New calico config without flannel
This commit is contained in:
parent
ab986c21c8
commit
967f27baac
@ -9,7 +9,18 @@ Calico is setup based on the upstream calico-vxlan config from
|
|||||||
|
|
||||||
Changes:
|
Changes:
|
||||||
|
|
||||||
|
- VxLAN set to Always to not expose cluster communication to VPC
|
||||||
|
|
||||||
|
-> EC2 SecurityGroups still apply and only need to allow UDP 4789 for VxLAN traffic
|
||||||
|
-> No need to disable source/destination check on EC2 instances
|
||||||
|
-> Prepared for optional WireGuard encryption for all inter node traffic
|
||||||
|
|
||||||
- MTU set to 8941
|
- MTU set to 8941
|
||||||
- Disable BGB and BIRD healthchecks
|
|
||||||
|
- Removed migration init-container
|
||||||
|
|
||||||
|
- Disable BGB and BIRD health checks
|
||||||
|
|
||||||
- Set FELIX log level to warning
|
- Set FELIX log level to warning
|
||||||
|
|
||||||
- Enable Prometheus metrics
|
- Enable Prometheus metrics
|
||||||
|
@ -9,7 +9,7 @@ metadata:
|
|||||||
{{- if not .retain }}
|
{{- if not .retain }}
|
||||||
finalizers:
|
finalizers:
|
||||||
- resources-finalizer.argocd.argoproj.io
|
- resources-finalizer.argocd.argoproj.io
|
||||||
{{ end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
project: kubezero
|
project: kubezero
|
||||||
|
|
||||||
@ -18,14 +18,14 @@ spec:
|
|||||||
targetRevision: {{ .root.Values.global.defaultSource.targetRevision }}
|
targetRevision: {{ .root.Values.global.defaultSource.targetRevision }}
|
||||||
{{- if eq .type "helm" }}
|
{{- if eq .type "helm" }}
|
||||||
{{- $my_values := index .root.Values .name "values" }}
|
{{- $my_values := index .root.Values .name "values" }}
|
||||||
path: {{ .root.Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ .name }}
|
path: {{ .root.Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ default .name .path }}
|
||||||
{{- if $my_values }}
|
{{- if $my_values }}
|
||||||
helm:
|
helm:
|
||||||
values: |
|
values: |
|
||||||
{{- toYaml $my_values | nindent 8 }}
|
{{- toYaml $my_values | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
path: {{ .root.Values.global.defaultSource.pathPrefix }}artifacts/kubezero-{{ .name }}
|
path: {{ .root.Values.global.defaultSource.pathPrefix }}artifacts/kubezero-{{ default .name .path }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
destination:
|
destination:
|
||||||
|
@ -1,3 +1,8 @@
|
|||||||
|
# {{ .Values.calico.network }}
|
||||||
{{- if .Values.calico.enabled }}
|
{{- if .Values.calico.enabled }}
|
||||||
|
{{- if .Values.calico.network }}
|
||||||
|
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true "path" (printf "%s/%s" "calico" .Values.platform) }}
|
||||||
|
{{- else }}
|
||||||
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true }}
|
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
@ -13,6 +13,8 @@ global:
|
|||||||
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
||||||
pathPrefix: ''
|
pathPrefix: ''
|
||||||
|
|
||||||
|
platform: aws
|
||||||
|
|
||||||
calico:
|
calico:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
|
@ -5,6 +5,9 @@ kubezero:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
calico:
|
calico:
|
||||||
enabled: {{ .Values.calico.enabled }}
|
enabled: {{ .Values.calico.enabled }}
|
||||||
|
{{- if .Values.calico.network }}
|
||||||
|
network: {{ .Values.calico.network }}
|
||||||
|
{{- end }}
|
||||||
cert-manager:
|
cert-manager:
|
||||||
enabled: {{ index .Values "cert-manager" "enabled" }}
|
enabled: {{ index .Values "cert-manager" "enabled" }}
|
||||||
values:
|
values:
|
||||||
|
Loading…
Reference in New Issue
Block a user