epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-13 21:34:40 +03:00
Code Issues Packages Projects Releases Wiki Activity

Removed weave support (#12230)

Browse Source
This commit is contained in:
Anshuman Agarwala
2025-05-22 13:40:36 +05:30
committed by GitHub
parent b79f7d79f0
commit 73b3e9b557
25 changed files with 6 additions and 619 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/ISSUE_TEMPLATE/bug-report.yaml vendored
View File

@@ -108,7 +108,6 @@ body:
- meta
- multus
- ovn4nfv
- weave
validations:
required: true

4
README.md
View File

@@ -124,7 +124,6 @@ Note:
- [kube-ovn](https://github.com/alauda/kube-ovn) 1.12.21
- [kube-router](https://github.com/cloudnativelabs/kube-router) 2.1.1
- [multus](https://github.com/k8snetworkplumbingwg/multus-cni) 4.1.0
- [weave](https://github.com/rajch/weave) 2.8.7
- [kube-vip](https://github.com/kube-vip/kube-vip) 0.8.0
- Application
- [cert-manager](https://github.com/jetstack/cert-manager) 1.15.3
@@ -183,9 +182,6 @@ You can choose among ten network plugins. (default: `calico`, except Vagrant use
- [cilium](http://docs.cilium.io/en/latest/): layer 3/4 networking (as well as layer 7 to protect and secure application protocols), supports dynamic insertion of BPF bytecode into the Linux kernel to implement security services, networking and visibility logic.
- [weave](docs/CNI/weave.md): Weave is a lightweight container overlay network that doesn't require an external K/V database cluster.
(Please refer to `weave` [troubleshooting documentation](https://www.weave.works/docs/net/latest/troubleshooting/)).
- [kube-ovn](docs/CNI/kube-ovn.md): Kube-OVN integrates the OVN-based Network Virtualization with Kubernetes. It offers an advanced Container Network Fabric for Enterprises.
- [kube-router](docs/CNI/kube-router.md): Kube-router is a L3 CNI for Kubernetes networking aiming to provide operational

2
contrib/terraform/openstack/README.md
View File

@@ -624,7 +624,7 @@ Edit `inventory/$CLUSTER/group_vars/k8s_cluster/k8s_cluster.yml`:
- **calico** requires [configuring OpenStack Neutron ports](/docs/cloud_controllers/openstack.md) to allow service and pod subnets
```yml
# Choose network plugin (calico, weave or flannel)
# Choose network plugin (calico or flannel)
# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing
kube_network_plugin: flannel
```

