Use ip-masq-agent for MASQUERADE when using Calico policy
This commit is contained in:
Casey Davenport
@@ -3,13 +3,6 @@
|
|||||||
|
|
||||||
Calico is an implementation of the Kubernetes network policy API. The provided manifest installs a DaemonSet which runs Calico on each node in the cluster.
|
Calico is an implementation of the Kubernetes network policy API. The provided manifest installs a DaemonSet which runs Calico on each node in the cluster.
|
||||||
|
|
||||||
### Templating
|
|
||||||
|
|
||||||
The provided `calico-node.yaml` manifest includes the following placeholders which are populated
|
|
||||||
via templating.
|
|
||||||
|
|
||||||
- `__CLUSTER_CIDR__`: The IP range from which Pod IP addresses are assigned.
|
|
||||||
|
|
||||||
### Learn More
|
### Learn More
|
||||||
|
|
||||||
Learn more about Calico at http://docs.projectcalico.org
|
Learn more about Calico at http://docs.projectcalico.org
|
||||||
|
|||||||
@@ -32,10 +32,6 @@ spec:
|
|||||||
value: "true"
|
value: "true"
|
||||||
- name: CALICO_NETWORKING_BACKEND
|
- name: CALICO_NETWORKING_BACKEND
|
||||||
value: "none"
|
value: "none"
|
||||||
- name: CALICO_IPV4POOL_CIDR
|
|
||||||
value: "__CLUSTER_CIDR__"
|
|
||||||
- name: CALICO_IPV4POOL_IPIP
|
|
||||||
value: "off"
|
|
||||||
- name: DATASTORE_TYPE
|
- name: DATASTORE_TYPE
|
||||||
value: "kubernetes"
|
value: "kubernetes"
|
||||||
- name: FELIX_DEFAULTENDPOINTTOHOSTACTION
|
- name: FELIX_DEFAULTENDPOINTTOHOSTACTION
|
||||||
@@ -48,6 +44,8 @@ spec:
|
|||||||
value: "true"
|
value: "true"
|
||||||
- name: IP
|
- name: IP
|
||||||
value: ""
|
value: ""
|
||||||
|
- name: NO_DEFAULT_POOLS
|
||||||
|
value: "true"
|
||||||
- name: NODENAME
|
- name: NODENAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
|
|||||||
@@ -1212,10 +1212,6 @@ function start-kube-addons {
|
|||||||
fi
|
fi
|
||||||
if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then
|
if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then
|
||||||
setup-addon-manifests "addons" "calico-policy-controller"
|
setup-addon-manifests "addons" "calico-policy-controller"
|
||||||
|
|
||||||
# Replace the cluster cidr.
|
|
||||||
local -r calico_file="${dst_dir}/calico-policy-controller/calico-node.yaml"
|
|
||||||
sed -i -e "s@__CLUSTER_CIDR__@${CLUSTER_IP_RANGE}@g" "${calico_file}"
|
|
||||||
fi
|
fi
|
||||||
if [[ "${ENABLE_DEFAULT_STORAGE_CLASS:-}" == "true" ]]; then
|
if [[ "${ENABLE_DEFAULT_STORAGE_CLASS:-}" == "true" ]]; then
|
||||||
setup-addon-manifests "addons" "storage-class/gce"
|
setup-addon-manifests "addons" "storage-class/gce"
|
||||||
|
|||||||
@@ -1610,10 +1610,6 @@ function start-kube-addons {
|
|||||||
fi
|
fi
|
||||||
if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then
|
if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then
|
||||||
setup-addon-manifests "addons" "calico-policy-controller"
|
setup-addon-manifests "addons" "calico-policy-controller"
|
||||||
|
|
||||||
# Replace the cluster cidr.
|
|
||||||
local -r calico_file="${dst_dir}/calico-policy-controller/calico-node.yaml"
|
|
||||||
sed -i -e "s@__CLUSTER_CIDR__@${CLUSTER_IP_RANGE}@g" "${calico_file}"
|
|
||||||
fi
|
fi
|
||||||
if [[ "${ENABLE_DEFAULT_STORAGE_CLASS:-}" == "true" ]]; then
|
if [[ "${ENABLE_DEFAULT_STORAGE_CLASS:-}" == "true" ]]; then
|
||||||
setup-addon-manifests "addons" "storage-class/gce"
|
setup-addon-manifests "addons" "storage-class/gce"
|
||||||
|
|||||||
Reference in New Issue
Block a user