From 45a698daf52f2ee6fafa8ad0d83696b9c2be3941 Mon Sep 17 00:00:00 2001 From: Laurence Man Date: Wed, 31 Jul 2019 20:15:33 -0700 Subject: [PATCH] Update Calico to v3.8.1 --- config/v1.5/calico.yaml | 100 +++++++++++++++++++++++++++++++++++----- 1 file changed, 88 insertions(+), 12 deletions(-) diff --git a/config/v1.5/calico.yaml b/config/v1.5/calico.yaml index be3e1933dd..7006f6ba5b 100644 --- a/config/v1.5/calico.yaml +++ b/config/v1.5/calico.yaml @@ -37,7 +37,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: quay.io/calico/node:v3.3.6 + image: quay.io/calico/node:v3.8.1 env: # Use Kubernetes API as the backing datastore. - name: DATASTORE_TYPE @@ -162,6 +162,42 @@ spec: --- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ipamblocks.crd.projectcalico.org +spec: + scope: Cluster + group: crd.projectcalico.org + versions: + - name: v1 + served: true + storage: true + names: + kind: IPAMBlock + plural: ipamblocks + singular: ipamblock + +--- + +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: blockaffinities.crd.projectcalico.org +spec: + scope: Cluster + group: crd.projectcalico.org + versions: + - name: v1 + served: true + storage: true + names: + kind: BlockAffinity + plural: blockaffinities + singular: blockaffinity + +--- + apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -295,6 +331,24 @@ spec: --- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: networksets.crd.projectcalico.org +spec: + scope: Namespaced + group: crd.projectcalico.org + versions: + - name: v1 + served: true + storage: true + names: + kind: NetworkSet + plural: networksets + singular: networkset + +--- + # Create the ServiceAccount and roles necessary for Calico. apiVersion: v1 @@ -323,6 +377,12 @@ rules: - pods/status verbs: - patch + - apiGroups: [""] + resources: + - nodes/status + verbs: + - patch + - update - apiGroups: [""] resources: - pods @@ -369,9 +429,11 @@ rules: - globalbgpconfigs - bgpconfigurations - ippools + - ipamblocks - globalnetworkpolicies - globalnetworksets - networkpolicies + - networksets - clusterinformations - hostendpoints verbs: @@ -380,6 +442,22 @@ rules: - list - update - watch + - apiGroups: ["crd.projectcalico.org"] + resources: + - blockaffinities + - ipamblocks + - ipamhandles + verbs: + - get + - list + - create + - update + - delete + - apiGroups: ["crd.projectcalico.org"] + resources: + - blockaffinities + verbs: + - watch --- @@ -424,7 +502,7 @@ spec: hostNetwork: true serviceAccountName: calico-node containers: - - image: quay.io/calico/typha:v3.3.6 + - image: quay.io/calico/typha:v3.8.1 name: calico-typha ports: - containerPort: 5473 @@ -457,19 +535,17 @@ spec: - name: FELIX_IPTABLESMANGLEALLOWACTION value: Return livenessProbe: - exec: - command: - - calico-typha - - check - - liveness + httpGet: + path: /liveness + port: 9098 + host: localhost periodSeconds: 30 initialDelaySeconds: 30 readinessProbe: - exec: - command: - - calico-typha - - check - - readiness + httpGet: + path: /readiness + port: 9098 + host: localhost periodSeconds: 10 ---