79
docs/CNI/weave.md
View File

@@ -1,79 +0,0 @@
# Weave
Weave 2.0.1 is supported by kubespray
Weave uses [**consensus**](https://www.weave.works/docs/net/latest/ipam/##consensus) mode (default mode) and [**seed**](https://www.weave.works/docs/net/latest/ipam/#seed) mode.
`Consensus` mode is best to use on static size cluster and `seed` mode is best to use on dynamic size cluster
Weave encryption is supported for all communication
* To use Weave encryption, specify a strong password (if no password, no encryption)
```ShellSession
# In file ./inventory/sample/group_vars/k8s_cluster.yml
weave_password: EnterPasswordHere
```
This password is used to set an environment variable inside weave container.
Weave is deployed by kubespray using a daemonSet
* Check the status of Weave containers
```ShellSession
# From client
kubectl -n kube-system get pods | grep weave
# output
weave-net-50wd2 2/2 Running 0 2m
weave-net-js9rb 2/2 Running 0 2m
```
There must be as many pods as nodes (here kubernetes have 2 nodes so there are 2 weave pods).
* Check status of weave (connection,encryption ...) for each node
```ShellSession
# On nodes
curl http://127.0.0.1:6784/status
# output on node1
Version: 2.0.1 (up to date; next check at 2017/08/01 13:51:34)
Service: router
Protocol: weave 1..2
Name: fa:16:3e:b3:d6:b2(node1)
Encryption: enabled
PeerDiscovery: enabled
Targets: 2
Connections: 2 (1 established, 1 failed)
Peers: 2 (with 2 established connections)
TrustedSubnets: none
Service: ipam
Status: ready
Range: 10.233.64.0/18
DefaultSubnet: 10.233.64.0/18
```
* Check parameters of weave for each node
```ShellSession
# On nodes
ps -aux | grep weaver
# output on node1 (here its use seed mode)
root 8559 0.2 3.0 365280 62700 ? Sl 08:25 0:00 /home/weave/weaver --name=fa:16:3e:b3:d6:b2 --port=6783 --datapath=datapath --host-root=/host --http-addr=127.0.0.1:6784 --status-addr=0.0.0.0:6782 --docker-api= --no-dns --db-prefix=/weavedb/weave-net --ipalloc-range=10.233.64.0/18 --nickname=node1 --ipalloc-init seed=fa:16:3e:b3:d6:b2,fa:16:3e:f0:50:53 --conn-limit=30 --expect-npc 192.168.208.28 192.168.208.19
```
## Consensus mode (default mode)
This mode is best to use on static size cluster
### Seed mode
This mode is best to use on dynamic size cluster
The seed mode also allows multi-clouds and hybrid on-premise/cloud clusters deployment.
* Switch from consensus mode to seed/Observation mode
See [weave ipam documentation](https://www.weave.works/docs/net/latest/tasks/ipam/ipam/) and use `weave_extra_args` to enable.

1
docs/_sidebar.md generated
View File

@@ -32,7 +32,6 @@
* [Kube-router](/docs/CNI/kube-router.md)
* [Macvlan](/docs/CNI/macvlan.md)
* [Multus](/docs/CNI/multus.md)
* [Weave](/docs/CNI/weave.md)
* CRI
* [Containerd](/docs/CRI/containerd.md)
* [Cri-o](/docs/CRI/cri-o.md)

1
docs/advanced/arch.md
View File

@@ -9,7 +9,6 @@ The following table shows the impact of the CPU architecture on compatible featu
| kube_network_plugin | amd64 | arm64 | amd64 + arm64 |
|---------------------|-------|-------|---------------|
| Calico | Y | Y | Y |
| Weave | Y | Y | Y |
| Flannel | Y | N | N |
| Canal | Y | N | N |
| Cilium | Y | Y | N |

1
docs/ansible/ansible.md
View File

@@ -153,7 +153,6 @@ The following tags are defined in playbooks:
| upgrade | Upgrading, f.e. container images/binaries |
| upload | Distributing images/binaries across hosts |
| vsphere-csi-driver | Configuring csi driver: vsphere |
| weave | Network plugin Weave |
| win_nodes | Running windows specific tasks |
| youki | Configuring youki runtime |

3
docs/operations/upgrades.md
View File

@@ -13,7 +13,6 @@ versions. Here are all version vars for each component:
* etcd_version
* calico_version
* calico_cni_version
* weave_version
* flannel_version
> **Warning**
@@ -356,7 +355,7 @@ follows:
* Containerd
* etcd
* kubelet and kube-proxy
* network_plugin (such as Calico or Weave)
* network_plugin (such as Calico)
* kube-apiserver, kube-scheduler, and kube-controller-manager
* Add-ons (such as KubeDNS)

2
inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
View File

@@ -62,7 +62,7 @@ credentials_dir: "{{ inventory_dir }}/credentials"
# kube_webhook_authorization_url: https://...
# kube_webhook_authorization_url_skip_tls_verify: false
# Choose network plugin (cilium, calico, kube-ovn, weave or flannel. Use cni for generic cni plugin)
# Choose network plugin (cilium, calico, kube-ovn or flannel. Use cni for generic cni plugin)
# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing
kube_network_plugin: calico

