From 6ec45b10f142c963c51981078c1eca02255b2067 Mon Sep 17 00:00:00 2001
From: Kevin Lefevre <lefevre.kevin@gmail.com>
Date: Mon, 16 Oct 2017 08:11:38 +0200
Subject: [PATCH] Update network-plugins to use portmap plugin (#1763)
Portmap allow to use hostPort with CNI plugins. Should fix #1675
---
roles/network_plugin/calico/tasks/main.yml | 4 +-
.../calico/templates/cni-calico.conf.j2 | 28 -------------
.../calico/templates/cni-calico.conflist.j2 | 39 +++++++++++++++++++
roles/network_plugin/canal/tasks/main.yml | 4 +-
.../canal/templates/cni-canal.conf.j2 | 15 -------
.../canal/templates/cni-canal.conflist.j2 | 26 +++++++++++++
.../flannel/templates/cni-flannel.yml.j2 | 2 +-
7 files changed, 70 insertions(+), 48 deletions(-)
delete mode 100644 roles/network_plugin/calico/templates/cni-calico.conf.j2
create mode 100644 roles/network_plugin/calico/templates/cni-calico.conflist.j2
delete mode 100644 roles/network_plugin/canal/templates/cni-canal.conf.j2
create mode 100644 roles/network_plugin/canal/templates/cni-canal.conflist.j2
diff --git a/roles/network_plugin/calico/tasks/main.yml b/roles/network_plugin/calico/tasks/main.yml
index 3889e801c..f1fdbab21 100644
--- a/roles/network_plugin/calico/tasks/main.yml
+++ b/roles/network_plugin/calico/tasks/main.yml
@@ -15,8 +15,8 @@
- name: Calico | Write Calico cni config
template:
- src: "cni-calico.conf.j2"
- dest: "/etc/cni/net.d/10-calico.conf"
+ src: "cni-calico.conflist.j2"
+ dest: "/etc/cni/net.d/10-calico.conflist"
owner: kube
- name: Calico | Create calico certs directory
diff --git a/roles/network_plugin/calico/templates/cni-calico.conf.j2 b/roles/network_plugin/calico/templates/cni-calico.conf.j2
deleted file mode 100644
index 892391d11..000000000
--- a/roles/network_plugin/calico/templates/cni-calico.conf.j2
+++ /dev/null
@@ -1,28 +0,0 @@
-{
- "name": "calico-k8s-network",
-{% if cloud_provider is defined %}
- "nodename": "{{ calico_kubelet_name.stdout }}",
-{% else %}
- "nodename": "{{ ansible_hostname }}",
-{% endif %}
- "type": "calico",
- "etcd_endpoints": "{{ etcd_access_addresses }}",
- "etcd_cert_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem",
- "etcd_key_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem",
- "etcd_ca_cert_file": "{{ etcd_cert_dir }}/ca.pem",
- "log_level": "info",
- "ipam": {
- "type": "calico-ipam"
- },
-{% if enable_network_policy %}
- "policy": {
- "type": "k8s"
- },
-{% endif %}
-{% if calico_mtu is defined and calico_mtu is number %}
- "mtu": {{ calico_mtu }},
-{% endif %}
- "kubernetes": {
- "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
- }
-}
diff --git a/roles/network_plugin/calico/templates/cni-calico.conflist.j2 b/roles/network_plugin/calico/templates/cni-calico.conflist.j2
new file mode 100644
index 000000000..abe43f7f7
--- /dev/null
+++ b/roles/network_plugin/calico/templates/cni-calico.conflist.j2
@@ -0,0 +1,39 @@
+{
+ "name": "cni0",
+ "cniVersion":"0.3.1",
+ "plugins":[
+ {
+ {% if cloud_provider is defined %}
+ "nodename": "{{ calico_kubelet_name.stdout }}",
+ {% else %}
+ "nodename": "{{ ansible_hostname }}",
+ {% endif %}
+ "type": "calico",
+ "etcd_endpoints": "{{ etcd_access_addresses }}",
+ "etcd_cert_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem",
+ "etcd_key_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem",
+ "etcd_ca_cert_file": "{{ etcd_cert_dir }}/ca.pem",
+ "log_level": "info",
+ "ipam": {
+ "type": "calico-ipam"
+ },
+ {% if enable_network_policy %}
+ "policy": {
+ "type": "k8s"
+ },
+ {% endif %}
+ {% if calico_mtu is defined and calico_mtu is number %}
+ "mtu": {{ calico_mtu }},
+ {% endif %}
+ "kubernetes": {
+ "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
+ }
+ },
+ {
+ "type":"portmap",
+ "capabilities":{
+ "portMappings":true
+ }
+ }
+ ]
+}
diff --git a/roles/network_plugin/canal/tasks/main.yml b/roles/network_plugin/canal/tasks/main.yml
index 6d062cc15..aaa7c2a16 100644
--- a/roles/network_plugin/canal/tasks/main.yml
+++ b/roles/network_plugin/canal/tasks/main.yml
@@ -1,8 +1,8 @@
---
- name: Canal | Write Canal cni config
template:
- src: "cni-canal.conf.j2"
- dest: "/etc/cni/net.d/10-canal.conf"
+ src: "cni-canal.conflist.j2"
+ dest: "/etc/cni/net.d/10-canal.conflist"
owner: kube
- name: Canal | Create canal certs directory
diff --git a/roles/network_plugin/canal/templates/cni-canal.conf.j2 b/roles/network_plugin/canal/templates/cni-canal.conf.j2
deleted file mode 100644
index b47d7f9dd..000000000
--- a/roles/network_plugin/canal/templates/cni-canal.conf.j2
+++ /dev/null
@@ -1,15 +0,0 @@
-{
- "name": "canal-k8s-network",
- "type": "flannel",
- "delegate": {
- "type": "calico",
- "etcd_endpoints": "{{ etcd_access_addresses }}",
- "log_level": "info",
- "policy": {
- "type": "k8s"
- },
- "kubernetes": {
- "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
- }
- }
-}
diff --git a/roles/network_plugin/canal/templates/cni-canal.conflist.j2 b/roles/network_plugin/canal/templates/cni-canal.conflist.j2
new file mode 100644
index 000000000..04a88c5b9
--- /dev/null
+++ b/roles/network_plugin/canal/templates/cni-canal.conflist.j2
@@ -0,0 +1,26 @@
+{
+ "name": "cni0",
+ "cniVersion":"0.3.1",
+ "plugins":[
+ {
+ "type": "flannel",
+ "delegate": {
+ "type": "calico",
+ "etcd_endpoints": "{{ etcd_access_addresses }}",
+ "log_level": "info",
+ "policy": {
+ "type": "k8s"
+ },
+ "kubernetes": {
+ "kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
+ }
+ }
+ },
+ {
+ "type":"portmap",
+ "capabilities":{
+ "portMappings":true
+ }
+ }
+ ]
+}
diff --git a/roles/network_plugin/flannel/templates/cni-flannel.yml.j2 b/roles/network_plugin/flannel/templates/cni-flannel.yml.j2
index 165395c24..d26f04349 100644
--- a/roles/network_plugin/flannel/templates/cni-flannel.yml.j2
+++ b/roles/network_plugin/flannel/templates/cni-flannel.yml.j2
@@ -10,7 +10,7 @@ metadata:
data:
cni-conf.json: |
{
- "name":"cbr0",
+ "name":"cni0",
"cniVersion":"0.3.1",
"plugins":[
{
--
GitLab