rancher
/
rke1-docs
mirror of https://github.com/rancher/rke1-docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rke1-docs/docs/config-options/add-ons/network-plugins/network-plugins.md

180 lines
5.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Network Plug-ins
---
RKE provides the following network plug-ins that are deployed as add-ons:
- Flannel
- Calico
- Canal
- Weave
:::caution
After you launch the cluster, you cannot change your network provider. Therefore, choose which network provider you want to use carefully, as Kubernetes doesnt allow switching between network providers. Once a cluster is created with a network provider, changing network providers would require you tear down the entire cluster and all its applications.
:::
## Changing the Default Network Plug-in
By default, the network plug-in is `canal`. If you want to use another network plug-in, you need to specify which network plug-in to enable at the cluster level in the `cluster.yml`.
```yaml
## Setting the flannel network plug-in
network:
plugin: flannel
```
The images used for network plug-ins are under the [`system_images` directive](config-options/system-images/). For each Kubernetes version, there are default images associated with each network plug-in, but these can be overridden by changing the image tag in `system_images`.
## Disabling Deployment of a Network Plug-in
You can disable deploying a network plug-in by specifying `none` to the network `plugin` directive in the cluster configuration.
```yaml
network:
plugin: none
```
## Network Plug-in Options
Besides the different images that could be used to deploy network plug-ins, certain network plug-ins support additional options that can be used to customize the network plug-in.
- [Canal](#canal)
- [Flannel](#flannel)
- [Calico](#calico)
- [Weave](#weave)
## Canal
### Canal Network Plug-in Options
```yaml
network:
plugin: canal
options:
canal_iface: eth1
canal_flannel_backend_type: vxlan
canal_autoscaler_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
canal_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
```
### Canal Interface
By setting the `canal_iface`, you can configure the interface to use for inter-host communication.
The `canal_flannel_backend_type` option allows you to specify the type of [flannel backend](https://github.com/coreos/flannel/blob/master/Documentation/backends.md) to use. By default the `vxlan` backend is used.
### Canal Network Plug-in Tolerations
_Available as of v1.2.4_
The configured tolerations apply to the `calico-kube-controllers` Deployment.
```yaml
network:
plugin: canal
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
```
To check for applied tolerations on the `calico-kube-controllers` Deployment, use the following command:
```
kubectl -n kube-system get deploy calico-kube-controllers -o jsonpath='{.spec.template.spec.tolerations}'
```
## Flannel
### Flannel Network Plug-in Options
```yaml
network:
plugin: flannel
options:
flannel_iface: eth1
flannel_backend_type: vxlan
flannel_autoscaler_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
flannel_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
```
### Flannel Interface
By setting the `flannel_iface`, you can configure the interface to use for inter-host communication.
The `flannel_backend_type` option allows you to specify the type of [flannel backend](https://github.com/coreos/flannel/blob/master/Documentation/backends.md) to use. By default the `vxlan` backend is used.
## Calico
### Calico Network Plug-in Options
```yaml
network:
plugin: calico
options:
calico_cloud_provider: aws
calico_autoscaler_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
calico_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
```
### Calico Cloud Provider
Calico currently only supports 2 cloud providers, AWS or GCE, which can be set using `calico_cloud_provider`.
**Valid Options**
- `aws`
- `gce`
### Calico Network Plug-in Tolerations
_Available as of v1.2.4_
The configured tolerations apply to the `calico-kube-controllers` Deployment.
```yaml
network:
plugin: calico
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
```
To check for applied tolerations on the `calico-kube-controllers` Deployment, use the following command:
```
kubectl -n kube-system get deploy calico-kube-controllers -o jsonpath='{.spec.template.spec.tolerations}'
```
## Weave
### Weave Network Plug-in Options
```yaml
network:
plugin: weave
options:
weave_autoscaler_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
weave_priority_class_name: system-cluster-critical # Available as of RKE v1.2.6+
weave_network_provider:
password: "Q]SZOQ5wp@n$oijz"
```
### Weave Encryption
Weave encryption can be enabled by passing a string password to the network provider config.
## Custom Network Plug-ins
It is possible to add a custom network plug-in by using the [user-defined add-on functionality](config-options/add-ons/user-defined-add-ons/) of RKE. In the `addons` field, you can add the add-on manifest of a cluster that has the network plugin-that you want, as shown in [this example.](config-options/add-ons/network-plugins/custom-network-plugin-example)
Reference in New Issue View Git Blame Copy Permalink