64
inventory/sample/group_vars/k8s_cluster/k8s-net-weave.yml
View File

@@ -1,64 +0,0 @@
# see roles/network_plugin/weave/defaults/main.yml
# Weave's network password for encryption, if null then no network encryption.
# weave_password: ~
# If set to 1, disable checking for new Weave Net versions (default is blank,
# i.e. check is enabled)
# weave_checkpoint_disable: false
# Soft limit on the number of connections between peers. Defaults to 100.
# weave_conn_limit: 100
# Weave Net defaults to enabling hairpin on the bridge side of the veth pair
# for containers attached. If you need to disable hairpin, e.g. your kernel is
# one of those that can panic if hairpin is enabled, then you can disable it by
# setting `HAIRPIN_MODE=false`.
# weave_hairpin_mode: true
# The range of IP addresses used by Weave Net and the subnet they are placed in
# (CIDR format; default 10.32.0.0/12)
# weave_ipalloc_range: "{{ kube_pods_subnet }}"
# Set to 0 to disable Network Policy Controller (default is on)
# weave_expect_npc: "{{ enable_network_policy }}"
# List of addresses of peers in the Kubernetes cluster (default is to fetch the
# list from the api-server)
# weave_kube_peers: ~
# Set the initialization mode of the IP Address Manager (defaults to consensus
# amongst the KUBE_PEERS)
# weave_ipalloc_init: ~
# Set the IP address used as a gateway from the Weave network to the host
# network - this is useful if you are configuring the addon as a static pod.
# weave_expose_ip: ~
# Address and port that the Weave Net daemon will serve Prometheus-style
# metrics on (defaults to 0.0.0.0:6782)
# weave_metrics_addr: ~
# Address and port that the Weave Net daemon will serve status requests on
# (defaults to disabled)
# weave_status_addr: ~
# Weave Net defaults to 1376 bytes, but you can set a smaller size if your
# underlying network has a tighter limit, or set a larger size for better
# performance if your network supports jumbo frames (e.g. 8916)
# weave_mtu: 1376
# Set to 1 to preserve the client source IP address when accessing Service
# annotated with `service.spec.externalTrafficPolicy=Local`. The feature works
# only with Weave IPAM (default).
# weave_no_masq_local: true
# set to nft to use nftables backend for iptables (default is iptables)
# weave_iptables_backend: iptables
# Extra variables that passing to launch.sh, useful for enabling seed mode, see
# https://www.weave.works/docs/net/latest/tasks/ipam/ipam/
# weave_extra_args: ~
# Extra variables for weave_npc that passing to launch.sh, useful for change log level, ex --log-level=error
# weave_npc_extra_args: ~

5
roles/kubernetes-apps/network_plugin/meta/main.yml
View File

@@ -15,11 +15,6 @@ dependencies:
tags:
- kube-ovn
- role: kubernetes-apps/network_plugin/weave
when: kube_network_plugin == 'weave'
tags:
- weave
- role: kubernetes-apps/network_plugin/kube-router
when: kube_network_plugin == 'kube-router'
tags:

21
roles/kubernetes-apps/network_plugin/weave/tasks/main.yml
View File

@@ -1,21 +0,0 @@
---
- name: Weave | Start Resources
kube:
name: "weave-net"
kubectl: "{{ bin_dir }}/kubectl"
filename: "{{ kube_config_dir }}/weave-net.yml"
resource: "ds"
namespace: "kube-system"
state: "latest"
when: inventory_hostname == groups['kube_control_plane'][0]
- name: Weave | Wait for Weave to become available
uri:
url: http://127.0.0.1:6784/status
return_content: true
register: weave_status
retries: 180
delay: 5
until: "weave_status.status == 200 and 'Status: ready' in weave_status.content"
when: inventory_hostname == groups['kube_control_plane'][0]

3
roles/kubernetes/preinstall/tasks/0050-create_directories.yml
View File

@@ -77,13 +77,12 @@
- "/etc/cni/net.d"
- "/opt/cni/bin"
when:
- kube_network_plugin in ["calico", "weave", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
- kube_network_plugin in ["calico", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
- ('k8s_cluster' in group_names)
tags:
- network
- cilium
- calico
- weave
- kube-ovn
- kube-router
- bootstrap_os

