Allow user defined endpoint to host action for Canal

2017-08-25 17:49:41 +01:00 · 2017-08-25 17:49:41 +01:00 · d9e4a62994
parent cc6fb51f91
commit d9e4a62994
7 changed files with 21 additions and 5 deletions
--- a/pkg/apis/kops/networking.go
+++ b/pkg/apis/kops/networking.go
@ -67,8 +67,12 @@ type CalicoNetworkingSpec struct {
 	CrossSubnet bool `json:"crossSubnet,omitempty"` // Enables Calico's cross-subnet mode when set to true
 }
-// Canal declares that we want Canal networking
+// CanalNetworkingSpec declares that we want Canal networking
 type CanalNetworkingSpec struct {
 	// DefaultEndpointToHostAction allows users to configure the default behaviour
 	// for traffic between pod to host after calico rules have been processed.
 	// Default: ACCEPT (other options: DROP, RETURN)
 	DefaultEndpointToHostAction string `json:"defaultEndpointToHostAction,omitempty"`
 }
 // Kuberouter declares that we want Kube-router networking
--- a/pkg/apis/kops/v1alpha1/networking.go
+++ b/pkg/apis/kops/v1alpha1/networking.go
@ -67,8 +67,12 @@ type CalicoNetworkingSpec struct {
 	CrossSubnet bool `json:"crossSubnet,omitempty"` // Enables Calico's cross-subnet mode when set to true
 }
-// Canal declares that we want Canal networking
+// CanalNetworkingSpec declares that we want Canal networking
 type CanalNetworkingSpec struct {
 	// DefaultEndpointToHostAction allows users to configure the default behaviour
 	// for traffic between pod to host after calico rules have been processed.
 	// Default: ACCEPT (other options: DROP, RETURN)
 	DefaultEndpointToHostAction string `json:"defaultEndpointToHostAction,omitempty"`
 }
 // Kuberouter declares that we want Canal networking
--- a/pkg/apis/kops/v1alpha1/zz_generated.conversion.go
+++ b/pkg/apis/kops/v1alpha1/zz_generated.conversion.go
@ -361,6 +361,7 @@ func Convert_kops_CalicoNetworkingSpec_To_v1alpha1_CalicoNetworkingSpec(in *kops
 }
 func autoConvert_v1alpha1_CanalNetworkingSpec_To_kops_CanalNetworkingSpec(in *CanalNetworkingSpec, out *kops.CanalNetworkingSpec, s conversion.Scope) error {
 	out.DefaultEndpointToHostAction = in.DefaultEndpointToHostAction
 	return nil
 }
@ -370,6 +371,7 @@ func Convert_v1alpha1_CanalNetworkingSpec_To_kops_CanalNetworkingSpec(in *CanalN
 }
 func autoConvert_kops_CanalNetworkingSpec_To_v1alpha1_CanalNetworkingSpec(in *kops.CanalNetworkingSpec, out *CanalNetworkingSpec, s conversion.Scope) error {
 	out.DefaultEndpointToHostAction = in.DefaultEndpointToHostAction
 	return nil
 }
--- a/pkg/apis/kops/v1alpha2/networking.go
+++ b/pkg/apis/kops/v1alpha2/networking.go
@ -67,8 +67,12 @@ type CalicoNetworkingSpec struct {
 	CrossSubnet bool `json:"crossSubnet,omitempty"` // Enables Calico's cross-subnet mode when set to true
 }
-// Canal declares that we want Canal networking
+// CanalNetworkingSpec declares that we want Canal networking
 type CanalNetworkingSpec struct {
 	// DefaultEndpointToHostAction allows users to configure the default behaviour
 	// for traffic between pod to host after calico rules have been processed.
 	// Default: ACCEPT (other options: DROP, RETURN)
 	DefaultEndpointToHostAction string `json:"defaultEndpointToHostAction,omitempty"`
 }
 // Kuberouter declares that we want Canal networking
--- a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
+++ b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
@ -389,6 +389,7 @@ func Convert_kops_CalicoNetworkingSpec_To_v1alpha2_CalicoNetworkingSpec(in *kops
 }
 func autoConvert_v1alpha2_CanalNetworkingSpec_To_kops_CanalNetworkingSpec(in *CanalNetworkingSpec, out *kops.CanalNetworkingSpec, s conversion.Scope) error {
 	out.DefaultEndpointToHostAction = in.DefaultEndpointToHostAction
 	return nil
 }
@ -398,6 +399,7 @@ func Convert_v1alpha2_CanalNetworkingSpec_To_kops_CanalNetworkingSpec(in *CanalN
 }
 func autoConvert_kops_CanalNetworkingSpec_To_v1alpha2_CanalNetworkingSpec(in *kops.CanalNetworkingSpec, out *CanalNetworkingSpec, s conversion.Scope) error {
 	out.DefaultEndpointToHostAction = in.DefaultEndpointToHostAction
 	return nil
 }
--- a/upup/models/cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.6.yaml.template
+++ b/upup/models/cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.6.yaml.template
@ -119,7 +119,7 @@ spec:
                  fieldPath: spec.nodeName
            # Set Felix endpoint to host default action to ACCEPT.
            - name: FELIX_DEFAULTENDPOINTTOHOSTACTION
-              value: "ACCEPT"
+              value: "{{- or .Networking.Canal.DefaultEndpointToHostAction "ACCEPT" }}"
          securityContext:
            privileged: true
          resources:
--- a/upup/models/cloudup/resources/addons/networking.projectcalico.org.canal/pre-k8s-1.6.yaml.template
+++ b/upup/models/cloudup/resources/addons/networking.projectcalico.org.canal/pre-k8s-1.6.yaml.template
@ -111,7 +111,7 @@ spec:
                  fieldPath: spec.nodeName
            # Set Felix endpoint to host default action to ACCEPT.
            - name: FELIX_DEFAULTENDPOINTTOHOSTACTION
-              value: "ACCEPT"
+              value: "{{- or .Networking.Canal.DefaultEndpointToHostAction "ACCEPT" }}"
          securityContext:
            privileged: true
          resources: