# This ConfigMap is used in the creation of a new Calico IP Pool.
kind: ConfigMap
apiVersion: v1
metadata:
  name: calico-config-ippool
  namespace: kube-system
data:
  # The default IP Pool to be created for the cluster.
  # Pod IP addresses will be assigned from this pool.
  ippool.yaml: |
      apiVersion: v1
      kind: ipPool
      metadata:
        cidr: {{POD_CIDR}}
      spec:
        ipip:
          enabled: true
          mode: cross-subnet
        nat-outgoing: true
---
## This manifest deploys a Job which adds a new ippool to calico
apiVersion: batch/v1
kind: Job
metadata:
  name: configure-calico-ippool
  namespace: kube-system
  labels:
    k8s-app: calico
    role.kubernetes.io/networking: "1"
spec:
  template:
    metadata:
      name: configure-calico-ippool
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
    spec:
      hostNetwork: true
      serviceAccountName: calico
      tolerations:
      - key: node-role.kubernetes.io/master
        effect: NoSchedule
      - key: CriticalAddonsOnly
        operator: Exists
      restartPolicy: OnFailure
      containers:
        - name: configure-calico
          image: calico/ctl:v1.2.1
          args:
          - apply
          - -f
          - /etc/config/calico/ippool.yaml
          volumeMounts:
            - name: config-volume
              mountPath: /etc/config
          env:
            # The location of the etcd cluster.
            - name: ETCD_ENDPOINTS
              valueFrom:
                configMapKeyRef:
                  name: calico-config
                  key: etcd_endpoints
      volumes:
       - name: config-volume
         configMap:
           name: calico-config-ippool
           items:
            - key: ippool.yaml
              path: calico/ippool.yaml

---
## This manifest deploys a Job which deletes the old ippool from calico
apiVersion: batch/v1
kind: Job
metadata:
  name: configure-calico-ippool-remove
  namespace: kube-system
  labels:
    k8s-app: calico
    role.kubernetes.io/networking: "1"
spec:
  template:
    metadata:
      name: configure-calico-ippool-remove
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
    spec:
      hostNetwork: true
      serviceAccountName: calico
      tolerations:
      - key: node-role.kubernetes.io/master
        effect: NoSchedule
      - key: CriticalAddonsOnly
        operator: Exists
      restartPolicy: OnFailure
      containers:
        - name: configure-calico
          image: calico/ctl:v1.2.1
          args:
          - delete
          - ipPool
          - {{NON_MASQUERADE_CIDR}}
          env:
            # The location of the etcd cluster.
            - name: ETCD_ENDPOINTS
              valueFrom:
                configMapKeyRef:
                  name: calico-config
                  key: etcd_endpoints