Add cilium_ipam_mode variable (#7418)

Starting with Cilium v1.9 the default ipam mode has changed to "Cluster Scope". See: https://docs.cilium.io/en/v1.9/concepts/networking/ipam/ With this ipam mode Cilium handles assigning subnets to nodes to use for pod ip addresses. The default Kubespray deploy uses the Kube Controller Manager for this (the --allocate-node-cidrs kube-controller-manager flag is set). This makes the proper ipam mode for kubespray using cilium v1.9+ "kubernetes". Tested with Cilium 1.9.5. This PR also mounts the cilium-config ConfigMap for this variable to be read properly. In the future we can probably remove the kvstore and kvstore-opt Cilium Operator args since they can be in the ConfigMap. I will tackle that after this merges.
2026-03-06 10:08:37 +03:00 · 2021-04-01 10:33:22 -04:00
parent cce9d3125d
commit f05d6b3711
3 changed files with 18 additions and 2 deletions
--- a/roles/network_plugin/cilium/templates/cilium-deploy.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium-deploy.yml.j2
@@ -44,6 +44,7 @@ spec:
      containers:
        - args:
            - --debug=$(CILIUM_DEBUG)
+            - --config-dir=/tmp/cilium/config-map
            - --kvstore=etcd
            - --kvstore-opt=etcd.config=/var/lib/etcd-config/etcd.config
          command:
@@ -142,6 +143,9 @@ spec:
            - mountPath: "{{cilium_cert_dir}}"
              name: etcd-secrets
              readOnly: true
+            - mountPath: /tmp/cilium/config-map
+              name: cilium-config-path
+              readOnly: true
      dnsPolicy: ClusterFirst
      priorityClassName: system-node-critical
      restartPolicy: Always
@@ -163,3 +167,6 @@ spec:
        - name: etcd-secrets
          hostPath:
            path: "{{cilium_cert_dir}}"
+        - configMap:
+            name: cilium-config
+          name: cilium-config-path