ago
Fix typos in calico comments (#9254)
2 years ago
Support Calico advertisement of MetalLB LoadBalancer IPs (#7593) * add initial MetalLB docs * metallb allow disabling the deployment of the metallb speaker * calico>=3.18 allow using calico to advertise service loadbalancer IPs * Document the use of MetalLB and Calico * clean MetalLB docs
3 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Modify the commented config info (#7558)
3 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Update default (erroneous) backend value for calico (#6031)
4 years ago
[calico] switch default iptables backend detection to Auto (#8429)
3 years ago
Calico: update to 3.11.1, allow to configure calico_iptables_backend (#5514) I've tested this update by deploying a containerd / etcd cluster on top CentOS7, MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Generate TLS certs for calico typha (#5258) * Generate TLS certs for calico typha Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707 * Add group vars note Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Raise typha max connections to 300 (#5527) Raises limit from 100 to 300 because the default is far too low and the pod can handle 300 with the given resources. Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Raise typha max connections to 300 (#5527) Raises limit from 100 to 300 because the default is far too low and the pod can handle 300 with the given resources. Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
5 years ago
added reference to calico_ip_auto_method in sample inventory group vars (#5612)
5 years ago
add calico VXLAN mode, update docs and vars in sample inventory (#5731) * calico VXLAN mode * check vars if calico backend defined
5 years ago
[calico] don't enable ipip encapsulation by default and use vxlan in CI (#8434) * [calico] make vxlan encapsulation the default * don't enable ipip encapsulation by default * set calico_network_backend by default to vxlan * update sample inventory and documentation * [CI] pin default calico parameters for upgrade tests to ensure proper upgrade * [CI] improve netchecker connectivity testing * [CI] show logs for tests * [calico] tweak task name * [CI] Don't run the provisioner from vagrant since we run it in testcases_run.sh * [CI] move kube-router tests to vagrant to avoid network connectivity issues during netchecker check * service proxy mode still fails connectivity tests so keeping it manual mode * [kube-router] account for containerd use-case
3 years ago
add calico VXLAN mode, update docs and vars in sample inventory (#5731) * calico VXLAN mode * check vars if calico backend defined
5 years ago
Fixed typos in inventory/sample/group_vars/k8s_cluster (#10911)
1 year ago
add calico VXLAN mode, update docs and vars in sample inventory (#5731) * calico VXLAN mode * check vars if calico backend defined
5 years ago
[calico] don't enable ipip encapsulation by default and use vxlan in CI (#8434) * [calico] make vxlan encapsulation the default * don't enable ipip encapsulation by default * set calico_network_backend by default to vxlan * update sample inventory and documentation * [CI] pin default calico parameters for upgrade tests to ensure proper upgrade * [CI] improve netchecker connectivity testing * [CI] show logs for tests * [calico] tweak task name * [CI] Don't run the provisioner from vagrant since we run it in testcases_run.sh * [CI] move kube-router tests to vagrant to avoid network connectivity issues during netchecker check * service proxy mode still fails connectivity tests so keeping it manual mode * [kube-router] account for containerd use-case
3 years ago
add calico VXLAN mode, update docs and vars in sample inventory (#5731) * calico VXLAN mode * check vars if calico backend defined
5 years ago
[calico] don't enable ipip encapsulation by default and use vxlan in CI (#8434) * [calico] make vxlan encapsulation the default * don't enable ipip encapsulation by default * set calico_network_backend by default to vxlan * update sample inventory and documentation * [CI] pin default calico parameters for upgrade tests to ensure proper upgrade * [CI] improve netchecker connectivity testing * [CI] show logs for tests * [calico] tweak task name * [CI] Don't run the provisioner from vagrant since we run it in testcases_run.sh * [CI] move kube-router tests to vagrant to avoid network connectivity issues during netchecker check * service proxy mode still fails connectivity tests so keeping it manual mode * [kube-router] account for containerd use-case
