calico #655

Supports: xenial bionic
Add to new model

Description

Deploys Calico as a background service and configures CNI for use with
calico on any principal charm that implements the kubernetes-cni interface.


Calico Charm

Calico is a new approach to virtual networking and network security for containers,
VMs, and bare metal services, that provides a rich set of security enforcement
capabilities running on top of a highly scalable and efficient virtual network fabric.

This charm will deploy calico as a background service, and configure CNI for
use with calico, on any principal charm that implements the kubernetes-cni
interface.

Usage

The calico charm is a subordinate. This charm will require a principal charm
that implements the kubernetes-cni interface in order to properly deploy.

juju deploy cs:~containers/calico
juju deploy cs:~containers/etcd
juju deploy cs:~containers/kubernetes-master
juju deploy cs:~containers/kubernetes-worker
juju add-relation calico etcd
juju add-relation calico kubernetes-master
juju add-relation calico kubernetes-worker

Further information


Configuration

calico-node-image
(string) The image id to use for calico/node.
image-registry.canonical.com:5000/cdk/calico/node:v3.6.1
calico-policy-image
(string) The image id to use for calico/kube-controllers.
image-registry.canonical.com:5000/cdk/calico/kube-controllers:v3.6.1
cidr
(string) Network CIDR assigned to Calico. This is applied to the default Calico pool, and is also communicated to the Kubernetes charms for use in kube-proxy configuration.
192.168.0.0/16
global-as-number
(int) Global AS number.
64512
global-bgp-peers
(string) List of global BGP peers. Each BGP peer is specified with an address and an as-number. Example value: "[{address: 10.0.0.1, as-number: 65000}, {address: 10.0.0.2, as-number: 65001}]"
[]
ipip
(string) IPIP mode. Must be one of "Always", "CrossSubnet", or "Never".
Never
manage-pools
(boolean) If true, a default pool is created using the cidr and ipip charm configuration values. Warning: When manage-pools is enabled, the charm will delete any pools that are unrecognized.
True
nat-outgoing
(boolean) NAT outgoing traffic
True
node-to-node-mesh
(boolean) When enabled, each Calico node will peer with every other Calico node in the cluster.
True
route-reflector-cluster-ids
(string) Mapping of unit IDs to route reflector cluster IDs. Assigning a route reflector cluster ID allows the node to function as a route reflector. Example value: "{0: 224.0.0.1, 2: 224.0.0.1}"
{}
subnet-as-numbers
(string) Mapping of subnets to AS numbers, specified as YAML. Each Calico node will be assigned an AS number based on the entries in this mapping. Example value: "{10.0.0.0/24: 64512, 10.0.1.0/24: 64513}" If a node's IP matches any of the specified subnets, then the corresponding AS number is used instead of the global one. If a node's IP matches no subnets, then the global AS number will be used instead. If a node's IP matches multiple subnets, then the most specific subnet will be used, e.g. a /24 subnet will take precedence over a /16.
{}
subnet-bgp-peers
(string) Mapping of subnets to lists of BGP peers. Each BGP peer is specified with an address and an as-number. Example value: "{10.0.0.0/24: [{address: 10.0.0.1, as-number: 65000}, {address: 10.0.0.2, as-number: 65001}], 10.0.1.0/24: [{address: 10.0.1.1, as-number: 65002}]}" If a node's IP matches multiple subnets, then peerings will be added for each matched subnet.
{}
unit-as-numbers
(string) Mapping of unit IDs to AS numbers, specified as YAML. Each Calico node will be assigned an AS number based on the entries in this mapping. Example value: "{0: 64512, 1: 64513}" This takes precedence over global-as-number and subnet-as-numbers.
{}
unit-bgp-peers
(string) Mapping of unit IDs to lists of BGP peers. Each BGP peer is specified with an address and an as-number. Example value: "{0: [{address: 10.0.0.1, as-number: 65000}, {address: 10.0.0.2, as-number: 65001}], 1: [{address: 10.0.1.1, as-number: 65002}]}"
{}