kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9425 from olemarkus/cilium-default-nodeport 

Enable nodeport by default
This commit is contained in:
Kubernetes Prow Robot 2020-06-29 13:25:59 -07:00 committed by GitHub
parent 41e9e70b19 d529afe637
commit 8c34eaf76f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
cmd/kops/create_cluster.go
View File

@ -29,6 +29,7 @@ import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/blang/semver"
"github.com/spf13/cobra"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/resource"
@ -40,6 +41,7 @@ import (
api "k8s.io/kops/pkg/apis/kops"
"k8s.io/kops/pkg/apis/kops/model"
"k8s.io/kops/pkg/apis/kops/registry"
version "k8s.io/kops/pkg/apis/kops/util"
"k8s.io/kops/pkg/apis/kops/validation"
"k8s.io/kops/pkg/assets"
"k8s.io/kops/pkg/commands"
@ -1019,7 +1021,27 @@ func RunCreateCluster(ctx context.Context, f *util.Factory, out io.Writer, c *Cr
case "amazonvpc", "amazon-vpc-routed-eni":
cluster.Spec.Networking.AmazonVPC = &api.AmazonVPCNetworkingSpec{}
case "cilium":
cluster.Spec.Networking.Cilium = &api.CiliumNetworkingSpec{}
cilium := &api.CiliumNetworkingSpec{}
cluster.Spec.Networking.Cilium = cilium
nodeport := false
if c.KubernetesVersion == "" {
nodeport = true
} else {
k8sVersion, err := semver.ParseTolerant(c.KubernetesVersion)
if err == nil {
if version.IsKubernetesGTE("1.12", k8sVersion) {
nodeport = true
}
}
}
if nodeport {
cilium.EnableNodePort = true
if cluster.Spec.KubeProxy == nil {
cluster.Spec.KubeProxy = &api.KubeProxyConfig{}
}
enabled := false
cluster.Spec.KubeProxy.Enabled = &enabled
}
case "lyftvpc":
cluster.Spec.Networking.LyftVPC = &api.LyftVPCNetworkingSpec{}
case "gce":

2
docs/networking/cilium.md
View File

@ -64,7 +64,7 @@ Then enable etcd as kvstore:
### Enabling BPF NodePort
As of Kops 1.18 you can safely enable Cilium NodePort.
As of kops 1.19, BPF NodePort is enabled by default for new clusters if the kubernetes version is 1.12 or newer. It can be safely enabled as of kops 1.18.
In this mode, the cluster is fully functional without kube-proxy, with Cilium replacing kube-proxy's NodePort implementation using BPF.
Read more about this in the [Cilium docs](https://docs.cilium.io/en/stable/gettingstarted/nodeport/)

2
docs/releases/1.19-NOTES.md
View File

@ -10,6 +10,8 @@
* Alpha support for Hashicorp Vault as store for secrets and keys. See the [Vault state store docs](/state/#vault-vault).
* New clusters running Cilium will have enabled BPF NodePort by default if kubernetes version is 1.12 or newer.
# Breaking changes
* Support for Kubernetes 1.9 and 1.10 has been removed.