New calico config without flannel
This commit is contained in:
parent
ab986c21c8
commit
967f27baac
@ -9,7 +9,18 @@ Calico is setup based on the upstream calico-vxlan config from
|
||||
|
||||
Changes:
|
||||
|
||||
- VxLAN set to Always to not expose cluster communication to VPC
|
||||
|
||||
-> EC2 SecurityGroups still apply and only need to allow UDP 4789 for VxLAN traffic
|
||||
-> No need to disable source/destination check on EC2 instances
|
||||
-> Prepared for optional WireGuard encryption for all inter node traffic
|
||||
|
||||
- MTU set to 8941
|
||||
- Disable BGB and BIRD healthchecks
|
||||
|
||||
- Removed migration init-container
|
||||
|
||||
- Disable BGB and BIRD health checks
|
||||
|
||||
- Set FELIX log level to warning
|
||||
|
||||
- Enable Prometheus metrics
|
||||
|
@ -9,7 +9,7 @@ metadata:
|
||||
{{- if not .retain }}
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
project: kubezero
|
||||
|
||||
@ -18,14 +18,14 @@ spec:
|
||||
targetRevision: {{ .root.Values.global.defaultSource.targetRevision }}
|
||||
{{- if eq .type "helm" }}
|
||||
{{- $my_values := index .root.Values .name "values" }}
|
||||
path: {{ .root.Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ .name }}
|
||||
path: {{ .root.Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ default .name .path }}
|
||||
{{- if $my_values }}
|
||||
helm:
|
||||
values: |
|
||||
{{- toYaml $my_values | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
path: {{ .root.Values.global.defaultSource.pathPrefix }}artifacts/kubezero-{{ .name }}
|
||||
path: {{ .root.Values.global.defaultSource.pathPrefix }}artifacts/kubezero-{{ default .name .path }}
|
||||
{{- end }}
|
||||
|
||||
destination:
|
||||
|
@ -1,3 +1,8 @@
|
||||
# {{ .Values.calico.network }}
|
||||
{{- if .Values.calico.enabled }}
|
||||
{{- if .Values.calico.network }}
|
||||
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true "path" (printf "%s/%s" "calico" .Values.platform) }}
|
||||
{{- else }}
|
||||
{{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "kustomize" "retain" true }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
@ -13,6 +13,8 @@ global:
|
||||
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
||||
pathPrefix: ''
|
||||
|
||||
platform: aws
|
||||
|
||||
calico:
|
||||
enabled: true
|
||||
|
||||
|
@ -5,6 +5,9 @@ kubezero:
|
||||
{{- end }}
|
||||
calico:
|
||||
enabled: {{ .Values.calico.enabled }}
|
||||
{{- if .Values.calico.network }}
|
||||
network: {{ .Values.calico.network }}
|
||||
{{- end }}
|
||||
cert-manager:
|
||||
enabled: {{ index .Values "cert-manager" "enabled" }}
|
||||
values:
|
||||
|
Loading…
Reference in New Issue
Block a user