Mohamed Omar Zaian
1 year ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with
59 additions and
3 deletions
-
README.md
-
roles/download/defaults/main/main.yml
-
roles/network_plugin/calico/templates/calico-cr.yml.j2
-
roles/network_plugin/calico/templates/calico-crb.yml.j2
-
roles/network_plugin/calico/templates/calico-node-sa.yml.j2
|
|
|
@ -168,7 +168,7 @@ Note: Upstart/SysV init based OS types are not supported. |
|
|
|
- [cri-o](http://cri-o.io/) v1.27 (experimental: see [CRI-O Note](docs/cri-o.md). Only on fedora, ubuntu and centos based OS) |
|
|
|
- Network Plugin |
|
|
|
- [cni-plugins](https://github.com/containernetworking/plugins) v1.2.0 |
|
|
|
- [calico](https://github.com/projectcalico/calico) v3.25.2 |
|
|
|
- [calico](https://github.com/projectcalico/calico) v3.26.1 |
|
|
|
- [cilium](https://github.com/cilium/cilium) v1.13.4 |
|
|
|
- [flannel](https://github.com/flannel-io/flannel) v0.22.0 |
|
|
|
- [kube-ovn](https://github.com/alauda/kube-ovn) v1.11.5 |
|
|
|
|
|
|
|
@ -100,7 +100,7 @@ github_image_repo: "ghcr.io" |
|
|
|
|
|
|
|
# TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults |
|
|
|
# after migration to container download |
|
|
|
calico_version: "v3.25.2" |
|
|
|
calico_version: "v3.26.1" |
|
|
|
calico_ctl_version: "{{ calico_version }}" |
|
|
|
calico_cni_version: "{{ calico_version }}" |
|
|
|
calico_flexvol_version: "{{ calico_version }}" |
|
|
|
|
|
|
|
@ -1,6 +1,39 @@ |
|
|
|
--- |
|
|
|
kind: ClusterRole |
|
|
|
apiVersion: rbac.authorization.k8s.io/v1 |
|
|
|
metadata: |
|
|
|
name: calico-cni-plugin |
|
|
|
rules: |
|
|
|
- apiGroups: [""] |
|
|
|
resources: |
|
|
|
- pods |
|
|
|
- nodes |
|
|
|
- namespaces |
|
|
|
verbs: |
|
|
|
- get |
|
|
|
- apiGroups: [""] |
|
|
|
resources: |
|
|
|
- pods/status |
|
|
|
verbs: |
|
|
|
- patch |
|
|
|
- apiGroups: ["crd.projectcalico.org"] |
|
|
|
resources: |
|
|
|
- blockaffinities |
|
|
|
- ipamblocks |
|
|
|
- ipamhandles |
|
|
|
- clusterinformations |
|
|
|
- ippools |
|
|
|
- ipreservations |
|
|
|
- ipamconfigs |
|
|
|
verbs: |
|
|
|
- get |
|
|
|
- list |
|
|
|
- create |
|
|
|
- update |
|
|
|
- delete |
|
|
|
--- |
|
|
|
kind: ClusterRole |
|
|
|
apiVersion: rbac.authorization.k8s.io/v1 |
|
|
|
metadata: |
|
|
|
name: calico-node |
|
|
|
namespace: kube-system |
|
|
|
@ -78,6 +111,7 @@ rules: |
|
|
|
- globalfelixconfigs |
|
|
|
- felixconfigurations |
|
|
|
- bgppeers |
|
|
|
- bgpfilters |
|
|
|
- globalbgpconfigs |
|
|
|
- bgpconfigurations |
|
|
|
- ippools |
|
|
|
@ -164,6 +198,6 @@ rules: |
|
|
|
resources: |
|
|
|
- serviceaccounts/token |
|
|
|
resourceNames: |
|
|
|
- calico-node |
|
|
|
- calico-cni-plugin |
|
|
|
verbs: |
|
|
|
- create |
|
|
|
@ -11,3 +11,18 @@ subjects: |
|
|
|
- kind: ServiceAccount |
|
|
|
name: calico-node |
|
|
|
namespace: kube-system |
|
|
|
|
|
|
|
--- |
|
|
|
|
|
|
|
apiVersion: rbac.authorization.k8s.io/v1 |
|
|
|
kind: ClusterRoleBinding |
|
|
|
metadata: |
|
|
|
name: calico-cni-plugin |
|
|
|
roleRef: |
|
|
|
apiGroup: rbac.authorization.k8s.io |
|
|
|
kind: ClusterRole |
|
|
|
name: calico-cni-plugin |
|
|
|
subjects: |
|
|
|
- kind: ServiceAccount |
|
|
|
name: calico-cni-plugin |
|
|
|
namespace: kube-system |
|
|
|
@ -4,3 +4,10 @@ kind: ServiceAccount |
|
|
|
metadata: |
|
|
|
name: calico-node |
|
|
|
namespace: kube-system |
|
|
|
|
|
|
|
--- |
|
|
|
apiVersion: v1 |
|
|
|
kind: ServiceAccount |
|
|
|
metadata: |
|
|
|
name: calico-cni-plugin |
|
|
|
namespace: kube-system |