23
roles/kubespray_defaults/defaults/main/download.yml
View File

@@ -110,7 +110,6 @@ calico_apiserver_enabled: false
flannel_version: 0.22.0
flannel_cni_version: 1.1.2
weave_version: 2.8.7
cni_version: "{{ (cni_binary_checksums['amd64'] | dict2items)[0].key }}"
cilium_version: "1.17.3"
@@ -250,10 +249,6 @@ netcheck_agent_image_tag: "v{{ netcheck_version }}"
netcheck_server_image_repo: "{{ docker_image_repo }}/mirantis/k8s-netchecker-server"
netcheck_server_image_tag: "v{{ netcheck_version }}"
netcheck_etcd_image_tag: "v3.4.17"
weave_kube_image_repo: "{{ docker_image_repo }}/rajchaudhuri/weave-kube"
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "{{ docker_image_repo }}/rajchaudhuri/weave-npc"
weave_npc_image_tag: "{{ weave_version }}"
cilium_image_repo: "{{ quay_image_repo }}/cilium/cilium"
cilium_image_tag: "v{{ cilium_version }}"
cilium_operator_image_repo: "{{ quay_image_repo }}/cilium/operator"
@@ -806,24 +801,6 @@ downloads:
groups:
- kube_control_plane
weave_kube:
enabled: "{{ kube_network_plugin == 'weave' }}"
container: true
repo: "{{ weave_kube_image_repo }}"
tag: "{{ weave_kube_image_tag }}"
checksum: "{{ weave_kube_digest_checksum | default(None) }}"
groups:
- k8s_cluster
weave_npc:
enabled: "{{ kube_network_plugin == 'weave' }}"
container: true
repo: "{{ weave_npc_image_repo }}"
tag: "{{ weave_npc_image_tag }}"
checksum: "{{ weave_npc_digest_checksum | default(None) }}"
groups:
- k8s_cluster
kube_ovn:
enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
container: true

7
roles/kubespray_defaults/defaults/main/main.yml
View File

@@ -199,7 +199,7 @@ kube_external_ca_mode: false
# Cluster Loglevel configuration
kube_log_level: 2
# Choose network plugin (cilium, calico, kube-ovn, weave or flannel. Use cni for generic cni plugin)
# Choose network plugin (cilium, calico, kube-ovn or flannel. Use cni for generic cni plugin)
# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing
kube_network_plugin: calico
kube_network_plugin_multus: false
@@ -606,11 +606,6 @@ local_volume_provisioner_storage_classes: |
}
}
# weave's network password for encryption
# if null then no network encryption
# you can use --extra-vars to pass the password in command line
weave_password: EnterPasswordHere
ssl_ca_dirs: |-
[
{% if ansible_os_family in ['Flatcar', 'Flatcar Container Linux by Kinvolk'] -%}

5
roles/network_plugin/meta/main.yml
View File

@@ -18,11 +18,6 @@ dependencies:
tags:
- flannel
- role: network_plugin/weave
when: kube_network_plugin == 'weave'
tags:
- weave
- role: network_plugin/macvlan
when: kube_network_plugin == 'macvlan'
tags:

64
roles/network_plugin/weave/defaults/main.yml
View File

@@ -1,64 +0,0 @@
---
# Weave's network password for encryption, if null then no network encryption.
weave_password: ~
# If set to 1, disable checking for new Weave Net versions (default is blank,
# i.e. check is enabled)
weave_checkpoint_disable: false
# Soft limit on the number of connections between peers. Defaults to 100.
weave_conn_limit: 100
# Weave Net defaults to enabling hairpin on the bridge side of the veth pair
# for containers attached. If you need to disable hairpin, e.g. your kernel is
# one of those that can panic if hairpin is enabled, then you can disable it by
# setting `HAIRPIN_MODE=false`.
weave_hairpin_mode: true
# The range of IP addresses used by Weave Net and the subnet they are placed in
# (CIDR format; default 10.32.0.0/12)
weave_ipalloc_range: "{{ kube_pods_subnets }}"
# Set to 0 to disable Network Policy Controller (default is on)
weave_expect_npc: "{{ enable_network_policy }}"
# List of addresses of peers in the Kubernetes cluster (default is to fetch the
# list from the api-server)
weave_kube_peers: ~
# Set the initialization mode of the IP Address Manager (defaults to consensus
# amongst the KUBE_PEERS)
weave_ipalloc_init: ~
# Set the IP address used as a gateway from the Weave network to the host
# network - this is useful if you are configuring the addon as a static pod.
weave_expose_ip: ~
# Address and port that the Weave Net daemon will serve Prometheus-style
# metrics on (defaults to 0.0.0.0:6782)
weave_metrics_addr: ~
# Address and port that the Weave Net daemon will serve status requests on
# (defaults to disabled)
weave_status_addr: ~
# Weave Net defaults to 1376 bytes, but you can set a smaller size if your
# underlying network has a tighter limit, or set a larger size for better
# performance if your network supports jumbo frames (e.g. 8916)
weave_mtu: 1376
# Set to 1 to preserve the client source IP address when accessing Service
# annotated with `service.spec.externalTrafficPolicy=Local`. The feature works
# only with Weave IPAM (default).
weave_no_masq_local: true
# set to nft to use nftables backend for iptables (default is iptables)
weave_iptables_backend: ~
# Extra variables that passing to launch.sh, useful for enabling seed mode, see
# https://www.weave.works/docs/net/latest/tasks/ipam/ipam/
weave_extra_args: ~
# Extra variables for weave_npc that passing to launch.sh, useful for change log level, ex --log-level=error
weave_npc_extra_args: ~

3
roles/network_plugin/weave/meta/main.yml
View File

@@ -1,3 +0,0 @@
---
dependencies:
- role: network_plugin/cni

12
roles/network_plugin/weave/tasks/main.yml
View File

@@ -1,12 +0,0 @@
---
- name: Weave | Create manifest
template:
src: weave-net.yml.j2
dest: "{{ kube_config_dir }}/weave-net.yml"
mode: "0644"
- name: Weave | Fix nodePort for Weave
template:
src: 10-weave.conflist.j2
dest: /etc/cni/net.d/10-weave.conflist
mode: "0644"

16
roles/network_plugin/weave/templates/10-weave.conflist.j2
View File

@@ -1,16 +0,0 @@
{
"cniVersion": "0.3.0",
"name": "weave",
"plugins": [
{
"name": "weave",
"type": "weave-net",
"hairpinMode": {{ weave_hairpin_mode | bool | lower }}
},
{
"type": "portmap",
"capabilities": {"portMappings": true},
"snat": true
}
]
}

