Skip to content
This repository was archived by the owner on Sep 30, 2020. It is now read-only.

[v0.16.x] Setup Calico Networking Option #1872

Merged
merged 32 commits into from
Jul 3, 2020
Merged

[v0.16.x] Setup Calico Networking Option #1872

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
10a24eb
Add ability to use calico
dominicgunn Jun 5, 2020
9615389
Fix indentation
dominicgunn Jun 5, 2020
1c5e7c1
Fix indentation
dominicgunn Jun 5, 2020
cdb5d62
Fix deployment version for Typha
dominicgunn Jun 5, 2020
c05dfbe
Remove selectors not in place for kube-aws
dominicgunn Jun 5, 2020
a77bf8d
Allow for custom versions, and open up BGP port
dominicgunn Jun 5, 2020
ebc504e
Open more ports for calico
dominicgunn Jun 5, 2020
eae8ad6
Open ports on the controller side
dominicgunn Jun 5, 2020
538afc2
Run Typha on masters
dominicgunn Jun 6, 2020
e8587db
Revert to rkt kubelet start
dominicgunn Jun 7, 2020
e2e548c
Add cloud-controller, fix node labels
dominicgunn Jun 7, 2020
c5b28e9
Open traffic between controllers and workers
dominicgunn Jun 7, 2020
f553e94
Migrate to per-bucket s3 URL
tjamet Jun 8, 2020
675ee63
Merge pull request #1873 from tjamet/s3-url
dominicgunn Jun 15, 2020
9fa7395
Add ability to use calico
dominicgunn Jun 5, 2020
92635bc
Fix indentation
dominicgunn Jun 5, 2020
59ced87
Fix indentation
dominicgunn Jun 5, 2020
afcd986
Fix deployment version for Typha
dominicgunn Jun 5, 2020
206d7d3
Remove selectors not in place for kube-aws
dominicgunn Jun 5, 2020
d01eec4
Allow for custom versions, and open up BGP port
dominicgunn Jun 5, 2020
3ce1ff3
Open more ports for calico
dominicgunn Jun 5, 2020
afed28b
Open ports on the controller side
dominicgunn Jun 5, 2020
046f4a3
Run Typha on masters
dominicgunn Jun 6, 2020
62b54f8
Revert to rkt kubelet start
dominicgunn Jun 7, 2020
04b270a
Add cloud-controller, fix node labels
dominicgunn Jun 7, 2020
9ca43e1
Open traffic between controllers and workers
dominicgunn Jun 7, 2020
82d76e4
Add descriptions per pull request feedback
dominicgunn Jun 15, 2020
44383e8
Add descriptions per pull request feedback
dominicgunn Jun 15, 2020
66da17d
Enable vxlan mode in calico
dominicgunn Jun 17, 2020
593a457
Switch back to Davids kubelet start script
dominicgunn Jun 17, 2020
29859fb
Only pass --bird-live is not using vxlan
dominicgunn Jun 17, 2020
771b148
Add gotmpl comments per @fsero
dominicgunn Jul 3, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go:
- 1.13.x

script:
- travis_wait 40 make test-with-cover
- travis_wait 50 make test-with-cover

after_success:
- bash <(curl -s https://codecov.io/bash)
Expand Down
14 changes: 9 additions & 5 deletions builtin/files/cluster.yaml.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1206,10 +1206,10 @@ kubernetes:
# cpu: "250m"
# memory: "200Mi"
# calicoNodeImage:
# repo: quay.io/calico/node
# repo: calico/node
# tag: v3.9.1
# calicoCniImage:
# repo: quay.io/calico/cni
# repo: calico/cni
# tag: v3.9.1
# flannelImage:
# repo: quay.io/coreos/flannel
Expand All @@ -1218,16 +1218,20 @@ kubernetes:
# repo: quay.io/coreos/flannel-cni
# tag: v0.3.0
# typhaImage:
# repo: quay.io/calico/typha
# repo: calico/typha
# tag: v3.9.1
# # By default, flannel assigns a /24 per node for pod's ips, this is effectively limiting your cluster size
# # to 255 nodes since each lease will be preserved for 24h.
# # If you have a bigger cluster you may want to tune this number to assign an smaller block per node.
# # Be aware that network should be able to accomodate at least 4 subnets, and networks smaller than /28
# # will make flannel panic and exit.
# # Ref: https://github.com/coreos/flannel/blob/62a1314e51047e25606b4e4e30bd23d7a8d746bc/subnet/config.go#L69
# flannelConfig:
# subnetLen: 24
# flannelConfig:
# subnetLen: 24
# calicoConfig:
# # If false, we will run with bird in bgp/ip-in-ip mode.
# vxlanMode: true


# Create MountTargets to subnets managed by kube-aws for a pre-existing Elastic File System (Amazon EFS),
# and then mount to every node.
Expand Down
107 changes: 107 additions & 0 deletions builtin/files/stack-templates/network.json.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,61 @@
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupControllerIngressFromControllerToController": {
"Properties": {
"GroupId": {
"Ref": "SecurityGroupController"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupController"
}
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupControllerIngressFromWorkerToControllelr": {
"Properties": {
"GroupId": {
"Ref": "SecurityGroupController"
},
"Description": "controller to controller sg",
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupWorker"
}
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupControllerIngressFromControllerToCalico": {
"Properties": {
"FromPort": 4789,
"GroupId": {
"Ref": "SecurityGroupController"
},
"Description": "controller to calico",
"IpProtocol": "udp",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupController"
},
"ToPort": 4789
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupControllerIngressFromWorkerToCalico": {
"Properties": {
"FromPort": 4789,
"GroupId": {
"Ref": "SecurityGroupController"
},
"Description": "worker to calico sg",
"IpProtocol": "udp",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupWorker"
},
"ToPort": 4789
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupWorker": {
"Properties": {
"GroupDescription": {
Expand Down Expand Up @@ -331,6 +386,58 @@
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupWorkerIngressFromControllerToWorker": {
"Properties": {
"GroupId": {
"Ref": "SecurityGroupWorker"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupController"
}
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupWorkerIngressFromWorkerToWorker": {
"Properties": {
"GroupId": {
"Ref": "SecurityGroupWorker"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupWorker"
}
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupWorkerIngressFromControllerToCalico": {
"Properties": {
"FromPort": 4789,
"GroupId": {
"Ref": "SecurityGroupWorker"
},
"IpProtocol": "udp",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupController"
},
"ToPort": 4789
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupWorkerIngressFromWorkerToCalico": {
"Properties": {
"FromPort": 4789,
"GroupId": {
"Ref": "SecurityGroupWorker"
},
"IpProtocol": "udp",
"SourceSecurityGroupId": {
"Ref": "SecurityGroupWorker"
},
"ToPort": 4789
},
"Type": "AWS::EC2::SecurityGroupIngress"
},
"SecurityGroupWorkerIngressFromControllerTocAdvisor": {
"Properties": {
"FromPort": 4194,
Expand Down
Loading