Konstantin Lebedev
4 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with
15 additions and
0 deletions
-
docs/calico.md
-
roles/network_plugin/calico/templates/calico-node.yml.j2
|
@ -235,6 +235,15 @@ Note that in OpenStack you must allow `ipip` traffic in your security groups, |
|
|
otherwise you will experience timeouts. |
|
|
otherwise you will experience timeouts. |
|
|
To do this you must add a rule which allows it, for example: |
|
|
To do this you must add a rule which allows it, for example: |
|
|
|
|
|
|
|
|
|
|
|
### Optional : Felix configuration via extraenvs of calico node |
|
|
|
|
|
|
|
|
|
|
|
Possible environment variable parameters for [configuring Felix](https://docs.projectcalico.org/reference/felix/configuration) |
|
|
|
|
|
|
|
|
|
|
|
```yml |
|
|
|
|
|
calico_node_extra_envs: |
|
|
|
|
|
FELIX_DEVICEROUTESOURCEADDRESS: 172.17.0.1 |
|
|
|
|
|
``` |
|
|
|
|
|
|
|
|
```ShellSession |
|
|
```ShellSession |
|
|
neutron security-group-rule-create --protocol 4 --direction egress k8s-a0tp4t |
|
|
neutron security-group-rule-create --protocol 4 --direction egress k8s-a0tp4t |
|
|
neutron security-group-rule-create --protocol 4 --direction igress k8s-a0tp4t |
|
|
neutron security-group-rule-create --protocol 4 --direction igress k8s-a0tp4t |
|
|
|
@ -267,6 +267,12 @@ spec: |
|
|
value: "true" |
|
|
value: "true" |
|
|
- name: FELIX_IGNORELOOSERPF |
|
|
- name: FELIX_IGNORELOOSERPF |
|
|
value: "{{ calico_node_ignorelooserpf }}" |
|
|
value: "{{ calico_node_ignorelooserpf }}" |
|
|
|
|
|
{% if calico_node_extra_envs is defined %} |
|
|
|
|
|
{% for key in calico_node_extra_envs %} |
|
|
|
|
|
- name: {{ key }} |
|
|
|
|
|
value: "{{ calico_node_extra_envs[key] }}" |
|
|
|
|
|
{% endfor %} |
|
|
|
|
|
{% endif %} |
|
|
securityContext: |
|
|
securityContext: |
|
|
privileged: true |
|
|
privileged: true |
|
|
resources: |
|
|
resources: |
|
|