3 years ago
add calico VXLAN mode, update docs and vars in sample inventory (#5731) * calico VXLAN mode * check vars if calico backend defined
5 years ago
Added ability to set calico vxlan vni and port. defaults to calico's … (#6678) * Added ability to set calico vxlan vni and port. defaults to calico's documented defaults. * Check if calico_network_backend is defined prior to checking value * Removed calico hidden defaults for vxlan port and vni * Fixed FELIX_VXLANVNI typo
4 years ago
Fix typos in calico comments (#9254)
2 years ago
CI: Add Calico eBPF in HA mode test (#7710) * Sample-Inventory: add sample for calico_bpf_enabled * Calico-Doc: note about CONFIG_NET_SCHED for eBPF support * CI: Add Calico eBPF in HA mode test
3 years ago
add support for Calico IP6_AUTODETECTION_METHOD (#8541)
3 years ago
added reference to calico_ip_auto_method in sample inventory group vars (#5612)
5 years ago
add support for Calico IP6_AUTODETECTION_METHOD (#8541)
3 years ago
allow user to set env: FELIX_MTUIFACEPATTERN in calico-node.yml (#9330)
2 years ago
Support configuring the Calico iptables insert mode (#5473) * Support configuring the insert mode Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration so nothing should change for existing deployments. This allows coexistence with other firewall management technologies. * Add a note to the sample config
5 years ago
Deviceroutesourceaddress (#6508) * add FELIX_DEVICEROUTESOURCEADDRESS calico option * add calico_use_default_route_src_ipaddr option add calico_use_default_route_src_ipaddr option to use FELIX_DEVICEROUTESOURCEADDRESS calico option * Update k8s-net-calico.yml
4 years ago
Calico wireguard (#7638) * Calico: add Wireguard support * CI: Add Calico Wireguard scenario
3 years ago
Calico: increase calico node probe timeouts and allow tunning (#7981)
3 years ago
[calico] add calico apiserver (#8690) * [calico] add calico apiserver * fix yamllint * remove addext argument * Configure API server with the CA bundle * add check kdd
2 years ago
  1. ---
  2. # see roles/network_plugin/calico/defaults/main.yml
  4. # the default value of name
  5. calico_cni_name: k8s-pod-network
  7. ## With calico it is possible to distributed routes with border routers of the datacenter.
  8. ## Warning : enabling router peering will disable calico's default behavior ('node mesh').
  9. ## The subnets of each nodes will be distributed by the datacenter router
  10. # peer_with_router: false
  12. # Enables Internet connectivity from containers
  13. # nat_outgoing: true
  14. # nat_outgoing_ipv6: false
  16. # Enables Calico CNI "host-local" IPAM plugin
  17. # calico_ipam_host_local: true
  19. # add default ippool name
  20. # calico_pool_name: "default-pool"
  22. # add default ippool blockSize
  23. calico_pool_blocksize: 26
  25. # add default ippool CIDR (must be inside kube_pods_subnet, defaults to kube_pods_subnet otherwise)
  26. # calico_pool_cidr: 1.2.3.4/5
  28. # add default ippool CIDR to CNI config
  29. # calico_cni_pool: true
  31. # Add default IPV6 IPPool CIDR. Must be inside kube_pods_subnet_ipv6. Defaults to kube_pods_subnet_ipv6 if not set.
  32. # calico_pool_cidr_ipv6: fd85:ee78:d8a6:8607::1:0000/112
  34. # Add default IPV6 IPPool CIDR to CNI config
  35. # calico_cni_pool_ipv6: true
  37. # Global as_num (/calico/bgp/v1/global/as_num)
  38. # global_as_num: "64512"
  40. # If doing peering with node-assigned asn where the globas does not match your nodes, you want this
  41. # to be true. All other cases, false.
  42. # calico_no_global_as_num: false
  44. # You can set MTU value here. If left undefined or empty, it will
  45. # not be specified in calico CNI config, so Calico will use built-in
  46. # defaults. The value should be a number, not a string.
  47. # calico_mtu: 1500
  49. # Configure the MTU to use for workload interfaces and tunnels.
