richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7851 Commits
34 Branches
82 Tags
155 MiB
Tree: ebdc599b05
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ebdc599b05'
${ noResults }
kubespray/roles/network_plugin/calico_defaults/defaults/main.yml

176 lines
5.5 KiB
Raw Normal View History

split network plugins into distinct roles
9 years ago
set default value of name to "k8s-pod-network" (#8813) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
calico: enabling nat outgoing by default
9 years ago
add nat_outgoing_ipv6 to calico defaults and docs (#10866)
1 year ago
choose between gce and aws cloud providers
9 years ago
Fix yaml checks
6 years ago
calico upgrade to v3 (#3086) * calico upgrade to v3 * update calico_rr version * add missing file * change contents of main.yml as it was left old version * enable network policy by default * remove unneeded task * Fix kubelet calico settings * fix when statement * switch back to node-kubeconfig.yaml
6 years ago
calico CALICO_IPV4POOL_IPIP overriding variable (#3507)
6 years ago
calico upgrade to v3 (#3086) * calico upgrade to v3 * update calico_rr version * add missing file * change contents of main.yml as it was left old version * enable network policy by default * remove unneeded task * Fix kubelet calico settings * fix when statement * switch back to node-kubeconfig.yaml
6 years ago
[calico] don't enable ipip encapsulation by default and use vxlan in CI (#8434) * [calico] make vxlan encapsulation the default * don't enable ipip encapsulation by default * set calico_network_backend by default to vxlan * update sample inventory and documentation * [CI] pin default calico parameters for upgrade tests to ensure proper upgrade * [CI] improve netchecker connectivity testing * [CI] show logs for tests * [calico] tweak task name * [CI] Don't run the provisioner from vagrant since we run it in testcases_run.sh * [CI] move kube-router tests to vagrant to avoid network connectivity issues during netchecker check * service proxy mode still fails connectivity tests so keeping it manual mode * [kube-router] account for containerd use-case
3 years ago
Support --ipip option for calico pool Adds new boolean configuration variable for calico network plugin `ipip`. When it's enabled calico pool is created with '--ipip' option (IP-over-IP encapsulation across hosts). Also refactor pool creation tasks to simplify logic and make tasks more readable.
8 years ago
Possible remove ippools from cni config (#8845) * Possible remove ippools from cni config * Typo * Update roles/network_plugin/calico/templates/cni-calico.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> * Update cni-calico.conflist.j2 Incorrectly deleted calico forwarding content. * Update roles/network_plugin/calico/templates/cni-calico.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2 years ago
Disable podCIDR allocation from control-plane when using calico (#10639) * Disable control plane allocating podCIDR for nodes when using calico Calico does not use the .spec.podCIDR field for its IP address management. Furthermore, it can false positives from the kube controller manager if kube_network_node_prefix and calico_pool_blocksize are unaligned, which is the case with the default shipped by kubespray. If the subnets obtained from using kube_network_node_prefix are bigger, this would result at some point in the control plane thinking it does not have subnets left for a new node, while calico will work without problems. Explicitely set a default value of false for calico_ipam_host_local to facilitate its use in templates. * Don't default to kube_network_node_prefix for calico_pool_blocksize They have different semantics: kube_network_node_prefix is intended to be the size of the subnet for all pods on a node, while there can be more than on calico block of the specified size (they are allocated on demand). Besides, this commit does not actually change anything, because the current code is buggy: we don't ever default to kube_network_node_prefix, since the variable is defined in the role defaults.
1 year ago
feat: change default blockSize for calico (#9055) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
check calico ipv6 (#8738) * check calico ipv6 * just check ipip mode for ipv6
2 years ago
Changes to support Dual Stack networking
4 years ago
feat: change default blockSize for calico (#9055) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
Disable podCIDR allocation from control-plane when using calico (#10639) * Disable control plane allocating podCIDR for nodes when using calico Calico does not use the .spec.podCIDR field for its IP address management. Furthermore, it can false positives from the kube controller manager if kube_network_node_prefix and calico_pool_blocksize are unaligned, which is the case with the default shipped by kubespray. If the subnets obtained from using kube_network_node_prefix are bigger, this would result at some point in the control plane thinking it does not have subnets left for a new node, while calico will work without problems. Explicitely set a default value of false for calico_ipam_host_local to facilitate its use in templates. * Don't default to kube_network_node_prefix for calico_pool_blocksize They have different semantics: kube_network_node_prefix is intended to be the size of the subnet for all pods on a node, while there can be more than on calico block of the specified size (they are allocated on demand). Besides, this commit does not actually change anything, because the current code is buggy: we don't ever default to kube_network_node_prefix, since the variable is defined in the role defaults.
1 year ago
feat: change default blockSize for calico (#9055) Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
Changes to support Dual Stack networking
4 years ago
[calico] don't enable ipip encapsulation by default and use vxlan in CI (#8434) * [calico] make vxlan encapsulation the default * don't enable ipip encapsulation by default * set calico_network_backend by default to vxlan * update sample inventory and documentation * [CI] pin default calico parameters for upgrade tests to ensure proper upgrade * [CI] improve netchecker connectivity testing * [CI] show logs for tests * [calico] tweak task name * [CI] Don't run the provisioner from vagrant since we run it in testcases_run.sh * [CI] move kube-router tests to vagrant to avoid network connectivity issues during netchecker check * service proxy mode still fails connectivity tests so keeping it manual mode * [kube-router] account for containerd use-case
3 years ago
Add etcd TLS support
8 years ago
Move CNI config and add MTU support for calico-cni - Move CNI configuration creation for Calico to appropriate network_plugin role from kubernetes/node. - Add support for MTU configuration in Calico.
8 years ago
Add calico/routereflector support Add BGP route reflectors support in order to optimize BGP topology for deployments with Calico network plugin. Also bump version of calico/ctl for some bug fixes.
8 years ago
Move CNI config and add MTU support for calico-cni - Move CNI configuration creation for Calico to appropriate network_plugin role from kubernetes/node. - Add support for MTU configuration in Calico.
8 years ago
Systemd units, limits, and bin path fixes * Add restart for weave service unit * Reuse docker_bin_dir everythere * Limit systemd managed docker containers by CPU/RAM. Do not configure native systemd limits due to the lack of consensus in the kernel community requires out-of-tree kernel patches. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Add serviceExternalIPs option for calico installation (#6928)
4 years ago
Fix typos in calico comments (#9254)
2 years ago
Support Calico advertisement of MetalLB LoadBalancer IPs (#7593) * add initial MetalLB docs * metallb allow disabling the deployment of the metallb speaker * calico>=3.18 allow using calico to advertise service loadbalancer IPs * Document the use of MetalLB and Calico * clean MetalLB docs
3 years ago
Calico enable support for eBPF (#7618) * Calico: align manifests with upstream * allow enabling typha prometheus metrics * Calico: enable eBPF support * manage the kubernetes-services-endpoint configmap * Calico: document the use of eBPF dataplane * Calico: improve checks before deployment * enforce disabling kube-proxy when using eBPF dataplane * ensure calico_version is supported
3 years ago
feat(calico): add possibility to enable calico floatingIPs feature (#9680) Add a variable `calico_felix_floatingIPs` which permit to enable calico feature `floatingIPs` (disabled per default). Signed-off-by: MatthieuFin <matthieu2717@gmail.com> #9679
2 years ago
Systemd units, limits, and bin path fixes * Add restart for weave service unit * Reuse docker_bin_dir everythere * Limit systemd managed docker containers by CPU/RAM. Do not configure native systemd limits due to the lack of consensus in the kernel community requires out-of-tree kernel patches. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Lower default memory requests This is to address out of memory issues on CI as well as help fit deployments for people starting out with kargo on smaller machines
8 years ago
Systemd units, limits, and bin path fixes * Add restart for weave service unit * Reuse docker_bin_dir everythere * Limit systemd managed docker containers by CPU/RAM. Do not configure native systemd limits due to the lack of consensus in the kernel community requires out-of-tree kernel patches. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Support configuring the Calico iptables insert mode (#5473) * Support configuring the insert mode Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration so nothing should change for existing deployments. This allows coexistence with other firewall management technologies. * Add a note to the sample config
5 years ago
Add calico variable that enables ignoring Kernel's RPF Setting (#1493)
7 years ago
Add nodeSelctor for other services and node labels before CNI setup (#7613)
3 years ago
Added ability to set calico vxlan vni and port. defaults to calico's … (#6678) * Added ability to set calico vxlan vni and port. defaults to calico's documented defaults. * Check if calico_network_backend is defined prior to checking value * Removed calico hidden defaults for vxlan port and vni * Fixed FELIX_VXLANVNI typo
4 years ago
Adding calico/node env vars for prometheus configuration
7 years ago
Calico felix - Fix jinja2 boolean condition (#4348) * Fix jinja2 boolean condition * Convert all felix variable to booleans instead.
