github.com/jlmeeker/kismatic@v1.10.1-0.20180612190640-57f9005a1f1a/docs/design-decisions/pluggable-cni.md

github.com/jlmeeker/kismatic@v1.10.1-0.20180612190640-57f9005a1f1a/docs/design-decisions/pluggable-cni.md (about)

     1  # Pluggable CNI
     2  
     3  To support a larger set of environments and networks KET needs to support different CNI solutions.
     4  
     5  Currently only Calico is supported. All clusters setup with KET with <`v1.4.x` used Calico as its CNI add-on, users were not given an option.
     6  
     7  # Motivation 
     8  
     9  Initial support for 2 additional CNI plugins will be added to KET.
    10  
    11  [Weave Net](https://github.com/weaveworks/weave): 
    12  * adds support for the [Microsoft Azure](https://azure.microsoft.com/) 
    13  * multicast 
    14  [Contiv](https://github.com/contiv)
    15  * adds support for Cisco ACI 
    16  
    17  # Specification
    18  A new `add_ons.cni` section will be added
    19  ```
    20  add_ons:
    21    cni:
    22      disabled: false
    23      provider: calico    #Options: calico, weave, contiv, custom
    24      options: #TBD
    25    heapster:
    26      disable: false
    27      options:
    28        heapster_replicas: 2
    29        influxdb_pvc_name: ""            
    30    package_manager:
    31      disable: false
    32      provider: helm                       
    33  ```
    34  
    35  The `disabled:` field is valid, a user can choose not to install a CNI plugin.
    36  When `disabled:` is `true` the CNI flags will not be set in the Kubernetes components and all pod validation for the other add-ons and the smoketest will be skipped. 
    37  The CNI binaries and conf files will not be configured on the cluster.
    38  
    39  When `provider: custom` is set, the CNI flags will be set in the Kubernetes components, however all pod validation for the other add-ons and the smoketest will be skipped.
    40  The CNI binaries will be configured on the cluster as that is a common component for all CNI plugins. The conf file(if there is one) will needs to be placed by the user.
    41  
    42  * Kubelet flags:
    43  ```
    44    --cni-bin-dir=/opt/cni/bin \                      # Do not set when cni.disabled == true
    45    --cni-conf-dir={{ network_plugin_dir }} \         # Do not set when cni.disabled == true
    46    --network-plugin=cni \                            # Do not set when cni.disabled == true
    47    --network-plugin-dir=${NETWORK_PLUGIN_DIR} \      # REMOVE, flag is no longer used
    48  ```
    49  
    50  ## Other Considerations
    51  * A mechanism to install required [CNI binaries](https://github.com/containernetworking/cni) is required for certain network solutions. 
    52  This can be a docker container that contains the required binaries, contains a shared volume on the host machine and copies them on the machine. (similar to Calico's approach)
    53  Or a new package containing the CNI binaries(similar to kubeadm `kubernetes-cni` package)
    54  
    55  ## Plan File Changes
    56  `cluster.networking.type` will be moved to `add_ons.cni.options.calico_mode`, KET will need to support the old flag and print a deprecation warning until a future release. 
    57  
    58  # Upgrades
    59  Some tests will be added using Weave, however we will rely on the CNI spec to provide parity between the different providers:
    60  * "skunkworks" cluster
    61  * minikube with the different supported OS
    62  * upgrades in the future releases 
    63  
    64  **Switching between CNI providers during upgrades will not be supported at this time.**