Calico is not a network overlay

README.md

@@ -1,7 +1,7 @@
 kubernetes-ansible
 ========
 
-Install and configure a kubernetes cluster including network overlay and optionnal addons.
+Install and configure a kubernetes cluster including network plugin and optionnal addons.
 Based on [CiscoCloud](https://github.com/CiscoCloud/kubernetes-ansible) work.
 
 ### Requirements
@@ -32,6 +32,49 @@ Please ensure that you have enough disk space there (about **1G**).
 ### Variables
 The main variables to change are located in the directory ```environments/[env_name]/group_vars/k8s-cluster.yml```.
 
+### Inventory
+Below is an example of an inventory.
+Note : The bgp vars (local_as, peers) are not mandatory if the var "peer_with_router" is set to false
+```
+[downloader]
+10.99.0.26
+
+[kube-master]
+# NB : the br_addr must be in the {{ calico_pool }} subnet
+# it will assign a /24 subnet per node
+10.99.0.26 br_addr=10.99.64.1
+
+[etcd]
+10.99.0.26
+
+[kube-node]
+10.99.0.4
+10.99.0.5
+10.99.0.6
+10.99.0.36
+10.99.0.37
+
+[itx2]
+10.99.0.26 br_addr=10.99.16.1
+10.99.0.4 br_addr=10.99.65.1 local_as=xxxxxxxx
+10.99.0.5 br_addr=10.99.66.1 local_as=xxxxxxxx
+10.99.0.6 br_addr=10.99.69.1 local_as=xxxxxxxx
+
+[rmv]
+10.99.0.36 br_addr=10.99.67.1 local_as=xxxxxxxx
+10.99.0.37 br_addr=10.99.68.1 local_as=xxxxxxxx
+
+[k8s-cluster:children]
+kube-node
+kube-master
+
+[itx2:vars]
+peers=[{"router_id": "10.99.0.2", "as": "65xxx"}, {"router_id": "10.99.0.3", "as": "65xxx"}]
+
+[rmv:vars]
+peers=[{"router_id": "10.99.0.34", "as": "65xxx"}, {"router_id": "10.99.0.35", "as": "65xxx"}]
+```
+
 ### Playbook
 ```
 ---
@@ -44,7 +87,7 @@ The main variables to change are located in the directory ```environments/[env_n
   roles:
     - { role: etcd, tags: etcd }
     - { role: docker, tags: docker }
-    - { role: overlay_network, tags: ['calico', 'flannel', 'network'] }
+    - { role: network_plugin, tags: ['calico', 'flannel', 'network'] }
     - { role: dnsmasq, tags: dnsmasq }
 
 - hosts: kube-master
@@ -72,13 +115,13 @@ Kubernetes
 -------------------------
 
 ### Network Overlay
-You can choose between 2 network overlays. Only one must be chosen.
+You can choose between 2 network plugins. Only one must be chosen.
 
 * **flannel**: gre/vxlan (layer 2) networking. ([official docs]('https://github.com/coreos/flannel'))
 
 * **calico**: bgp (layer 3) networking. ([official docs]('http://docs.projectcalico.org/en/0.13/'))
 
-The choice is defined with the variable '**overlay_network_plugin**'
+The choice is defined with the variable '**kube_network_plugin**'
 
 ### Expose a service
 There are several loadbalancing solutions.

cluster.yml

@@ -8,7 +8,7 @@
   roles:
     - { role: etcd, tags: etcd }
     - { role: docker, tags: docker }
-    - { role: overlay_network, tags: ['calico', 'flannel', 'network'] }
+    - { role: network_plugin, tags: ['calico', 'flannel', 'network'] }
     - { role: dnsmasq, tags: dnsmasq }
 
 - hosts: kube-master

environments/dev/group_vars/k8s-cluster.yml

@@ -11,7 +11,7 @@ kube_users:
 cluster_name: cluster.local
    #
 # set this variable to calico if needed. keep it empty if flannel is used
-overlay_network_plugin: calico
+kube_network_plugin: calico
 
 # Kubernetes internal network for services, unused block of space.
 kube_service_addresses: 10.233.0.0/18
@@ -19,17 +19,16 @@ kube_service_addresses: 10.233.0.0/18
 # internal network. When used, it will assign IP
 # addresses from this range to individual pods.
 # This network must be unused in your network infrastructure!
-overlay_network_subnet: 10.233.64.0/18
+kube_pods_subnet: 10.233.64.0/18
 
 # internal network total size (optional). This is the prefix of the
-# entire overlay network.  So the entirety of 4.0.0.0/16 must be
