-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathflannel-overlay.yaml
142 lines (142 loc) · 4.25 KB
/
flannel-overlay.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-windows-cfg
namespace: kube-flannel
labels:
tier: node
app: flannel
data:
cni-conf-containerd.json: |
{
"name": "flannel.4096",
"cniVersion": "0.3.0",
"type": "flannel",
"capabilities": {
"portMappings": true,
"dns": true
},
"delegate": {
"type": "sdnoverlay",
"AdditionalArgs": [
{
"Name": "EndpointPolicy",
"Value": {
"Type": "OutBoundNAT",
"Settings" : {
"Exceptions": []
}
}
},
{
"Name": "EndpointPolicy",
"Value": {
"Type": "SDNROUTE",
"Settings": {
"DestinationPrefix": "",
"NeedEncap": true
}
}
},
{
"Name":"EndpointPolicy",
"Value":{
"Type":"ProviderAddress",
"Settings":{
"ProviderAddress":""
}
}
}
]
}
}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kube-flannel-ds-windows-amd64
labels:
tier: node
app: flannel
namespace: kube-flannel
spec:
selector:
matchLabels:
app: flannel
template:
metadata:
labels:
tier: node
app: flannel
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- windows
- key: kubernetes.io/arch
operator: In
values:
- amd64
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: "NT AUTHORITY\\system"
hostNetwork: true
serviceAccountName: flannel
tolerations:
- operator: Exists
effect: NoSchedule
# Mark the pod as a critical add-on for rescheduling.
- key: CriticalAddonsOnly
operator: Exists
- effect: NoExecute
operator: Exists
containers:
- name: kube-flannel
image: syck0/flannel:v0.21.5-hostprocess
imagePullPolicy: Always
volumeMounts:
- name: flannel-cfg
mountPath: /mounts/kube-flannel/
- name: flannel-windows-cfg
mountPath: /mounts/kube-flannel-windows/
env:
- name: CNI_BIN_PATH
value: C:\\opt\\cni\\bin
- name: CNI_CONFIG_PATH
value: C:\\etc\\cni\\net.d
- name: SERVICE_SUBNET
value: 10.96.0.0/12
# As of now with the currently used flannel version (last checked with v0.21.5) we need to overwrite KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT
# in order to be able to reach the kubernetes api server. Under windows it's currently not possible to reach it over the service created by kubernetes
# For more context and details check the corresponding PR: https://github.com/kubernetes-sigs/sig-windows-tools/pull/314
# Especially the comments in this review: https://github.com/kubernetes-sigs/sig-windows-tools/pull/314#discussion_r1238815189
# There is also a follow up issue on the flannel side: https://github.com/flannel-io/flannel/issues/1772
# Once this issue is solved we should be able to remove the custom host and port to the kubernetes api server
- name: KUBERNETES_SERVICE_HOST
value: control-plane.minikube.internal # KUBERNETES_SERVICE_HOST_VALUE
- name: KUBERNETES_SERVICE_PORT
value: "8443" # replace with your "KUBERNETES_SERVICE_PORT_VALUE"
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
volumes:
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
- name: flannel-windows-cfg
configMap:
name: kube-flannel-windows-cfg