github.com/imran-kn/cilium-fork@v1.6.9/Documentation/gettingstarted/cni-chaining-calico.rst

github.com/imran-kn/cilium-fork@v1.6.9/Documentation/gettingstarted/cni-chaining-calico.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      http://docs.cilium.io
     6  
     7  ******
     8  Calico
     9  ******
    10  
    11  This guide instructs how to install Cilium in chaining configuration on top of
    12  `Calico <https://github.com/projectcalico/calico>`_.
    13  
    14  Create a CNI configuration
    15  ==========================
    16  
    17  Create a ``chaining.yaml`` file based on the following template to specify the
    18  desired CNI chaining configuration:
    19  
    20  
    21  .. code:: yaml
    22  
    23      apiVersion: v1
    24      kind: ConfigMap
    25      metadata:
    26        name: cni-configuration
    27        namespace: kube-system
    28      data:
    29        cni-config: |-
    30          {
    31            "name": "generic-veth",
    32            "cniVersion": "0.3.1",
    33            "plugins": [
    34              {
    35                "type": "calico",
    36                "log_level": "info",
    37                "datastore_type": "kubernetes",
    38                "mtu": 1440,
    39                "ipam": {
    40                    "type": "calico-ipam"
    41                },
    42                "policy": {
    43                    "type": "k8s"
    44                },
    45                "kubernetes": {
    46                    "kubeconfig": "/etc/cni/net.d/calico-kubeconfig"
    47                }
    48              },
    49              {
    50                "type": "portmap",
    51                "snat": true,
    52                "capabilities": {"portMappings": true}
    53              },
    54              {
    55                "type": "cilium-cni"
    56              }
    57            ]
    58          }
    59  
    60  Deploy the `ConfigMap`:
    61  
    62  .. code:: bash
    63  
    64     kubectl apply -f chaining.yaml
    65  
    66  Deploy Cilium with the portmap plugin enabled
    67  =============================================
    68  
    69  .. include:: k8s-install-download-release.rst
    70  
    71  Generate the required YAML file and deploy it:
    72  
    73  .. code:: bash
    74  
    75      helm template cilium \
    76        --namespace=kube-system \
    77        --set global.cni.chainingMode=generic-veth \
    78        --set global.cni.customConf=true \
    79        --set global.cni.configMap=cni-configuration \
    80        --set global.tunnel=disabled \
    81        --set global.masquerade=false \
    82        > cilium.yaml
    83      kubectl create -f cilium.yaml
    84  
    85  .. note::
    86  
    87     The new CNI chaining configuration will *not* apply to any pod that is
    88     already running the cluster. Existing pods will be reachable and Cilium will
    89     load-balance to them but policy enforcement will not apply to them and
    90     load-balancing is not performed for traffic originating from existing pods.
    91  
    92     You must restart these pods in order to invoke the chaining configuration on
    93     them.
    94  
    95  .. include:: k8s-install-validate.rst