297
roles/network_plugin/weave/templates/weave-net.yml.j2
View File

@@ -1,297 +0,0 @@
---
apiVersion: v1
kind: List
items:
- apiVersion: v1
kind: ServiceAccount
metadata:
name: weave-net
labels:
name: weave-net
namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: weave-net
labels:
name: weave-net
rules:
- apiGroups:
- ''
resources:
- pods
- namespaces
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- networkpolicies
verbs:
- get
- list
- watch
- apiGroups:
- 'networking.k8s.io'
resources:
- networkpolicies
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- nodes/status
verbs:
- patch
- update
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: weave-net
labels:
name: weave-net
roleRef:
kind: ClusterRole
name: weave-net
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: weave-net
namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: weave-net
namespace: kube-system
labels:
name: weave-net
rules:
- apiGroups:
- ''
resources:
- configmaps
resourceNames:
- weave-net
verbs:
- get
- update
- apiGroups:
- ''
resources:
- configmaps
verbs:
- create
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: weave-net
namespace: kube-system
labels:
name: weave-net
roleRef:
kind: Role
name: weave-net
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: weave-net
namespace: kube-system
- apiVersion: apps/v1
kind: DaemonSet
metadata:
name: weave-net
labels:
name: weave-net
namespace: kube-system
spec:
# Wait 5 seconds to let pod connect before rolling next pod
selector:
matchLabels:
name: weave-net
minReadySeconds: 5
template:
metadata:
labels:
name: weave-net
spec:
initContainers:
- name: weave-init
image: {{ weave_kube_image_repo }}:{{ weave_kube_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
command:
- /home/weave/init.sh
env:
securityContext:
privileged: true
volumeMounts:
- name: cni-bin
mountPath: /host/opt
- name: cni-bin2
mountPath: /host/home
- name: cni-conf
mountPath: /host/etc
- name: lib-modules
mountPath: /lib/modules
- name: xtables-lock
mountPath: /run/xtables.lock
readOnly: false
containers:
- name: weave
command:
- /home/weave/launch.sh
env:
- name: INIT_CONTAINER
value: "true"
- name: HOSTNAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: WEAVE_PASSWORD
valueFrom:
secretKeyRef:
name: weave-net
key: WEAVE_PASSWORD
- name: CHECKPOINT_DISABLE
value: "{{ weave_checkpoint_disable | bool | int }}"
- name: CONN_LIMIT
value: "{{ weave_conn_limit | int }}"
- name: HAIRPIN_MODE
value: "{{ weave_hairpin_mode | bool | lower }}"
- name: IPALLOC_RANGE
value: "{{ weave_ipalloc_range }}"
- name: EXPECT_NPC
value: "{{ weave_expect_npc | bool | int }}"
{% if weave_kube_peers %}
- name: KUBE_PEERS
value: "{{ weave_kube_peers }}"
{% endif %}
{% if weave_ipalloc_init %}
- name: IPALLOC_INIT
value: "{{ weave_ipalloc_init }}"
{% endif %}
{% if weave_expose_ip %}
- name: WEAVE_EXPOSE_IP
value: "{{ weave_expose_ip }}"
{% endif %}
{% if weave_metrics_addr %}
- name: WEAVE_METRICS_ADDR
value: "{{ weave_metrics_addr }}"
{% endif %}
{% if weave_status_addr %}
- name: WEAVE_STATUS_ADDR
value: "{{ weave_status_addr }}"
{% endif %}
{% if weave_iptables_backend %}
- name: IPTABLES_BACKEND
value: "{{ weave_iptables_backend }}"
{% endif %}
- name: WEAVE_MTU
value: "{{ weave_mtu | int }}"
- name: NO_MASQ_LOCAL
value: "{{ weave_no_masq_local | bool | int }}"
{% if weave_extra_args %}
- name: EXTRA_ARGS
value: "{{ weave_extra_args }}"
{% endif %}
image: {{ weave_kube_image_repo }}:{{ weave_kube_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
readinessProbe:
httpGet:
host: 127.0.0.1
path: /status
port: 6784
resources:
requests:
cpu: 50m
securityContext:
privileged: true
volumeMounts:
- name: weavedb
mountPath: /weavedb
- name: dbus
mountPath: /host/var/lib/dbus
readOnly: true
- mountPath: /host/etc/machine-id
name: cni-machine-id
readOnly: true
- name: xtables-lock
mountPath: /run/xtables.lock
readOnly: false
- name: weave-npc
env:
- name: HOSTNAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
{% if weave_npc_extra_args %}
- name: EXTRA_ARGS
value: "{{ weave_npc_extra_args }}"
{% endif %}
image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
resources:
requests:
cpu: 50m
securityContext:
privileged: true
volumeMounts:
- name: xtables-lock
mountPath: /run/xtables.lock
readOnly: false
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
hostPID: false
restartPolicy: Always
securityContext:
seLinuxOptions: {}
serviceAccountName: weave-net
tolerations:
- effect: NoSchedule
operator: Exists
- effect: NoExecute
operator: Exists
volumes:
- name: weavedb
hostPath:
path: /var/lib/weave
- name: cni-bin
hostPath:
path: /opt
- name: cni-bin2
hostPath:
path: /home
- name: cni-conf
hostPath:
path: /etc
- name: cni-machine-id
hostPath:
path: /etc/machine-id
- name: dbus
hostPath:
path: /var/lib/dbus
- name: lib-modules
hostPath:
path: /lib/modules
- name: xtables-lock
hostPath:
path: /run/xtables.lock
type: FileOrCreate
priorityClassName: system-node-critical
updateStrategy:
rollingUpdate:
maxUnavailable: {{ serial | default('20%') }}
type: RollingUpdate
- apiVersion: v1
kind: Secret
metadata:
name: weave-net
namespace: kube-system
data:
WEAVE_PASSWORD: "{{ weave_password | default("") | b64encode }}"

