diff --git a/calico/templates/daemonset-calico-node.yaml b/calico/templates/daemonset-calico-node.yaml index 074a56998..52fb824a2 100644 --- a/calico/templates/daemonset-calico-node.yaml +++ b/calico/templates/daemonset-calico-node.yaml @@ -194,6 +194,84 @@ spec: subPath: tls.key readOnly: true {{ end }} + # This container installs the Calico CNI binaries + # and CNI network config file on each node. + - name: install-cni +{{ tuple $envAll "calico_cni" | include "helm-toolkit.snippets.image" | indent 10 }} + command: ["/install-cni.sh"] + env: + # Prevents the container from sleeping forever. + - name: SLEEP + value: "false" + # Name of the CNI config file to create. + # + # NOTE: Calico v3 needs to end in .conflist; Calico v2 is + # different! + - name: CNI_CONF_NAME + value: "10-calico.conflist" + # The location of the Calico etcd cluster. + - name: ETCD_ENDPOINTS + valueFrom: + configMapKeyRef: + name: calico-etc + key: etcd_endpoints + # The CNI network config to install on each node. + - name: CNI_NETWORK_CONFIG + valueFrom: + configMapKeyRef: + name: calico-etc + key: cni_network_config + + + volumeMounts: + - name: cni-bin-dir + mountPath: /host/opt/cni/bin + - name: cni-net-dir + mountPath: /host/etc/cni/net.d + volumes: + # Used by calico/node. + - name: lib-modules + hostPath: + path: /lib/modules + - name: var-run-calico + hostPath: + path: /var/run/calico + - name: var-lib-calico + hostPath: + path: /var/lib/calico + - name: xtables-lock + hostPath: + path: /run/xtables.lock + type: FileOrCreate + # Used to install CNI. + - name: cni-bin-dir + hostPath: + path: /opt/cni/bin + - name: cni-net-dir + hostPath: + path: /etc/cni/net.d + - name: calico-cert-dir + hostPath: + path: /etc/calico + - name: calico-etc + configMap: + name: calico-etc + defaultMode: 0444 + - name: calico-bird + configMap: + name: calico-bird + defaultMode: 0444 + - name: calico-bin + configMap: + name: calico-bin + defaultMode: 0555 + - name: calico-etcd-secrets + secret: + secretName: calico-etcd-secrets + + + + containers: # Runs calico/node container on each Kubernetes node. This @@ -306,75 +384,5 @@ spec: mountPath: {{ .Values.endpoints.etcd.auth.client.path.key }} subPath: tls.key readOnly: true - # This container installs the Calico CNI binaries - # and CNI network config file on each node. - - name: install-cni -{{ tuple $envAll "calico_cni" | include "helm-toolkit.snippets.image" | indent 10 }} - command: ["/install-cni.sh"] - env: - # Name of the CNI config file to create. - # - # NOTE: Calico v3 needs to end in .conflist; Calico v2 is - # different! - - name: CNI_CONF_NAME - value: "10-calico.conflist" - # The location of the Calico etcd cluster. - - name: ETCD_ENDPOINTS - valueFrom: - configMapKeyRef: - name: calico-etc - key: etcd_endpoints - # The CNI network config to install on each node. - - name: CNI_NETWORK_CONFIG - valueFrom: - configMapKeyRef: - name: calico-etc - key: cni_network_config - - volumeMounts: - - name: cni-bin-dir - mountPath: /host/opt/cni/bin - - name: cni-net-dir - mountPath: /host/etc/cni/net.d - volumes: - # Used by calico/node. - - name: lib-modules - hostPath: - path: /lib/modules - - name: var-run-calico - hostPath: - path: /var/run/calico - - name: var-lib-calico - hostPath: - path: /var/lib/calico - - name: xtables-lock - hostPath: - path: /run/xtables.lock - type: FileOrCreate - # Used to install CNI. - - name: cni-bin-dir - hostPath: - path: /opt/cni/bin - - name: cni-net-dir - hostPath: - path: /etc/cni/net.d - - name: calico-cert-dir - hostPath: - path: /etc/calico - - name: calico-etc - configMap: - name: calico-etc - defaultMode: 0444 - - name: calico-bird - configMap: - name: calico-bird - defaultMode: 0444 - - name: calico-bin - configMap: - name: calico-bin - defaultMode: 0555 - - name: calico-etcd-secrets - secret: - secretName: calico-etcd-secrets {{- end }} diff --git a/calico/values.yaml b/calico/values.yaml index d888f5453..4e81cb08a 100644 --- a/calico/values.yaml +++ b/calico/values.yaml @@ -17,12 +17,12 @@ images: # These are minimum versions, older images will very likely not # work calico_etcd: quay.io/coreos/etcd:v3.3.9 - calico_node: quay.io/calico/node:v3.3.2 - calico_cni: quay.io/calico/cni:v3.3.2 - calico_ctl: calico/ctl:v3.3.2 - calico_settings: calico/ctl:v3.3.2 + calico_node: quay.io/calico/node:v3.4.0 + calico_cni: quay.io/calico/cni:v3.4.0 + calico_ctl: calico/ctl:v3.4.0 + calico_settings: calico/ctl:v3.4.0 # NOTE: plural key, singular value - calico_kube_controllers: quay.io/calico/kube-controllers:v3.3.2 + calico_kube_controllers: quay.io/calico/kube-controllers:v3.4.0 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 image_repo_sync: docker.io/docker:17.07.0 pull_policy: IfNotPresent