v0.2.2 fixes a bug where k8s-ec2-srcdst can crash on node deletion.
This crash causes SourceDestinationCheck to remain set to true on
nodes created after this check. Such nodes cannot talk to calico
destinations in the *same* subnet.
Fixeskubernetes/kubernetes#66432
Testing Done:
1. Created a cluster without explicitly setting MTU. Verified that the calico nodes came up. The config map didn't have any mtu setting. The FELIX_IPINIPMTU env variable was not set.
2. Created a cluster by explicitly setting the MTU in the kops config. Verified that calico nodes came up. Config map had correct value for "mtu". The FELIX_IPINIPMTU env variable was set to correct value.
This commit does the following two changes:
1. Changes the default calico mtu to 8198.
2. Enables setting the mtu explicitly in the config as:
```
networking:
calico:
mtu: 2048
```
Testing done:
1. Created cluster on AWS with networking set to calico. No additional details were provided. Verified that the mtu was set to 8198. Also verified that the FELIX_IPINIPMTU environment variable was set to 8198.
2. Created a cluster explicitly setting the calico mtu to 2048. Verified that the mtu for the 'cali*' interfaces inside the pods was set to 2048. Also, verified that the FELIX_IPINIPMTU environment variable was set to 2048.
3. make test passed.
Closes#4042
The current implementation when Etcd TLS was added does not support using calico as the configuration and client certificates are not present. This PR updates the calico manifests and adds the distribution of the client certificate
Renamed the k8s-1.8 manifest to a k8s-1.7. This is required because of config
change that occurs between k8s 1.6 and k8s 1.7. This refactor will also
be re-used when Calico Kubernetes data source support is added to kops.
Updated bootstrapchannelbuilder with the new Calico version numbers.
Will Thames