6 years ago
Adding calico/node env vars for prometheus configuration
7 years ago
Calico felix - Fix jinja2 boolean condition (#4348) * Fix jinja2 boolean condition * Convert all felix variable to booleans instead.
6 years ago
Adding calico/node env vars for prometheus configuration
7 years ago
Make Calico Felix log level configurable (#3781)
6 years ago
Fixes issue #7528 - allow configuring CALICO_STARTUP_LOGLEVEL via a new variable: calico_node_startup_loglevel (#7530) Signed-off-by: Brendan Holmes <5072156+holmesb@users.noreply.github.com>
3 years ago
Make Calico Felix log level configurable (#3781)
6 years ago
Allow disabling calico CNI logs with calico_cni_log_file_path (#8921) * Allow disabling calico CNI logs with calico_cni_log_file_path Calico CNI logs up to 1G if it log a lot with current default settings: log_file_max_size 100 Max file size in MB log files can reach before they are rotated. log_file_max_age 30 Max age in days that old log files will be kept on the host before they are removed. log_file_max_count 10 Max number of rotated log files allowed on the host before they are cleaned up. See https://projectcalico.docs.tigera.io/reference/cni-plugin/configuration#logging To save disk space, make the path configurable and allow disabling this log by setting `calico_cni_log_file_path: false` * Fix markdown * Update roles/network_plugin/canal/templates/cni-canal.conflist.j2 Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com> Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
2 years ago
Add option to enable usage reports to calico servers (#6030)
4 years ago
Add calico variable that enables ignoring Kernel's RPF Setting (#1493)
7 years ago
Move calico to daemonset (#1605) * Drop legacy calico logic * add calico as a daemonset
7 years ago
Make Felix healthhost configurable
6 years ago
Make calico iptables lock timeout configurable (#5658) Adds `calico_iptables_lock_timeout_secs` variable to calico DS yaml.
5 years ago
Update default (erroneous) backend value for calico (#6031)
4 years ago
[calico] switch default iptables backend detection to Auto (#8429)
3 years ago
Calico: update to 3.11.1, allow to configure calico_iptables_backend (#5514) I've tested this update by deploying a containerd / etcd cluster on top CentOS7, MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years ago
Calico wireguard (#7638) * Calico: add Wireguard support * CI: Add Calico Wireguard scenario
3 years ago
add support for Calico IP6_AUTODETECTION_METHOD (#8541)
3 years ago
IP_AUTODETECTION_METHOD docs
7 years ago
add support for Calico IP6_AUTODETECTION_METHOD (#8541)
3 years ago
Integrate jetstack/cert-manager 0.2.3 to Kubespray
7 years ago
add support for Calico IP6_AUTODETECTION_METHOD (#8541)
3 years ago
Make Calico nodename overridable on bare metal Signed-off-by: Daniel Mohr <daniel.mohr@supercrunch.io>
6 years ago
allow user to set env: FELIX_MTUIFACEPATTERN in calico-node.yml (#9330)
2 years ago
Fix calico when kube_override_hostname is set (#4235) This fixes an issue where the `nodename` in calico's cni config json can fall out of sync with the k8s node name used by the calico pod if `kube_override_hostname` is set
6 years ago
calico upgrade to v3 (#3086) * calico upgrade to v3 * update calico_rr version * add missing file * change contents of main.yml as it was left old version * enable network policy by default * remove unneeded task * Fix kubelet calico settings * fix when statement * switch back to node-kubeconfig.yaml
6 years ago
Use K8s 1.14 and add kubeadm experimental control plane mode (#4514) * Use K8s 1.14 and add kubeadm experimental control plane mode This reverts commit d39c273d96afe610fed03a2558ffc1beec64c114. * Cleanup kubeadm setup run on first master * pin kubeadm_certificate_key in test * Remove kubelet autolabel of kube-node, add symlink for pki dir Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
calico: default to using kdd datastore (#6693) If already deployed, get current datastore from CNI config file
4 years ago
set calico_datastore default value in role kubespray-default (#5259)
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Calico enable support for eBPF (#7618) * Calico: align manifests with upstream * allow enabling typha prometheus metrics * Calico: enable eBPF support * manage the kubernetes-services-endpoint configmap * Calico: document the use of eBPF dataplane * Calico: improve checks before deployment * enforce disabling kube-proxy when using eBPF dataplane * ensure calico_version is supported
3 years ago
Raise typha max connections to 300 (#5527) Raises limit from 100 to 300 because the default is far too low and the pod can handle 300 with the given resources. Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
5 years ago
Add support calico kubernetes datastore and typha. (#4498) * Add support calico kubernetes datastore and typha. * Add typha_enabled to kubespray-defaults.
5 years ago
Allow to specify feature_control in calico cni config (#4879) * Allow to specify feature_control in calico cni config * list length checking * double check * remove 2 conditions
5 years ago
Raise typha max connections to 300 (#5527) Raises limit from 100 to 300 because the default is far too low and the pod can handle 300 with the given resources. Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
5 years ago
Generate TLS certs for calico typha (#5258) * Generate TLS certs for calico typha Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707 * Add group vars note Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Allow to specify feature_control in calico cni config (#4879) * Allow to specify feature_control in calico cni config * list length checking * double check * remove 2 conditions
5 years ago
add support for custom calico port (#7419)
3 years ago
Calico enable support for eBPF (#7618) * Calico: align manifests with upstream * allow enabling typha prometheus metrics * Calico: enable eBPF support * manage the kubernetes-services-endpoint configmap * Calico: document the use of eBPF dataplane * Calico: improve checks before deployment * enforce disabling kube-proxy when using eBPF dataplane * ensure calico_version is supported
3 years ago
calico add support for container ip forwarding setting (#8184)
3 years ago
feat(calico): add configurable ipam strictaffinity (#8581) Signed-off-by: Toni Tauro <toni.tauro@adfinis.com>
3 years ago
[calico]use ipamconfig instead of calico ipam command (#8839) * use ipamconfig instead of calico ipam command * fix ansible lint
2 years ago
feat(calico): add configurable ipam strictaffinity (#8581) Signed-off-by: Toni Tauro <toni.tauro@adfinis.com>
3 years ago
[calico] add calico apiserver (#8690) * [calico] add calico apiserver * fix yamllint * remove addext argument * Configure API server with the CA bundle * add check kdd
2 years ago
[calico]use ipamconfig instead of calico ipam command (#8839) * use ipamconfig instead of calico ipam command * fix ansible lint
2 years ago
Fix some typo (#9056) * fix ingress controller task name * fix calico word * add check typo
2 years ago
[calico]use ipamconfig instead of calico ipam command (#8839) * use ipamconfig instead of calico ipam command * fix ansible lint
2 years ago
Disable podCIDR allocation from control-plane when using calico (#10639) * Disable control plane allocating podCIDR for nodes when using calico Calico does not use the .spec.podCIDR field for its IP address management. Furthermore, it can false positives from the kube controller manager if kube_network_node_prefix and calico_pool_blocksize are unaligned, which is the case with the default shipped by kubespray. If the subnets obtained from using kube_network_node_prefix are bigger, this would result at some point in the control plane thinking it does not have subnets left for a new node, while calico will work without problems. Explicitely set a default value of false for calico_ipam_host_local to facilitate its use in templates. * Don't default to kube_network_node_prefix for calico_pool_blocksize They have different semantics: kube_network_node_prefix is intended to be the size of the subnet for all pods on a node, while there can be more than on calico block of the specified size (they are allocated on demand). Besides, this commit does not actually change anything, because the current code is buggy: we don't ever default to kube_network_node_prefix, since the variable is defined in the role defaults.
1 year ago
[calico] add calico apiserver (#8690) * [calico] add calico apiserver * fix yamllint * remove addext argument * Configure API server with the CA bundle * add check kdd
2 years ago
Add featureDetectOverride configration of calico (#9249)
2 years ago
update-calico-VXLAN-docs (#9639)
2 years ago
Add featureDetectOverride configration of calico (#9249)
2 years ago
add calico kubeconfig wait timeout (#9994) Signed-off-by: tu1h <lihai.tu@daocloud.io>
1 year ago
  1. ---
  2. # the default value of name
  3. calico_cni_name: k8s-pod-network
  5. # Enables Internet connectivity from containers
  6. nat_outgoing: true
  7. nat_outgoing_ipv6: false
  9. # add default ippool name
  10. calico_pool_name: "default-pool"
  11. calico_ipv4pool_ipip: "Off"
  13. # Change encapsulation mode, by default we enable vxlan which is the most mature and well tested mode
  14. calico_ipip_mode: Never # valid values are 'Always', 'Never' and 'CrossSubnet'
  15. calico_vxlan_mode: Always # valid values are 'Always', 'Never' and 'CrossSubnet'
  17. calico_cni_pool: true
  18. calico_cni_pool_ipv6: true
  20. # add default ippool blockSize
  21. calico_pool_blocksize: 26
  23. # Calico doesn't support ipip tunneling for the IPv6.
  24. calico_ipip_mode_ipv6: Never
  25. calico_vxlan_mode_ipv6: Never
  27. # add default ipv6 ippool blockSize
  28. calico_pool_blocksize_ipv6: 122
  30. # Calico network backend can be 'bird', 'vxlan' and 'none'
  31. calico_network_backend: vxlan
  33. calico_cert_dir: /etc/calico/certs
  35. # Global as_num (/calico/bgp/v1/global/as_num)
  36. global_as_num: "64512"
  38. # You can set MTU value here. If left undefined or empty, it will
  39. # not be specified in calico CNI config, so Calico will use built-in
  40. # defaults. The value should be a number, not a string.
  41. # calico_mtu: 1500
  43. # Advertise Service External IPs
  44. calico_advertise_service_external_ips: []
  46. # Advertise Service LoadBalancer IPs
  47. calico_advertise_service_loadbalancer_ips: []
  49. # Calico eBPF support
  50. calico_bpf_enabled: false
  51. calico_bpf_log_level: ""
  52. # Valid option for service mode: Tunnel (default), DSR=Direct Server Return
  53. calico_bpf_service_mode: Tunnel
  55. # Calico floatingIPs support
  56. # Valid option for floatingIPs: Disabled (default), Enabled
  57. calico_felix_floating_ips: Disabled
  59. # Limits for apps
  60. calico_node_memory_limit: 500M
  61. calico_node_cpu_limit: 300m
  62. calico_node_memory_requests: 64M
  63. calico_node_cpu_requests: 150m
  64. calico_felix_chaininsertmode: Insert
  66. # Calico daemonset nodeselector
  67. calico_ds_nodeselector: "kubernetes.io/os: linux"
  69. # Virtual network ID to use for VXLAN traffic. A value of 0 means “use the kernel default”.
  70. calico_vxlan_vni: 4096
  72. # Port to use for VXLAN traffic. A value of 0 means “use the kernel default”.
  73. calico_vxlan_port: 4789
  75. # Enable Prometheus Metrics endpoint for felix
  76. calico_felix_prometheusmetricsenabled: false
  77. calico_felix_prometheusmetricsport: 9091
  78. calico_felix_prometheusgometricsenabled: true
  79. calico_felix_prometheusprocessmetricsenabled: true
  81. # Set the agent log level. Can be debug, warning, info or fatal
  82. calico_loglevel: info
  83. calico_node_startup_loglevel: error
  85. # Set log path for calico CNI plugin. Set to false to disable logging to disk.
  86. calico_cni_log_file_path: /var/log/calico/cni/cni.log
  88. # Enable or disable usage report to 'usage.projectcalico.org'
  89. calico_usage_reporting: false
  91. # Should calico ignore kernel's RPF check setting,
  92. # see https://github.com/projectcalico/felix/blob/ab8799eaea66627e5db7717e62fca61fd9c08646/python/calico/felix/config.py#L198
  93. calico_node_ignorelooserpf: false
  95. # Define address on which Felix will respond to health requests
  96. calico_healthhost: "localhost"
  98. # Configure time in seconds that calico will wait for the iptables lock
  99. calico_iptables_lock_timeout_secs: 10
  101. # Choose Calico iptables backend: "Legacy", "Auto" or "NFT" (FELIX_IPTABLESBACKEND)
  102. calico_iptables_backend: "Auto"
  104. # Calico Wireguard support
  105. calico_wireguard_enabled: false
  106. calico_wireguard_packages: []
  107. calico_wireguard_repo: https://download.copr.fedorainfracloud.org/results/jdoss/wireguard/epel-{{ ansible_distribution_major_version }}-$basearch/
  109. # If you want to use non default IP_AUTODETECTION_METHOD, IP6_AUTODETECTION_METHOD for calico node set this option to one of:
  110. # * can-reach=DESTINATION
  111. # * interface=INTERFACE-REGEX
  112. # see https://projectcalico.docs.tigera.io/reference/node/configuration#ip-autodetection-methods
  113. # calico_ip_auto_method: "interface=eth.*"
  114. # calico_ip6_auto_method: "interface=eth.*"
  116. # Set FELIX_MTUIFACEPATTERN, Pattern used to discover the host’s interface for MTU auto-detection.
  117. # see https://projectcalico.docs.tigera.io/reference/felix/configuration
  118. # calico_felix_mtu_iface_pattern: "^((en|wl|ww|sl|ib)[opsx].*|(eth|wlan|wwan).*)"
  120. calico_baremetal_nodename: "{{ kube_override_hostname | default(inventory_hostname) }}"
  122. kube_etcd_cacert_file: ca.pem
  123. kube_etcd_cert_file: node-{{ inventory_hostname }}.pem
  124. kube_etcd_key_file: node-{{ inventory_hostname }}-key.pem
  126. # Choose data store type for calico: "etcd" or "kdd" (kubernetes datastore)
  127. # The default value for calico_datastore is set in role kubespray-default
  129. # Use typha (only with kdd)
  130. typha_enabled: false
  131. typha_prometheusmetricsenabled: false
  132. typha_prometheusmetricsport: 9093
  134. # Scaling typha: 1 replica per 100 nodes is adequate
  135. # Number of typha replicas
  136. typha_replicas: 1
  138. # Set max typha connections
  139. typha_max_connections_lower_limit: 300
  141. # Generate certifcates for typha<->calico-node communication
  142. typha_secure: false
  144. calico_feature_control: {}
  146. # Calico default BGP port
  147. calico_bgp_listen_port: 179
  149. # Calico FelixConfiguration options
  150. calico_felix_reporting_interval: 0s
  151. calico_felix_log_severity_screen: Info
  153. # Calico container settings
  154. calico_allow_ip_forwarding: false
  156. # Calico IPAM strictAffinity
  157. calico_ipam_strictaffinity: false
  159. # Calico IPAM autoAllocateBlocks
  160. calico_ipam_autoallocateblocks: true
  162. # Calico IPAM maxBlocksPerHost, default 0
  163. calico_ipam_maxblocksperhost: 0
  165. # Calico host local IPAM (use node .spec.podCIDR)
  167. calico_ipam_host_local: false
  169. # Calico apiserver (only with kdd)
  170. calico_apiserver_enabled: false
  172. # Calico feature detect override
  173. calico_feature_detect_override: ""
  175. # Calico kubeconfig wait timeout in seconds
  176. calico_kubeconfig_wait_timeout: 300