  50. # - If Wireguard is enabled, subtract 60 from your network MTU (i.e 1500-60=1440)
  51. # - Otherwise, if VXLAN or BPF mode is enabled, subtract 50 from your network MTU (i.e. 1500-50=1450)
  52. # - Otherwise, if IPIP is enabled, subtract 20 from your network MTU (i.e. 1500-20=1480)
  53. # - Otherwise, if not using any encapsulation, set to your network MTU (i.e. 1500)
  54. # calico_veth_mtu: 1440
  56. # Advertise Cluster IPs
  57. # calico_advertise_cluster_ips: true
  59. # Advertise Service External IPs
  60. # calico_advertise_service_external_ips:
  61. # - x.x.x.x/24
  62. # - y.y.y.y/32
  64. # Advertise Service LoadBalancer IPs
  65. # calico_advertise_service_loadbalancer_ips:
  66. # - x.x.x.x/24
  67. # - y.y.y.y/16
  69. # Choose data store type for calico: "etcd" or "kdd" (kubernetes datastore)
  70. # calico_datastore: "kdd"
  72. # Choose Calico iptables backend: "Legacy", "Auto" or "NFT"
  73. # calico_iptables_backend: "Auto"
  75. # Use typha (only with kdd)
  76. # typha_enabled: false
  78. # Generate TLS certs for secure typha<->calico-node communication
  79. # typha_secure: false
  81. # Scaling typha: 1 replica per 100 nodes is adequate
  82. # Number of typha replicas
  83. # typha_replicas: 1
  85. # Set max typha connections
  86. # typha_max_connections_lower_limit: 300
  88. # Set calico network backend: "bird", "vxlan" or "none"
  89. # bird enable BGP routing, required for ipip and no encapsulation modes
  90. # calico_network_backend: vxlan
  92. # IP in IP and VXLAN is mutually exclusive modes.
  93. # set IP in IP encapsulation mode: "Always", "CrossSubnet", "Never"
  94. # calico_ipip_mode: 'Never'
  96. # set VXLAN encapsulation mode: "Always", "CrossSubnet", "Never"
  97. # calico_vxlan_mode: 'Always'
  99. # set VXLAN port and VNI
  100. # calico_vxlan_vni: 4096
  101. # calico_vxlan_port: 4789
  103. # Enable eBPF mode
  104. # calico_bpf_enabled: false
  106. # If you want to use non default IP_AUTODETECTION_METHOD, IP6_AUTODETECTION_METHOD for calico node set this option to one of:
  107. # * can-reach=DESTINATION
  108. # * interface=INTERFACE-REGEX
  109. # see https://docs.projectcalico.org/reference/node/configuration
  110. # calico_ip_auto_method: "interface=eth.*"
  111. # calico_ip6_auto_method: "interface=eth.*"
  113. # Set FELIX_MTUIFACEPATTERN, Pattern used to discover the host’s interface for MTU auto-detection.
  114. # see https://projectcalico.docs.tigera.io/reference/felix/configuration
  115. # calico_felix_mtu_iface_pattern: "^((en|wl|ww|sl|ib)[opsx].*|(eth|wlan|wwan).*)"
  117. # Choose the iptables insert mode for Calico: "Insert" or "Append".
  118. # calico_felix_chaininsertmode: Insert
  120. # If you want use the default route interface when you use multiple interface with dynamique route (iproute2)
  121. # see https://docs.projectcalico.org/reference/node/configuration : FELIX_DEVICEROUTESOURCEADDRESS
  122. # calico_use_default_route_src_ipaddr: false
  124. # Enable calico traffic encryption with wireguard
  125. # calico_wireguard_enabled: false
  127. # Under certain situations liveness and readiness probes may need tunning
  128. # calico_node_livenessprobe_timeout: 10
  129. # calico_node_readinessprobe_timeout: 10
  131. # Calico apiserver (only with kdd)
  132. # calico_apiserver_enabled: false