richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5763 Commits
33 Branches
82 Tags
153 MiB
Tree: ae3a1d7c01
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ae3a1d7c01'
${ noResults }
kubespray/roles/network_plugin/calico/templates/calico-typha.yml.j2

163 lines
5.0 KiB
Raw Normal View History

Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Add support for k8s v1.16.0-beta.2 (#5148) Cleaned up deprecated APIs: apps/v1beta1 apps/v1beta2 extensions/v1beta1 for ds,deploy,rs Add workaround for deploying helm using incompatible deployment manifest. Change-Id: I78b36741348f47a999df3841ee63cf4e6f377830
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Fix selector for calico-typha deployment (#5253) Change-Id: I79f43379cbe1c495cb416f0572e65f695d5ec2b8
5 years ago
fix typo (#5275)
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os (#5964)
4 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Add toleration for calico-typha on master (#5405) Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Add toleration for calico-typha on master (#5405) Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
5 years ago
Change node-role.kubernetes.io from master to control-plane (#7183)
4 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Generate TLS certs for calico typha (#5258) * Generate TLS certs for calico typha Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707 * Add group vars note Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Raise typha max connections to 300 (#5527) Raises limit from 100 to 300 because the default is far too low and the pod can handle 300 with the given resources. Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
5 years ago
Generate TLS certs for calico typha (#5258) * Generate TLS certs for calico typha Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707 * Add group vars note Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Add calico 3.7.3 support (#4953) * Add calico 3.7.3 support * add calico_datastore variable to policy controller role * add missing clusterrole rules for calico policy controller * disable calico kube controller when kdd mode is used for versions < 3.6
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Update calico-typha deployment to address v3.7.x changes (#5003) * Update calico-typha deployment to address v3.7.x changes So that calico-typha works for Calico v3.7.x. * Apply changes for v3.7.x only.
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Update calico-typha deployment to address v3.7.x changes (#5003) * Update calico-typha deployment to address v3.7.x changes So that calico-typha works for Calico v3.7.x. * Apply changes for v3.7.x only.
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Generate TLS certs for calico typha (#5258) * Generate TLS certs for calico typha Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707 * Add group vars note Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Add .editorconfig file (#6307)
4 years ago
Generate TLS certs for calico typha (#5258) * Generate TLS certs for calico typha Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707 * Add group vars note Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
  1. # This manifest creates a Service, which will be backed by Calico's Typha daemon.
  2. # Typha sits in between Felix and the API server, reducing Calico's load on the API server.
  4. apiVersion: v1
  5. kind: Service
  6. metadata:
  7. name: calico-typha
  8. namespace: kube-system
  9. labels:
  10. k8s-app: calico-typha
  11. spec:
  12. ports:
  13. - port: 5473
  14. protocol: TCP
  15. targetPort: calico-typha
  16. name: calico-typha
  17. selector:
  18. k8s-app: calico-typha
  20. ---
  22. # This manifest creates a Deployment of Typha to back the above service.
  24. apiVersion: apps/v1
  25. kind: Deployment
  26. metadata:
  27. name: calico-typha
  28. namespace: kube-system
  29. labels:
  30. k8s-app: calico-typha
  31. spec:
  32. # Number of Typha replicas. To enable Typha, set this to a non-zero value *and* set the
  33. # typha_service_name variable in the calico-config ConfigMap above.
  34. #
  35. # We recommend using Typha if you have more than 50 nodes. Above 100 nodes it is essential
  36. # (when using the Kubernetes datastore). Use one replica for every 100-200 nodes. In
  37. # production, we recommend running at least 3 replicas to reduce the impact of rolling upgrade.
  38. replicas: {{ typha_replicas }}
  39. revisionHistoryLimit: 2
  40. selector:
  41. matchLabels:
  42. k8s-app: calico-typha
  43. template:
  44. metadata:
  45. labels:
  46. k8s-app: calico-typha
  47. annotations:
  48. cluster-autoscaler.kubernetes.io/safe-to-evict: 'true'
  49. spec:
  50. nodeSelector:
  51. kubernetes.io/os: linux
  52. hostNetwork: true
  53. tolerations:
  54. - key: node-role.kubernetes.io/master
  55. operator: Exists
  56. effect: NoSchedule
  57. - key: node-role.kubernetes.io/control-plane
  58. operator: Exists
  59. effect: NoSchedule
  60. # Since Calico can't network a pod until Typha is up, we need to run Typha itself
  61. # as a host-networked pod.
