diff --git a/resources/calico/calico.yaml b/resources/calico/daemonset.yaml similarity index 91% rename from resources/calico/calico.yaml rename to resources/calico/daemonset.yaml index fb629f50..b921ded7 100644 --- a/resources/calico/calico.yaml +++ b/resources/calico/daemonset.yaml @@ -112,17 +112,17 @@ spec: - -felix-ready periodSeconds: 10 volumeMounts: - - mountPath: /lib/modules - name: lib-modules + - name: lib-modules + mountPath: /lib/modules readOnly: true - - mountPath: /run/xtables.lock - name: xtables-lock + - name: var-lib-calico + mountPath: /var/lib/calico readOnly: false - - mountPath: /var/run/calico - name: var-run-calico + - name: var-run-calico + mountPath: /var/run/calico readOnly: false - - mountPath: /var/lib/calico - name: var-lib-calico + - name: xtables-lock + mountPath: /run/xtables.lock readOnly: false # Install Calico CNI binaries and CNI network config file on nodes - name: install-cni @@ -151,22 +151,22 @@ spec: name: calico-config key: veth_mtu volumeMounts: - - mountPath: /host/opt/cni/bin - name: cni-bin-dir - - mountPath: /host/etc/cni/net.d - name: cni-net-dir + - name: cni-bin-dir + mountPath: /host/opt/cni/bin + - name: cni-conf-dir + mountPath: /host/etc/cni/net.d terminationGracePeriodSeconds: 0 volumes: # Used by calico/node - name: lib-modules hostPath: path: /lib/modules - - name: var-run-calico - hostPath: - path: /var/run/calico - name: var-lib-calico hostPath: path: /var/lib/calico + - name: var-run-calico + hostPath: + path: /var/run/calico - name: xtables-lock hostPath: type: FileOrCreate @@ -175,6 +175,6 @@ spec: - name: cni-bin-dir hostPath: path: /opt/cni/bin - - name: cni-net-dir + - name: cni-conf-dir hostPath: path: /etc/kubernetes/cni/net.d diff --git a/resources/flannel/flannel-cluster-role-binding.yaml b/resources/flannel/cluster-role-binding.yaml similarity index 100% rename from resources/flannel/flannel-cluster-role-binding.yaml rename to resources/flannel/cluster-role-binding.yaml diff --git a/resources/flannel/flannel-cluster-role.yaml b/resources/flannel/cluster-role.yaml similarity index 100% rename from resources/flannel/flannel-cluster-role.yaml rename to resources/flannel/cluster-role.yaml diff --git a/resources/flannel/flannel-cfg.yaml b/resources/flannel/config.yaml similarity index 96% rename from resources/flannel/flannel-cfg.yaml rename to resources/flannel/config.yaml index ded8ddc8..71790369 100644 --- a/resources/flannel/flannel-cfg.yaml +++ b/resources/flannel/config.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: kube-flannel-cfg + name: flannel-config namespace: kube-system labels: tier: node diff --git a/resources/flannel/daemonset.yaml b/resources/flannel/daemonset.yaml new file mode 100644 index 00000000..9da77e06 --- /dev/null +++ b/resources/flannel/daemonset.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: flannel + namespace: kube-system + labels: + k8s-app: flannel +spec: + selector: + matchLabels: + k8s-app: flannel + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: + k8s-app: flannel + annotations: + seccomp.security.alpha.kubernetes.io/pod: 'docker/default' + spec: + hostNetwork: true + serviceAccountName: flannel + tolerations: + - effect: NoSchedule + operator: Exists + - effect: NoExecute + operator: Exists + containers: + - name: flannel + image: ${flannel_image} + command: [ "/opt/bin/flanneld", "--ip-masq", "--kube-subnet-mgr", "--iface=$(POD_IP)"] + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + securityContext: + privileged: true + volumeMounts: + - name: flannel-config + mountPath: /etc/kube-flannel/ + - name: cni-conf-dir + mountPath: /etc/cni/net.d + - name: run + mountPath: /run + - name: install-cni + image: ${flannel_cni_image} + command: ["/install-cni.sh"] + env: + - name: CNI_NETWORK_CONFIG + valueFrom: + configMapKeyRef: + name: flannel-config + key: cni-conf.json + volumeMounts: + - name: cni-bin-dir + mountPath: /host/opt/cni/bin/ + - name: cni-conf-dir + mountPath: /host/etc/cni/net.d + volumes: + - name: run + hostPath: + path: /run + - name: flannel-config + configMap: + name: flannel-config + # Used by install-cni + - name: cni-bin-dir + hostPath: + path: /opt/cni/bin + - name: cni-conf-dir + hostPath: + path: /etc/kubernetes/cni/net.d diff --git a/resources/flannel/flannel.yaml b/resources/flannel/flannel.yaml deleted file mode 100644 index 982ff47c..00000000 --- a/resources/flannel/flannel.yaml +++ /dev/null @@ -1,85 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kube-flannel - namespace: kube-system - labels: - tier: node - k8s-app: flannel -spec: - selector: - matchLabels: - tier: node - k8s-app: flannel - template: - metadata: - labels: - tier: node - k8s-app: flannel - annotations: - seccomp.security.alpha.kubernetes.io/pod: 'docker/default' - spec: - serviceAccountName: flannel - containers: - - name: kube-flannel - image: ${flannel_image} - command: [ "/opt/bin/flanneld", "--ip-masq", "--kube-subnet-mgr", "--iface=$(POD_IP)"] - securityContext: - privileged: true - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: run - mountPath: /run - - name: cni - mountPath: /etc/cni/net.d - - name: flannel-cfg - mountPath: /etc/kube-flannel/ - - name: install-cni - image: ${flannel_cni_image} - command: ["/install-cni.sh"] - env: - - name: CNI_NETWORK_CONFIG - valueFrom: - configMapKeyRef: - name: kube-flannel-cfg - key: cni-conf.json - volumeMounts: - - name: cni - mountPath: /host/etc/cni/net.d - - name: host-cni-bin - mountPath: /host/opt/cni/bin/ - hostNetwork: true - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: run - hostPath: - path: /run - - name: cni - hostPath: - path: /etc/kubernetes/cni/net.d - - name: flannel-cfg - configMap: - name: kube-flannel-cfg - - name: host-cni-bin - hostPath: - path: /opt/cni/bin - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/resources/flannel/flannel-sa.yaml b/resources/flannel/service-account.yaml similarity index 100% rename from resources/flannel/flannel-sa.yaml rename to resources/flannel/service-account.yaml