calico-ipam replaced to kube-ipam ?

ssslkj123 commented 2 years ago

Question : Whether it's when I try to use this kube-ipam plugin for fixed my pod IP , my cluster k8s cluster CNI plugin which config and deploy form offical calico-etcd.yaml ,version : v3.19.x .

I try to modify /etc/cni/net.d/10-calico.conflist which created by initContainer : install-cni like :

{
  "name": "k8s-pod-network",
  "cniVersion": "0.3.1",
  "plugins": [
    {
      "type": "calico",
      "log_level": "info",
...
        "ipam": {
                "name": "kube-subnet",
                "type": "kube-ipam",
                "etcdConfig": {
                        "etcdURL": "https://192.168.1.50:2379,https://192.168.1.58:2379,https://192.168.1.63:2379",
            "kubeConfig": "/etc/kubernetes/pki/kubectl.kubeconfig"
                        "etcdCertFile": "/etc/kubernetes/ssl/etcd.pem",
                        "etcdKeyFile": "/etc/kubernetes/ssl/etcd-key.pem",
                        "etcdTrustedCAFileFile": "/etc/kubernetes/ssl/ca.pem"
                },
                "subnet": "10.188.0.0/16",
                "rangeStart": "10.188.0.10",
                "rangeEnd": "10.188.0.200",
                "gateway": "10.188.0.1",
                "routes": [{
                        "dst": "0.0.0.0/0"
                }],
                "resolvConf": "/etc/resolv.conf"
        },
      "policy": {
          "type": "k8s"
      },
      "kubernetes": {
          "kubeconfig": "/etc/cni/net.d/calico-kubeconfig"
      }
    },
...
    {
      "type": "bandwidth",
      "capabilities": {"bandwidth": true}
    }
  ]
}

So if I do this replacement is work or not ？ Thanks a lot

cloudnativer commented 2 years ago

kube-ipam supports fixing the IP address of pod in calico network. Please see https://github.com/cloudnativer/kube-ipam/blob/main/docs/kubeipam-with-calico.md for details.

In addition, here is an example 10-calico.conflist:


#
# cat /etc/cni/net.d/10-calico.conflist 
{
  "name": "k8s-pod-network",
  "cniVersion": "0.3.1",
  "plugins": [
    {
      "type": "calico",
      "log_level": "info",
      "log_file_path": "/var/log/calico/cni/cni.log",
      "datastore_type": "kubernetes",
      "nodename": "192.168.56.82",
      "mtu": 0,
      "ipam": {
                "name": "kube-subnet",
                "type": "kube-ipam",
                "kubeConfig": "/etc/kubernetes/ssl/kube.kubeconfig",
                "etcdConfig": {
                        "etcdURL": "https://192.168.1.50:2379,https://192.168.1.58:2379,https://192.168.1.63:2379",
                        "etcdCertFile": "/etc/kubernetes/ssl/kubernetes.pem",
                        "etcdKeyFile": "/etc/kubernetes/ssl/kubernetes-key.pem",
                        "etcdTrustedCAFileFile": "/etc/kubernetes/ssl/k8s-root-ca.pem"
                },
                "subnet": "10.244.0.0/16",
                "rangeStart": "10.244.0.10",
                "rangeEnd": "10.244.0.200",
                "gateway": "10.244.0.1",
                "routes": [{
                        "dst": "0.0.0.0/0"
                }],
                "resolvConf": "/etc/resolv.conf"
      },
      "policy": {
          "type": "k8s"
      },
      "kubernetes": {
          "kubeconfig": "/etc/cni/net.d/calico-kubeconfig"
      }
    },
    {
      "type": "portmap",
      "snat": true,
      "capabilities": {"portMappings": true}
    },
    {
      "type": "bandwidth",
      "capabilities": {"bandwidth": true}
    }
  ]
}

#
#

cloudnativer commented 2 years ago

So if I do this replacement is work or not ？ Thanks a lot

yes, you can see https://github.com/cloudnativer/kube-ipam/blob/main/docs/kubeipam-with-calico.md for details.

There is an example calico.yaml in the yaml directory. Please note the settings of kubeConfig, etcdConfig, subnet and other parameters. subnet and CALICO_IPV4POOL_CIDR parameters should be set to the same value.

cloudnativer / kube-ipam

calico-ipam replaced to kube-ipam ? #2