Fix canal's calico networking config for ETCD TLS

Also fixes kube-apiserver upgrade that was erroneously deleted in a previous commit.
2026-02-01 01:28:11 -03:30 · 2016-11-10 12:49:47 +03:00
parent 9ea9604b3f
commit fe16fecd8f
4 changed files with 16 additions and 33 deletions
--- a/roles/network_plugin/canal/tasks/main.yml
+++ b/roles/network_plugin/canal/tasks/main.yml
@@ -1,9 +1,11 @@
 ---
- name: Canal | Write flannel configuration
-  template:
-    src: network.json.j2
-    dest: /etc/flannel-network.json
-    backup: yes
+- name: Canal | Set Flannel etcd configuration
+  command: |-
+    {{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} \
+    set /{{ cluster_name }}/network/config \
+    '{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }'
+  delegate_to: "{{groups['etcd'][0]}}"
+  run_once: true

 - name: Canal | Write canal configmap
  template:
--- a/roles/network_plugin/canal/templates/canal-node.yml.j2
+++ b/roles/network_plugin/canal/templates/canal-node.yml.j2
@@ -19,10 +19,6 @@ spec:
    spec:
      hostNetwork: true
      volumes:
-        # Used by flannel-server-helper
-        - name: "networkconfig"
-          hostPath:
-            path: "/etc/flannel-network.json"
        # Used by calico/node.
        - name: lib-modules
          hostPath:
@@ -45,29 +41,6 @@ spec:
          hostPath:
            path: /etc/resolv.conf
      containers:
-        - name: "flannel-server-helper"
-          image: "{{ flannel_server_helper_image_repo }}:{{ flannel_server_helper_image_tag }}"
-          env:
-            # Cluster name
-            - name: CLUSTER_NAME
-              valueFrom:
-                configMapKeyRef:
-                  name: canal-config
-                  key: cluster_name
-            # The location of the etcd cluster.
-            - name: FLANNELD_ETCD_ENDPOINTS
-              valueFrom:
-                configMapKeyRef:
-                  name: canal-config
-                  key: etcd_endpoints
-          args:
-            - "--network-config=/etc/flannel-network.json"
-            - "--etcd-prefix=/$(CLUSTER_NAME)/network"
-            - "--etcd-server=$(FLANNELD_ETCD_ENDPOINTS)"
-          volumeMounts:
-            - name: "networkconfig"
-              mountPath: "/etc/flannel-network.json"
-          imagePullPolicy: "Always"
        # Runs the flannel daemon to enable vxlan networking between
        # container hosts.
        - name: flannel
--- a/roles/network_plugin/canal/templates/network.json.j2
+++ b/roles/network_plugin/canal/templates/network.json.j2
@@ -1 +0,0 @@
-{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }
				`@@ -1 +0,0 @@`
				`{ "Network": "{{ kube_pods_subnet }}", "SubnetLen": {{ kube_network_node_prefix }}, "Backend": { "Type": "{{ flannel_backend_type }}" } }`