-# unused in your environment.
-# overlay_network_prefix: 18
+# entire network. Must be unused in your environment.
+# kube_network_prefix: 18
 
 # internal network node size allocation (optional). This is the size allocated
 # to each node on your network.  With these defaults you should have
 # room for 4096 nodes with 254 pods per node.
-overlay_network_host_prefix: 24
+kube_network_node_prefix: 24
 
 # With calico it is possible to distributed routes with border routers of the datacenter.
 peer_with_router: false

environments/production/group_vars/k8s-cluster.yml

@@ -9,9 +9,9 @@
 
 # Kubernetes cluster name, also will be used as DNS domain
 # cluster_name: cluster.local
-   #
+
 # set this variable to calico if needed. keep it empty if flannel is used
-# overlay_network_plugin: calico
+# kube_network_plugin: calico
 
 # Kubernetes internal network for services, unused block of space.
 # kube_service_addresses: 10.233.0.0/18
@@ -19,17 +19,16 @@
 # internal network. When used, it will assign IP
 # addresses from this range to individual pods.
 # This network must be unused in your network infrastructure!
-# overlay_network_subnet: 10.233.64.0/18
+# kube_pods_subnet: 10.233.64.0/18
 
 # internal network total size (optional). This is the prefix of the
-# entire overlay network.  So the entirety of 4.0.0.0/16 must be
-# unused in your environment.
-# overlay_network_prefix: 18
+# entire network. Must be unused in your environment.
+# kube_network_prefix: 18
 
 # internal network node size allocation (optional). This is the size allocated
 # to each node on your network.  With these defaults you should have
 # room for 4096 nodes with 254 pods per node.
-# overlay_network_host_prefix: 24
+# kube_network_node_prefix: 24
 
 # With calico it is possible to distributed routes with border routers of the datacenter.
 # peer_with_router: false

roles/docker/tasks/configure.yml

@@ -1,11 +1,11 @@
 ---
 - name: Write script for calico/docker bridge configuration
   template: src=create_cbr.j2 dest=/etc/network/if-up.d/create_cbr mode=u+x
-  when: overlay_network_plugin is defined and overlay_network_plugin == "calico"
+  when: kube_network_plugin is defined and kube_network_plugin == "calico"
 
 - name: Configure calico/docker bridge
   shell: /etc/network/if-up.d/create_cbr
-  when: overlay_network_plugin is defined and overlay_network_plugin == "calico"
+  when: kube_network_plugin is defined and kube_network_plugin == "calico"
 
 - name: Configure docker to use cbr0 bridge
   lineinfile:
@@ -14,7 +14,7 @@
     line='DOCKER_OPTS="--bridge=cbr0 --iptables=false --ip-masq=false"'
   notify:
     - restart docker
-  when: overlay_network_plugin is defined and overlay_network_plugin == "calico"
+  when: kube_network_plugin is defined and kube_network_plugin == "calico"
 
 - name: enable docker
   service:

roles/docker/tasks/install.yml

@@ -13,7 +13,7 @@
   with_items:
     - aufs-tools
     - cgroupfs-mount
-    - docker-engine=1.8.2-0~{{ ansible_distribution_release }}
+    - docker-engine=1.8.3-0~{{ ansible_distribution_release }}
 
 - name: Copy default docker configuration
   template: src=default-docker.j2 dest=/etc/default/docker

roles/docker/templates/create_cbr.j2

@@ -9,6 +9,6 @@ fi
 
 # Configure calico bridge ip
 br_ips=$(ip addr list cbr0 |grep "inet " |cut -d' ' -f6)
-if ! [[ "${br_ips}" =~ "{{ br_addr }}/{{ overlay_network_host_prefix }}" ]];then
-       ip a add {{ br_addr }}/{{ overlay_network_host_prefix }} dev cbr0
+if ! [[ "${br_ips}" =~ "{{ br_addr }}/{{ kube_network_node_prefix }}" ]];then
+       ip a add {{ br_addr }}/{{ kube_network_node_prefix }} dev cbr0
 fi

roles/docker/templates/default-docker.j2

@@ -4,7 +4,7 @@
 #DOCKER="/usr/local/bin/docker"
 
