Add Calico v2.5 support for Kubernetes v1.8+ #3623
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
/assign @chrislovecnm Some Notes:
|
Ick ... checking now |
|
@KashifSaadat which test? |
|
Sorry ignore that!! It seems my git checkout must have screwed up a little, I had the bootstrapchannelbuilder changes but I think it was actually missing the 1.7 manifest file somehow. I've cleared up and done a fresh checkout and the tests are passing now. 👍 |
|
I am guessing that the makefile did not regenerate go-bindata :) |
|
Ah yes that could have been it! |
| securityContext: | ||
| privileged: true | ||
| resources: | ||
| requests: |
There was a problem hiding this comment.
did we want to set limits and request the same to get QOS?
There was a problem hiding this comment.
Sure that sounds sensible, will update.
| name: cni-net-dir | ||
| # This container runs flannel using the kube-subnet-mgr backend | ||
| # for allocating subnets. | ||
| - name: kube-flannel |
There was a problem hiding this comment.
missing resources section
There was a problem hiding this comment.
This wasn't defined in the existing canal templates. I'm not sure exactly what the limits should be set to here, so I'll use what was defined for the flannel networking templates.
There was a problem hiding this comment.
May want to talk with @justinsb about it. Can we file an issue and revisit?
There was a problem hiding this comment.
The canal / calico guys should tell us what to use ;)
|
|
||
| # Calico Roles | ||
| # Pulled from https://docs.projectcalico.org/v2.5/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml | ||
| kind: ClusterRole |
There was a problem hiding this comment.
@caseydavenport / @liggitt you mind reviewing?
Just push another WIP PR, we can ping @caseydavenport and his amigos :) |
|
Fixes #3352 |
| resources: | ||
| - pods/status | ||
| verbs: | ||
| - update |
There was a problem hiding this comment.
Should probably be using patch to avoid dropping unknown fields (see flannel use of patch for nodes/status)
There was a problem hiding this comment.
As Casey mentioned I'm unable to change this currently and would need to wait for it to be resolved upstream in Calico. Tested just to make sure and my deployments were failing.
| verbs: | ||
| - get | ||
| - list | ||
| - update |
There was a problem hiding this comment.
Yeah it does (though like you mention for pods/status it should really be using patch - there's an open issue against Calico to do that).
Calico stores some of its per-node configuration, etc. as annotations on the node.
KashifSaadat
force-pushed
the
canal-v2.5
branch
from
769b99f
to
6d624c7
Compare
|
Should be ready for another review now :) |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chrislovecnm The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
the
approved
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue. |
Added support for Canal (Calico) v2.5.1, which is required to work with Kubernetes v1.8.0+.
Older versions of Calico relied on ThirdPartyResources API to store it's config data, however this is now fully deprecated in Kubernetes v1.8 and has moved over to CustomResourceDefinitions (CRD). Calico v2.5+ has been updated to use CRD, however there is a manual upgrade process involved to migrate the configuration data across: https://github.com/projectcalico/calico/blob/master/upgrade/v2.5/README.md