ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 21 Packages Projects Releases Wiki Activity

New calico config without flannel

Browse Source
This commit is contained in:
Stefan Reimer 2020-07-05 23:42:23 +01:00
parent ab986c21c8
commit 967f27baac
5 changed files with 25 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
artifacts/kubezero-calico/README.md
View File

@ -9,7 +9,18 @@ Calico is setup based on the upstream calico-vxlan config from
Changes: Changes:
- VxLAN set to Always to not expose cluster communication to VPC
-> EC2 SecurityGroups still apply and only need to allow UDP 4789 for VxLAN traffic
-> No need to disable source/destination check on EC2 instances
-> Prepared for optional WireGuard encryption for all inter node traffic
- MTU set to 8941 - MTU set to 8941
- Disable BGB and BIRD healthchecks
- Removed migration init-container
- Disable BGB and BIRD health checks
- Set FELIX log level to warning - Set FELIX log level to warning
- Enable Prometheus metrics - Enable Prometheus metrics

6
charts/kubezero/templates/_app.yaml
View File

@ -9,7 +9,7 @@ metadata:
{{- if not .retain }} {{- if not .retain }}
finalizers: finalizers:
- resources-finalizer.argocd.argoproj.io - resources-finalizer.argocd.argoproj.io
{{ end }} {{- end }}
spec: spec:
project: kubezero project: kubezero
@ -18,14 +18,14 @@ spec:
targetRevision: {{ .root.Values.global.defaultSource.targetRevision }} targetRevision: {{ .root.Values.global.defaultSource.targetRevision }}
{{- if eq .type "helm" }} {{- if eq .type "helm" }}
{{- $my_values := index .root.Values .name "values" }} {{- $my_values := index .root.Values .name "values" }}
path: {{ .root.Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ .name }} path: {{ .root.Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ default .name .path }}
{{- if $my_values }} {{- if $my_values }}
helm: helm:
values: | values: |
{{- toYaml $my_values | nindent 8 }} {{- toYaml $my_values | nindent 8 }}
{{- end }} {{- end }}
{{- else }} {{- else }}
path: {{ .root.Values.global.defaultSource.pathPrefix }}artifacts/kubezero-{{ .name }} path: {{ .root.Values.global.defaultSource.pathPrefix }}artifacts/kubezero-{{ default .name .path }}
{{- end }} {{- end }}
destination: destination:

5
charts/kubezero/templates/calico.yaml
View File

@ -1,3 +1,8 @@
# {{ .Values.calico.network }}
{{- if .Values.calico.enabled }} {{- if .Values.calico.enabled }}
{{- if .Values.calico.network }}
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true "path" (printf "%s/%s" "calico" .Values.platform) }}
{{- else }}
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true }} {{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true }}
{{- end }} {{- end }}
{{- end }}

2
charts/kubezero/values.yaml
View File

@ -13,6 +13,8 @@ global:
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees # defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
pathPrefix: '' pathPrefix: ''
platform: aws
calico: calico:
enabled: true enabled: true

3
deploy/templates/values.yaml
View File

@ -5,6 +5,9 @@ kubezero:
{{- end }} {{- end }}
calico: calico:
enabled: {{ .Values.calico.enabled }} enabled: {{ .Values.calico.enabled }}
{{- if .Values.calico.network }}
network: {{ .Values.calico.network }}
{{- end }}
cert-manager: cert-manager:
enabled: {{ index .Values "cert-manager" "enabled" }} enabled: {{ index .Values "cert-manager" "enabled" }}
values: values: