From b0079ccd771ad5aae4ac1c38b308e8c17e7c48a3 Mon Sep 17 00:00:00 2001
From: Aleksandr Didenko <adidenko@mirantis.com>
Date: Tue, 6 Dec 2016 13:56:34 +0100
Subject: [PATCH] Calico: fix peering with routers for new version
In new `calicoctl` version nodes peering with routers is broken.
We need to use predictable node names for calico-node and the
same names in calico `bgpPeer` resources and CNI.
---
docs/calico.md | 2 +-
roles/network_plugin/calico/tasks/main.yml | 12 +++++++-----
.../calico/templates/calico-node.service.j2 | 1 +
roles/network_plugin/calico/templates/calico.env.j2 | 1 +
.../calico/templates/cni-calico.conf.j2 | 1 +
5 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/docs/calico.md b/docs/calico.md
index ab4211664..53c9af039 100644
--- a/docs/calico.md
+++ b/docs/calico.md
@@ -23,7 +23,7 @@ calicoctl status
* Show the configured network subnet for containers
```
- calicoctl get ippool -o wide
+calicoctl get ippool -o wide
```
or for versions prior *v1.0.0*:
diff --git a/roles/network_plugin/calico/tasks/main.yml b/roles/network_plugin/calico/tasks/main.yml
index a51831c6f..9a3f909b8 100644
--- a/roles/network_plugin/calico/tasks/main.yml
+++ b/roles/network_plugin/calico/tasks/main.yml
@@ -196,17 +196,18 @@
shell: "{{ bin_dir }}/calicoctl config set nodeToNodeMesh off"
when: (not legacy_calicoctl and
peer_with_router|default(false) and inventory_hostname in groups['kube-node'])
+ run_once: true
- name: Calico | Configure peering with router(s)
shell: >
echo '{
- "kind": "bgppeer",
- "spec": {"asNumber": {{ item.as }}},
+ "kind": "bgpPeer",
+ "spec": {"asNumber": "{{ item.as }}"},
"apiVersion": "v1",
- "metadata": {"node": "rack1-host1", "scope": "node", "peerIP": "{{ item.router_id }}"}
+ "metadata": {"node": "{{ inventory_hostname }}", "scope": "node", "peerIP": "{{ item.router_id }}"}
}'
| {{ bin_dir }}/calicoctl create -f -
- with_items: peers
+ with_items: "{{ peers|default([]) }}"
when: (not legacy_calicoctl and
peer_with_router|default(false) and inventory_hostname in groups['kube-node'])
@@ -214,9 +215,10 @@
shell: "{{ bin_dir }}/calicoctl bgp node-mesh off"
when: (legacy_calicoctl and
peer_with_router|default(false) and inventory_hostname in groups['kube-node'])
+ run_once: true
- name: Calico (old) | Configure peering with router(s)
shell: "{{ bin_dir }}/calicoctl node bgp peer add {{ item.router_id }} as {{ item.as }}"
- with_items: peers
+ with_items: "{{ peers|default([]) }}"
when: (legacy_calicoctl and
peer_with_router|default(false) and inventory_hostname in groups['kube-node'])
diff --git a/roles/network_plugin/calico/templates/calico-node.service.j2 b/roles/network_plugin/calico/templates/calico-node.service.j2
index 2e9dc4a18..dc041b054 100644
--- a/roles/network_plugin/calico/templates/calico-node.service.j2
+++ b/roles/network_plugin/calico/templates/calico-node.service.j2
@@ -8,6 +8,7 @@ EnvironmentFile=/etc/calico/calico.env
ExecStartPre=-/usr/bin/docker rm -f calico-node
ExecStart=/usr/bin/docker run --net=host --privileged \
--name=calico-node \
+ -e HOSTNAME=${CALICO_HOSTNAME} \
-e IP=${CALICO_IP} \
-e IP6=${CALICO_IP6} \
-e CALICO_NETWORKING_BACKEND=${CALICO_NETWORKING_BACKEND} \
diff --git a/roles/network_plugin/calico/templates/calico.env.j2 b/roles/network_plugin/calico/templates/calico.env.j2
index ee2a42d31..47f685928 100644
--- a/roles/network_plugin/calico/templates/calico.env.j2
+++ b/roles/network_plugin/calico/templates/calico.env.j2
@@ -12,3 +12,4 @@ CALICO_AS="{{ local_as }}"
{% endif %}
CALICO_NO_DEFAULT_POOLS="true"
CALICO_LIBNETWORK_ENABLED="true"
+CALICO_HOSTNAME="{{ inventory_hostname }}"
diff --git a/roles/network_plugin/calico/templates/cni-calico.conf.j2 b/roles/network_plugin/calico/templates/cni-calico.conf.j2
index af2d28da6..84e8ed447 100644
--- a/roles/network_plugin/calico/templates/cni-calico.conf.j2
+++ b/roles/network_plugin/calico/templates/cni-calico.conf.j2
@@ -1,5 +1,6 @@
{
"name": "calico-k8s-network",
+ "hostname": "{{ inventory_hostname }}",
"type": "calico",
"etcd_endpoints": "{{ etcd_access_endpoint }}",
"etcd_cert_file": "{{ etcd_cert_dir }}/node.pem",
--
GitLab