2
roles/reset/tasks/main.yml
View File

@@ -304,7 +304,6 @@
- /etc/NetworkManager/conf.d/calico.conf
- /etc/NetworkManager/conf.d/dns.conf
- /etc/NetworkManager/conf.d/k8s.conf
- /etc/weave.env
- /opt/cni
- /etc/dhcp/dhclient.d/zdnsupdate.sh
- /etc/dhcp/dhclient-exit-hooks.d/zdnsupdate
@@ -332,7 +331,6 @@
- "{{ bin_dir }}/calicoctl"
- "{{ bin_dir }}/calicoctl.sh"
- "{{ bin_dir }}/calico-upgrade"
- "{{ bin_dir }}/weave"
- "{{ bin_dir }}/crictl"
- "{{ bin_dir }}/nerdctl"
- "{{ bin_dir }}/netctl"

2
roles/validate_inventory/tasks/main.yml
View File

@@ -155,7 +155,7 @@
- name: Stop if unsupported options selected
assert:
that:
- kube_network_plugin in ['calico', 'flannel', 'weave', 'cloud', 'cilium', 'cni', 'kube-ovn', 'kube-router', 'macvlan', 'custom_cni', 'none']
- kube_network_plugin in ['calico', 'flannel', 'cloud', 'cilium', 'cni', 'kube-ovn', 'kube-router', 'macvlan', 'custom_cni', 'none']
- dns_mode in ['coredns', 'coredns_dual', 'manual', 'none']
- kube_proxy_mode in ['iptables', 'ipvs', 'nftables']
- cert_management in ['script', 'none']

6
scripts/collect-info.yaml
View File

@@ -41,12 +41,6 @@
- name: calico_pool_info
cmd: "{{ bin_dir }}/calicoctl get ippool -o wide"
when: '{{ kube_network_plugin == "calico" }}'
- name: weave_info
cmd: weave report
when: '{{ kube_network_plugin == "weave" }}'
- name: weave_logs
cmd: "{{ docker_bin_dir }}/docker logs weave"
when: '{{ kube_network_plugin == "weave" }}'
- name: kube_describe_all
cmd: "{{ bin_dir }}/kubectl describe all --all-namespaces"
- name: kube_describe_nodes

1
scripts/readme_versions.md.j2
View File

@@ -12,7 +12,6 @@
- [kube-ovn](https://github.com/alauda/kube-ovn) {{ kube_ovn_version }}
- [kube-router](https://github.com/cloudnativelabs/kube-router) {{ kube_router_version }}
- [multus](https://github.com/k8snetworkplumbingwg/multus-cni) {{ multus_version }}
- [weave](https://github.com/rajch/weave) {{ weave_version }}
- [kube-vip](https://github.com/kube-vip/kube-vip) {{ kube_vip_version }}
- Application
- [cert-manager](https://github.com/jetstack/cert-manager) {{ cert_manager_version }}