  62. serviceAccountName: calico-node
  63. priorityClassName: system-cluster-critical
  64. containers:
  65. - image: {{ calico_typha_image_repo }}:{{ calico_typha_image_tag }}
  66. name: calico-typha
  67. ports:
  68. - containerPort: 5473
  69. name: calico-typha
  70. protocol: TCP
  71. env:
  72. # Enable "info" logging by default. Can be set to "debug" to increase verbosity.
  73. - name: TYPHA_LOGSEVERITYSCREEN
  74. value: "info"
  75. # Disable logging to file and syslog since those don't make sense in Kubernetes.
  76. - name: TYPHA_LOGFILEPATH
  77. value: "none"
  78. - name: TYPHA_LOGSEVERITYSYS
  79. value: "none"
  80. # Monitor the Kubernetes API to find the number of running instances and rebalance
  81. # connections.
  82. - name: TYPHA_CONNECTIONREBALANCINGMODE
  83. value: "kubernetes"
  84. - name: TYPHA_DATASTORETYPE
  85. value: "kubernetes"
  86. - name: TYPHA_HEALTHENABLED
  87. value: "true"
  88. - name: TYPHA_MAXCONNECTIONSLOWERLIMIT
  89. value: "{{ typha_max_connections_lower_limit }}"
  90. {% if typha_secure %}
  91. - name: TYPHA_CAFILE
  92. value: /etc/ca/ca.crt
  93. - name: TYPHA_CLIENTCN
  94. value: typha-client
  95. - name: TYPHA_SERVERCERTFILE
  96. value: /etc/typha/server_certificate.pem
  97. - name: TYPHA_SERVERKEYFILE
  98. value: /etc/typha/server_key.pem
  99. volumeMounts:
  100. - mountPath: /etc/typha
  101. name: typha-server
  102. readOnly: true
  103. - mountPath: /etc/ca/ca.crt
  104. subPath: ca.crt
  105. name: cacert
  106. readOnly: true
  107. {% endif %}
  108. # Uncomment these lines to enable prometheus metrics. Since Typha is host-networked,
  109. # this opens a port on the host, which may need to be secured.
  110. #- name: TYPHA_PROMETHEUSMETRICSENABLED
  111. # value: "true"
  112. #- name: TYPHA_PROMETHEUSMETRICSPORT
  113. # value: "9093"
  115. # Needed for version >=3.7 when the 'host-local' ipam is used
  116. # Should never happen given templates/cni-calico.conflist.j2
  117. # Configure route aggregation based on pod CIDR.
  118. # - name: USE_POD_CIDR
  119. # value: "true"
  120. livenessProbe:
  121. httpGet:
  122. path: /liveness
  123. port: 9098
  124. host: localhost
  125. periodSeconds: 30
  126. initialDelaySeconds: 30
  127. readinessProbe:
  128. httpGet:
  129. path: /readiness
  130. port: 9098
  131. host: localhost
  132. periodSeconds: 10
  133. {% if typha_secure %}
  134. volumes:
  135. - name: typha-server
  136. secret:
  137. secretName: typha-server
  138. items:
  139. - key: tls.crt
  140. path: server_certificate.pem
  141. - key: tls.key
  142. path: server_key.pem
  143. - name: cacert
  144. hostPath:
  145. path: "{{ kube_cert_dir }}"
  146. {% endif %}
  148. ---
  150. # This manifest creates a Pod Disruption Budget for Typha to allow K8s Cluster Autoscaler to evict
  152. apiVersion: policy/v1beta1
  153. kind: PodDisruptionBudget
  154. metadata:
  155. name: calico-typha
  156. namespace: kube-system
  157. labels:
  158. k8s-app: calico-typha
  159. spec:
  160. maxUnavailable: 1
  161. selector:
  162. matchLabels:
  163. k8s-app: calico-typha