External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-09 05:29:28 -02:30
Code Issues Packages Projects Releases Wiki Activity

Fix calico host local ipam (#11022)

Browse Source 
* Prevent upgrade-ipam for host-local IPAM

Otherwise, the init container upgrade-ipam would clear the state of the host-local plugin, potentially causing it to reassign IPs that are still in use.

* USE_POD_CIDR required for host-local

4efd1bfd91/charts/calico/templates/calico-node.yaml (L279)
4efd1bfd91/charts/calico/templates/calico-typha.yaml (L133)
This commit is contained in:
Robert Volkmann
2024-04-03 09:52:31 +02:00
committed by GitHub
parent c6fcbf6ee0
commit 3067e565c0
2 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/network_plugin/calico/templates/calico-node.yml.j2
View File

@@ -38,7 +38,7 @@ spec:
# deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods. # deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods.
terminationGracePeriodSeconds: 0 terminationGracePeriodSeconds: 0
initContainers: initContainers:
{% if calico_datastore == "kdd" %} {% if calico_datastore == "kdd" and not calico_ipam_host_local %}
# This container performs upgrade from host-local IPAM to calico-ipam. # This container performs upgrade from host-local IPAM to calico-ipam.
# It can be deleted if this is a fresh installation, or if you have already # It can be deleted if this is a fresh installation, or if you have already
# upgraded to use calico-ipam. # upgraded to use calico-ipam.
@@ -310,6 +310,10 @@ spec:
value: "{{ calico_node_ignorelooserpf }}" value: "{{ calico_node_ignorelooserpf }}"
- name: CALICO_MANAGE_CNI - name: CALICO_MANAGE_CNI
value: "true" value: "true"
{% if calico_ipam_host_local %}
- name: USE_POD_CIDR
value: "true"
{% endif %}
{% if calico_node_extra_envs is defined %} {% if calico_node_extra_envs is defined %}
{% for key in calico_node_extra_envs %} {% for key in calico_node_extra_envs %}
- name: {{ key }} - name: {{ key }}
@@ -428,7 +432,7 @@ spec:
hostPath: hostPath:
path: /run/xtables.lock path: /run/xtables.lock
type: FileOrCreate type: FileOrCreate
{% if calico_datastore == "kdd" %} {% if calico_datastore == "kdd" and not calico_ipam_host_local %}
# Mount in the directory for host-local IPAM allocations. This is # Mount in the directory for host-local IPAM allocations. This is
# used when upgrading from host-local to calico-ipam, and can be removed # used when upgrading from host-local to calico-ipam, and can be removed
# if not using the upgrade-ipam init container. # if not using the upgrade-ipam init container.

9
roles/network_plugin/calico/templates/calico-typha.yml.j2
View File

@@ -136,11 +136,10 @@ spec:
name: cacert name: cacert
readOnly: true readOnly: true
{% endif %} {% endif %}
# Needed for version >=3.7 when the 'host-local' ipam is used {% if calico_ipam_host_local %}
# Should never happen given templates/cni-calico.conflist.j2 - name: USE_POD_CIDR
# Configure route aggregation based on pod CIDR. value: "true"
# - name: USE_POD_CIDR {% endif %}
# value: "true"
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /liveness path: /liveness