 # Use DOCKER_OPTS to modify the daemon startup options.
-{% if overlay_network_plugin is defined and overlay_network_plugin == "calico" %}
+{% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
 DOCKER_OPTS="--bridge=cbr0 --iptables=false --ip-masq=false"
 {% endif %}
 

roles/kubernetes/master/templates/systemd-init/kube-proxy.service.j2

@@ -1,7 +1,7 @@
 [Unit]
 Description=Kubernetes Kube-Proxy Server
 Documentation=https://github.com/GoogleCloudPlatform/kubernetes
-{% if overlay_network_plugin|default('') %}
+{% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
 After=docker.service calico-node.service
 {% else %}
 After=docker.service

roles/kubernetes/node/templates/kubelet.j2

@@ -16,6 +16,6 @@ Environment="KUBELET_ARGS=--cluster_dns={{ dns_server }} --cluster_domain={{ dns
 {% else %}
 Environment="KUBELET_ARGS=--kubeconfig={{ kube_config_dir}}/kubelet.kubeconfig --config={{ kube_manifest_dir }}"
 {% endif %}
-{% if overlay_network_plugin|default('') %}
-Environment="KUBELET_NETWORK_PLUGIN=--network_plugin={{ overlay_network_plugin }}"
+{% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
+Environment="KUBELET_NETWORK_PLUGIN=--network_plugin={{ kube_network_plugin }}"
 {% endif %}

roles/kubernetes/node/templates/systemd-init/kube-proxy.service.j2

@@ -1,7 +1,7 @@
 [Unit]
 Description=Kubernetes Kube-Proxy Server
 Documentation=https://github.com/GoogleCloudPlatform/kubernetes
-{% if overlay_network_plugin|default('') %}
+{% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
 After=docker.service calico-node.service
 {% else %}
 After=docker.service

roles/kubernetes/node/templates/systemd-init/kubelet.service.j2

@@ -1,7 +1,7 @@
 [Unit]
 Description=Kubernetes Kubelet Server
 Documentation=https://github.com/GoogleCloudPlatform/kubernetes
-{% if overlay_network_plugin|default('') %}
+{% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
 After=docker.service calico-node.service
 {% else %}
 After=docker.service

roles/overlay_network/tasks/calico.yml → roles/network_plugin/tasks/calico.yml

@@ -31,7 +31,7 @@
   run_once: true
 
 - name: Calico | Configure calico-node desired pool
-  shell: calicoctl pool add {{ overlay_network_subnet }}
+  shell: calicoctl pool add {{ kube_pods_subnet }}
   environment: 
      ETCD_AUTHORITY: "{{ groups['kube-master'][0] }}:4001"
   run_once: true

roles/network_plugin/tasks/main.yml

@@ -0,0 +1,13 @@
+---
+- name: "Test if network plugin is defined"
+  fail: msg="ERROR, One network_plugin variable must be defined (Flannel or Calico)"
+  when: ( kube_network_plugin is defined and kube_network_plugin == "calico" and kube_network_plugin == "flannel" ) or
+        kube_network_plugin is not defined 
+
+- include: flannel.yml
+  when: kube_network_plugin == "flannel"
+- include: calico.yml
+  when: kube_network_plugin == "calico"
+
+- meta: flush_handlers
+

roles/network_plugin/templates/flannel/flannel-conf.json.j2

@@ -0,0 +1 @@
+{ "Network": "{{ kube_service_addresses }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "vxlan" } }

roles/overlay_network/tasks/main.yml

@@ -1,13 +0,0 @@
----
-- name: "Test if overlay network is defined"
-  fail: msg="ERROR, One overlay_network variable must be defined (Flannel or Calico)"
-  when: ( overlay_network_plugin is defined and overlay_network_plugin == "calico" and overlay_network_plugin == "flannel" ) or
-        overlay_network_plugin is not defined 
-
-- include: flannel.yml
-  when: overlay_network_plugin == "flannel"
-- include: calico.yml
-  when: overlay_network_plugin == "calico"
-
-- meta: flush_handlers
-

roles/overlay_network/templates/flannel/flannel-conf.json.j2

@@ -1 +0,0 @@
-{ "Network": "{{ kube_service_addresses }}", "SubnetLen": {{ overlay_network_host_prefix }}, "Backend": { "Type": "vxlan" } }