Update calico to version 3.25.0
This commit is contained in:
parent
d03105916a
commit
9014aa38d3
GPG key ID:
DA7B27055C66D6DE
7 changed files with 70 additions and 20 deletions
|
|
@ -80,9 +80,10 @@ spec:
|
|||
[Default: false]'
|
||||
type: boolean
|
||||
bpfEnforceRPF:
|
||||
description: 'BPFEnforceRPF enforce strict RPF on all interfaces with
|
||||
BPF programs regardless of what is the per-interfaces or global
|
||||
setting. Possible values are Disabled or Strict. [Default: Strict]'
|
||||
description: 'BPFEnforceRPF enforce strict RPF on all host interfaces
|
||||
with BPF programs regardless of what is the per-interfaces or global
|
||||
setting. Possible values are Disabled, Strict or Loose. [Default:
|
||||
Strict]'
|
||||
type: string
|
||||
bpfExtToServiceConnmark:
|
||||
description: 'BPFExtToServiceConnmark in BPF mode, control a 32bit
|
||||
|
|
@ -122,6 +123,14 @@ spec:
|
|||
kube-proxy. Lower values give reduced set-up latency. Higher values
|
||||
reduce Felix CPU usage by batching up more work. [Default: 1s]'
|
||||
type: string
|
||||
bpfL3IfacePattern:
|
||||
description: BPFL3IfacePattern is a regular expression that allows
|
||||
to list tunnel devices like wireguard or vxlan (i.e., L3 devices)
|
||||
in addition to BPFDataIfacePattern. That is, tunnel interfaces not
|
||||
created by Calico, that Calico workload traffic flows over as well
|
||||
as any interfaces that handle incoming traffic to nodeports and
|
||||
services from outside the cluster.
|
||||
type: string
|
||||
bpfLogLevel:
|
||||
description: 'BPFLogLevel controls the log level of the BPF programs
|
||||
when in BPF dataplane mode. One of "Off", "Info", or "Debug". The
|
||||
|
|
@ -197,11 +206,12 @@ spec:
|
|||
to use. Only used if UseInternalDataplaneDriver is set to false.
|
||||
type: string
|
||||
dataplaneWatchdogTimeout:
|
||||
description: 'DataplaneWatchdogTimeout is the readiness/liveness timeout
|
||||
used for Felix''s (internal) dataplane driver. Increase this value
|
||||
description: "DataplaneWatchdogTimeout is the readiness/liveness timeout
|
||||
used for Felix's (internal) dataplane driver. Increase this value
|
||||
if you experience spurious non-ready or non-live events when Felix
|
||||
is under heavy load. Decrease the value to get felix to report non-live
|
||||
or non-ready more quickly. [Default: 90s]'
|
||||
or non-ready more quickly. [Default: 90s] \n Deprecated: replaced
|
||||
by the generic HealthTimeoutOverrides."
|
||||
type: string
|
||||
debugDisableLogDropping:
|
||||
type: boolean
|
||||
|
|
@ -305,15 +315,21 @@ spec:
|
|||
type: object
|
||||
type: array
|
||||
featureDetectOverride:
|
||||
description: FeatureDetectOverride is used to override the feature
|
||||
detection. Values are specified in a comma separated list with no
|
||||
spaces, example; "SNATFullyRandom=true,MASQFullyRandom=false,RestoreSupportsLock=".
|
||||
"true" or "false" will force the feature, empty or omitted values
|
||||
are auto-detected.
|
||||
description: FeatureDetectOverride is used to override feature detection
|
||||
based on auto-detected platform capabilities. Values are specified
|
||||
in a comma separated list with no spaces, example; "SNATFullyRandom=true,MASQFullyRandom=false,RestoreSupportsLock=". "true"
|
||||
or "false" will force the feature, empty or omitted values are auto-detected.
|
||||
type: string
|
||||
featureGates:
|
||||
description: FeatureGates is used to enable or disable tech-preview
|
||||
Calico features. Values are specified in a comma separated list
|
||||
with no spaces, example; "BPFConnectTimeLoadBalancingWorkaround=enabled,XyZ=false".
|
||||
This is used to enable features that are not fully production ready.
|
||||
type: string
|
||||
floatingIPs:
|
||||
description: FloatingIPs configures whether or not Felix will program
|
||||
floating IP addresses.
|
||||
non-OpenStack floating IP addresses. (OpenStack-derived floating
|
||||
IPs are always programmed, regardless of this setting.)
|
||||
enum:
|
||||
- Enabled
|
||||
- Disabled
|
||||
|
|
@ -330,6 +346,23 @@ spec:
|
|||
type: string
|
||||
healthPort:
|
||||
type: integer
|
||||
healthTimeoutOverrides:
|
||||
description: HealthTimeoutOverrides allows the internal watchdog timeouts
|
||||
of individual subcomponents to be overriden. This is useful for
|
||||
working around "false positive" liveness timeouts that can occur
|
||||
in particularly stressful workloads or if CPU is constrained. For
|
||||
a list of active subcomponents, see Felix's logs.
|
||||
items:
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
timeout:
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- timeout
|
||||
type: object
|
||||
type: array
|
||||
interfaceExclude:
|
||||
description: 'InterfaceExclude is a comma-separated list of interfaces
|
||||
that Felix should exclude when monitoring for host endpoints. The
|
||||
|
|
@ -371,7 +404,7 @@ spec:
|
|||
type: string
|
||||
iptablesBackend:
|
||||
description: IptablesBackend specifies which backend of iptables will
|
||||
be used. The default is legacy.
|
||||
be used. The default is Auto.
|
||||
type: string
|
||||
iptablesFilterAllowAction:
|
||||
type: string
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue