Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[calico] don't clobber calico options set by the user #8815

Merged
merged 3 commits into from
May 24, 2022
Merged

[calico] don't clobber calico options set by the user #8815

merged 3 commits into from
May 24, 2022

Conversation

cristicalin
Copy link
Contributor

What type of PR is this?

/kind feature

What this PR does / why we need it:
This PR adds the capability to preserve calico options set by the user and not converted to kubespray settings yet (or ever). This allows deployers to set calico options outside the control of kubespray and not have kubespray clobber their options next time it is ran.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:
This PR is needed to keep the CI running on a vanilla version of kubespray. When redoing the kubespray CI I had to enable allowVXLANPacketsFromWorkloads and allowIPIPPacketsFromWorkloads in felixconfig to allow CI jobs to run successfully. These and other options supported by calico are not templated in kubespray and it would be difficult for us to maintain an up-to-date list. It's better to just allow the user to retail customizations.

Does this PR introduce a user-facing change?:

[calico] don't clobber calico options set by the user

@k8s-ci-robot k8s-ci-robot added kind/feature Categorizes issue or PR as related to a new feature. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 12, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cristicalin

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot requested review from holmsten and jayonlau May 12, 2022 12:53
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels May 12, 2022
@cristicalin cristicalin force-pushed the dont_clobber_calico branch 2 times, most recently from 45cb7a3 to a9f84aa Compare May 12, 2022 14:22
@cristicalin cristicalin force-pushed the dont_clobber_calico branch from a9f84aa to 569a319 Compare May 12, 2022 15:50
@cristicalin cristicalin mentioned this pull request May 18, 2022
Merged
@cristicalin
Copy link
Contributor Author

/cc @oomichi @floryut

@k8s-ci-robot k8s-ci-robot requested review from floryut and oomichi May 18, 2022 13:09
oomichi
oomichi reviewed May 19, 2022
View reviewed changes
roles/network_plugin/calico/tasks/install.yml

- name: Calico | Process FelixConfiguration
set_fact:
_felix_config: "{{ _felix_cmd.stdout | from_json | combine(_felix_config, recursive=True) }}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for doing this, it is nice to keep the existing options which are configured by users if there are already.

One question is if users configured the duplicated option(for example, ipipEnabled) which value is used? The existing one? or Kubespray's one?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The way this is intended to work is that kubespray will override the values that it manages such as ipipEnabled and will carry over values that it does not have support for. Previously those values would be dropped.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your explanation @cristicalin
That behavior seems good for me.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 20, 2022
@oomichi oomichi merged commit dc2a18e into kubernetes-sigs:master May 24, 2022
@oomichi oomichi mentioned this pull request May 28, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oomichi oomichi oomichi left review comments

@holmsten holmsten Awaiting requested review from holmsten

@jayonlau jayonlau Awaiting requested review from jayonlau

@floryut floryut Awaiting requested review from floryut

Assignees

@oomichi oomichi

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cristicalin @k8s-ci-robot @oomichi