From e48fabc94669faaea992af5229a650fc58a65103 Mon Sep 17 00:00:00 2001 From: Adrien Reslinger Date: Sun, 19 Sep 2021 00:25:15 +0200 Subject: [PATCH] Update to version 3.20.1 --- TODO.txt | 1 - bin/update.sh | 31 ++++++++++--------- tasks/main.yml | 2 +- ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 .../calico-config-ConfigMap.yaml | 0 .../calico-kube-controllers-ClusterRole.yaml | 0 ...o-kube-controllers-ClusterRoleBinding.yaml | 0 .../calico-kube-controllers-Deployment.yaml | 2 +- ...-kube-controllers-PodDisruptionBudget.yaml | 0 ...alico-kube-controllers-ServiceAccount.yaml | 0 .../calico-node-ClusterRole.yaml | 0 .../calico-node-ClusterRoleBinding.yaml | 0 .../calico-node-DaemonSet.yaml | 12 ++++--- .../calico-node-ServiceAccount.yaml | 0 .../calicoctl-ClusterRole.yaml | 0 .../calicoctl-ClusterRoleBinding.yaml | 0 {files => templates}/calicoctl-Pod.yaml | 2 +- .../calicoctl-ServiceAccount.yaml | 6 ++-- ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 ...ctcalico.org-CustomResourceDefinition.yaml | 0 32 files changed, 31 insertions(+), 25 deletions(-) rename {files => templates}/bgpconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/bgppeers.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/blockaffinities.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/calico-config-ConfigMap.yaml (100%) rename {files => templates}/calico-kube-controllers-ClusterRole.yaml (100%) rename {files => templates}/calico-kube-controllers-ClusterRoleBinding.yaml (100%) rename {files => templates}/calico-kube-controllers-Deployment.yaml (96%) rename {files => templates}/calico-kube-controllers-PodDisruptionBudget.yaml (100%) rename {files => templates}/calico-kube-controllers-ServiceAccount.yaml (100%) rename {files => templates}/calico-node-ClusterRole.yaml (100%) rename {files => templates}/calico-node-ClusterRoleBinding.yaml (100%) rename {files => templates}/calico-node-DaemonSet.yaml (96%) rename {files => templates}/calico-node-ServiceAccount.yaml (100%) rename {files => templates}/calicoctl-ClusterRole.yaml (100%) rename {files => templates}/calicoctl-ClusterRoleBinding.yaml (100%) rename {files => templates}/calicoctl-Pod.yaml (92%) rename {files => templates}/calicoctl-ServiceAccount.yaml (60%) rename {files => templates}/clusterinformations.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/felixconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/globalnetworkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/globalnetworksets.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/hostendpoints.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/ipamblocks.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/ipamconfigs.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/ipamhandles.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/ippools.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/kubecontrollersconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/networkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) rename {files => templates}/networksets.crd.projectcalico.org-CustomResourceDefinition.yaml (100%) diff --git a/TODO.txt b/TODO.txt index e78fa66..f2f9510 100644 --- a/TODO.txt +++ b/TODO.txt @@ -1,6 +1,5 @@ calico ENV: - CLUSTER_TYPE=kubeadm - - IP_AUTODETECTION_METHOD=cidr=10.0.1.0/24,10.0.2.0/24 cat /etc/NetworkManager/conf.d/calico.conf [keyfile] diff --git a/bin/update.sh b/bin/update.sh index 962b50e..659c569 100755 --- a/bin/update.sh +++ b/bin/update.sh @@ -3,14 +3,14 @@ BASEURL=https://docs.projectcalico.org/manifests #BASEURL=https://docs.projectcalico.org/archive/v3.18/manifests curl "${BASEURL}"/calico.yaml -O kubernetes-split-yaml calico.yaml > generated.log -mv generated/*.yaml files/ +mv generated/*.yaml templates/ rmdir generated echo -e '---\ncalico_files:' > vars/calico-files.yaml cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "\2"|' >> vars/calico-files.yaml rm -f generated.log calico.yaml curl "${BASEURL}"/calicoctl.yaml -O kubernetes-split-yaml calicoctl.yaml > generated.log -mv generated/*.yaml files/ +mv generated/*.yaml templates/ rmdir generated echo -e '\ncalicoctl_files:' >> vars/calico-files.yaml cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "\2"|' >> vars/calico-files.yaml @@ -18,17 +18,20 @@ rm -f generated.log calicoctl.yaml # Configure the pod IP range -line_nb=$(grep -n CALICO_IPV4POOL_CIDR files/calico-node-DaemonSet.yaml | cut -d: -f1) -sed "$line_nb,$[$line_nb+1] s/# //" -i files/calico-node-DaemonSet.yaml +line_nb=$(grep -n CALICO_IPV4POOL_CIDR templates/calico-node-DaemonSet.yaml | cut -d: -f1) +sed "$line_nb,$[$line_nb+1] s/# //" -i templates/calico-node-DaemonSet.yaml # Switch to VxLan -sed "/calico_backend:/ s/bird/vxlan/" -i files/calico-config-ConfigMap.yaml -line_nb=$(grep -n CALICO_IPV4POOL_IPIP files/calico-node-DaemonSet.yaml | cut -d: -f1) -sed "$line_nb,$[$line_nb+1] s/\(value: \).*/\1\"Never\"/" -i files/calico-node-DaemonSet.yaml -line_nb=$(grep -n CALICO_IPV4POOL_VXLAN files/calico-node-DaemonSet.yaml | cut -d: -f1) -sed "$line_nb,$[$line_nb+1] s/\(value: \).*/\1\"Always\"/" -i files/calico-node-DaemonSet.yaml -line_nb=$(grep -n CALICO_IPV4POOL_CIDR files/calico-node-DaemonSet.yaml | cut -d: -f1) -sed "$line_nb,$[$line_nb+1] s|\(value: \).*|\1\"10.244.0.0/16\"|" -i files/calico-node-DaemonSet.yaml -line_nb=$(grep -n FELIX_HEALTHENABLED files/calico-node-DaemonSet.yaml | cut -d: -f1) -sed "$[${line_nb}+2]i\ - name: FELIX_IPTABLESBACKEND\n value: \"Auto\"" -i files/calico-node-DaemonSet.yaml -sed "/-bird-/ s/\(- -bird-.*\)/# \1/" -i files/calico-node-DaemonSet.yaml +sed "/calico_backend:/ s/bird/vxlan/" -i templates/calico-config-ConfigMap.yaml +line_nb=$(grep -n CALICO_IPV4POOL_IPIP templates/calico-node-DaemonSet.yaml | cut -d: -f1) +sed "$line_nb,$[$line_nb+1] s/\(value: \).*/\1\"Never\"/" -i templates/calico-node-DaemonSet.yaml +line_nb=$(grep -n CALICO_IPV4POOL_VXLAN templates/calico-node-DaemonSet.yaml | cut -d: -f1) +sed "$line_nb,$[$line_nb+1] s/\(value: \).*/\1\"Always\"/" -i templates/calico-node-DaemonSet.yaml +line_nb=$(grep -n CALICO_IPV4POOL_CIDR templates/calico-node-DaemonSet.yaml | cut -d: -f1) +sed "$line_nb,$[$line_nb+1] s|\(value: \).*|\1\"10.244.0.0/16\"|" -i templates/calico-node-DaemonSet.yaml +line_nb=$(grep -n FELIX_HEALTHENABLED templates/calico-node-DaemonSet.yaml | cut -d: -f1) +sed "$[${line_nb}+2]i\ - name: FELIX_IPTABLESBACKEND\n value: \"Auto\"" -i templates/calico-node-DaemonSet.yaml +sed "/-bird-/ s/\(- -bird-.*\)/# \1/" -i templates/calico-node-DaemonSet.yaml + +line_nb=$(grep -n FELIX_IPTABLESBACKEND templates/calico-node-DaemonSet.yaml | cut -d: -f1) +sed "$line_nb i\{% if kubernetes_internal_network is defined %}\n - name: IP_AUTODETECTION_METHOD\n value: cidr=\"{{ kubernetes_internal_network }}\"\n{% endif %}" -i templates/calico-node-DaemonSet.yaml diff --git a/tasks/main.yml b/tasks/main.yml index 187bf81..621b8b5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -9,7 +9,7 @@ state: present context: "{{ my_context }}" merge_type: merge - resource_definition: "{{ lookup('file', item) | from_yaml }}" + resource_definition: "{{ lookup('template', item) | from_yaml }}" with_items: - "{{ calico_files }}" register: calico_changed diff --git a/files/bgpconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/bgpconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/bgpconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/bgpconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/bgppeers.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/bgppeers.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/bgppeers.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/bgppeers.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/blockaffinities.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/blockaffinities.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/blockaffinities.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/blockaffinities.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/calico-config-ConfigMap.yaml b/templates/calico-config-ConfigMap.yaml similarity index 100% rename from files/calico-config-ConfigMap.yaml rename to templates/calico-config-ConfigMap.yaml diff --git a/files/calico-kube-controllers-ClusterRole.yaml b/templates/calico-kube-controllers-ClusterRole.yaml similarity index 100% rename from files/calico-kube-controllers-ClusterRole.yaml rename to templates/calico-kube-controllers-ClusterRole.yaml diff --git a/files/calico-kube-controllers-ClusterRoleBinding.yaml b/templates/calico-kube-controllers-ClusterRoleBinding.yaml similarity index 100% rename from files/calico-kube-controllers-ClusterRoleBinding.yaml rename to templates/calico-kube-controllers-ClusterRoleBinding.yaml diff --git a/files/calico-kube-controllers-Deployment.yaml b/templates/calico-kube-controllers-Deployment.yaml similarity index 96% rename from files/calico-kube-controllers-Deployment.yaml rename to templates/calico-kube-controllers-Deployment.yaml index a2597a3..c915495 100644 --- a/files/calico-kube-controllers-Deployment.yaml +++ b/templates/calico-kube-controllers-Deployment.yaml @@ -34,7 +34,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.20.0 + image: docker.io/calico/kube-controllers:v3.20.1 env: # Choose which controllers to run. - name: ENABLED_CONTROLLERS diff --git a/files/calico-kube-controllers-PodDisruptionBudget.yaml b/templates/calico-kube-controllers-PodDisruptionBudget.yaml similarity index 100% rename from files/calico-kube-controllers-PodDisruptionBudget.yaml rename to templates/calico-kube-controllers-PodDisruptionBudget.yaml diff --git a/files/calico-kube-controllers-ServiceAccount.yaml b/templates/calico-kube-controllers-ServiceAccount.yaml similarity index 100% rename from files/calico-kube-controllers-ServiceAccount.yaml rename to templates/calico-kube-controllers-ServiceAccount.yaml diff --git a/files/calico-node-ClusterRole.yaml b/templates/calico-node-ClusterRole.yaml similarity index 100% rename from files/calico-node-ClusterRole.yaml rename to templates/calico-node-ClusterRole.yaml diff --git a/files/calico-node-ClusterRoleBinding.yaml b/templates/calico-node-ClusterRoleBinding.yaml similarity index 100% rename from files/calico-node-ClusterRoleBinding.yaml rename to templates/calico-node-ClusterRoleBinding.yaml diff --git a/files/calico-node-DaemonSet.yaml b/templates/calico-node-DaemonSet.yaml similarity index 96% rename from files/calico-node-DaemonSet.yaml rename to templates/calico-node-DaemonSet.yaml index d388220..8859ead 100644 --- a/files/calico-node-DaemonSet.yaml +++ b/templates/calico-node-DaemonSet.yaml @@ -44,7 +44,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.20.0 + image: docker.io/calico/cni:v3.20.1 command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: - configMapRef: @@ -71,7 +71,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.20.0 + image: docker.io/calico/cni:v3.20.1 command: ["/opt/cni/bin/install"] envFrom: - configMapRef: @@ -112,7 +112,7 @@ spec: # Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes # to communicate with Felix over the Policy Sync API. - name: flexvol-driver - image: docker.io/calico/pod2daemon-flexvol:v3.20.0 + image: docker.io/calico/pod2daemon-flexvol:v3.20.1 volumeMounts: - name: flexvol-driver-host mountPath: /host/driver @@ -123,7 +123,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.20.0 + image: docker.io/calico/node:v3.20.1 envFrom: - configMapRef: # Allow KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT to be overridden for eBPF mode. @@ -193,6 +193,10 @@ spec: value: "false" - name: FELIX_HEALTHENABLED value: "true" +{% if kubernetes_internal_network is defined %} + - name: IP_AUTODETECTION_METHOD + value: cidr="{{ kubernetes_internal_network }}" +{% endif %} - name: FELIX_IPTABLESBACKEND value: "Auto" securityContext: diff --git a/files/calico-node-ServiceAccount.yaml b/templates/calico-node-ServiceAccount.yaml similarity index 100% rename from files/calico-node-ServiceAccount.yaml rename to templates/calico-node-ServiceAccount.yaml diff --git a/files/calicoctl-ClusterRole.yaml b/templates/calicoctl-ClusterRole.yaml similarity index 100% rename from files/calicoctl-ClusterRole.yaml rename to templates/calicoctl-ClusterRole.yaml diff --git a/files/calicoctl-ClusterRoleBinding.yaml b/templates/calicoctl-ClusterRoleBinding.yaml similarity index 100% rename from files/calicoctl-ClusterRoleBinding.yaml rename to templates/calicoctl-ClusterRoleBinding.yaml diff --git a/files/calicoctl-Pod.yaml b/templates/calicoctl-Pod.yaml similarity index 92% rename from files/calicoctl-Pod.yaml rename to templates/calicoctl-Pod.yaml index 1a78df8..6eae171 100644 --- a/files/calicoctl-Pod.yaml +++ b/templates/calicoctl-Pod.yaml @@ -11,7 +11,7 @@ spec: serviceAccountName: calicoctl containers: - name: calicoctl - image: calico/ctl:v3.20.0 + image: calico/ctl:v3.20.1 command: - /calicoctl args: diff --git a/files/calicoctl-ServiceAccount.yaml b/templates/calicoctl-ServiceAccount.yaml similarity index 60% rename from files/calicoctl-ServiceAccount.yaml rename to templates/calicoctl-ServiceAccount.yaml index 9f4d294..0efde2d 100644 --- a/files/calicoctl-ServiceAccount.yaml +++ b/templates/calicoctl-ServiceAccount.yaml @@ -1,7 +1,7 @@ -# Calico Version v3.20.0 -# https://docs.projectcalico.org/releases#v3.20.0 +# Calico Version v3.20.1 +# https://docs.projectcalico.org/releases#v3.20.1 # This manifest includes the following component versions: -# calico/ctl:v3.20.0 +# calico/ctl:v3.20.1 apiVersion: v1 kind: ServiceAccount diff --git a/files/clusterinformations.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/clusterinformations.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/clusterinformations.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/clusterinformations.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/felixconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/felixconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/felixconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/felixconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/globalnetworkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/globalnetworkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/globalnetworkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/globalnetworkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/globalnetworksets.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/globalnetworksets.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/globalnetworksets.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/globalnetworksets.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/hostendpoints.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/hostendpoints.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/hostendpoints.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/hostendpoints.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/ipamblocks.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/ipamblocks.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/ipamblocks.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/ipamblocks.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/ipamconfigs.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/ipamconfigs.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/ipamconfigs.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/ipamconfigs.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/ipamhandles.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/ipamhandles.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/ipamhandles.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/ipamhandles.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/ippools.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/ippools.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/ippools.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/ippools.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/kubecontrollersconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/kubecontrollersconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/kubecontrollersconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/kubecontrollersconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/networkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/networkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/networkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/networkpolicies.crd.projectcalico.org-CustomResourceDefinition.yaml diff --git a/files/networksets.crd.projectcalico.org-CustomResourceDefinition.yaml b/templates/networksets.crd.projectcalico.org-CustomResourceDefinition.yaml similarity index 100% rename from files/networksets.crd.projectcalico.org-CustomResourceDefinition.yaml rename to templates/networksets.crd.projectcalico.org-CustomResourceDefinition.yaml