Update Calico to v3.1.3
PROD-21420
Change-Id: I55fc09ec8bf8357075d3fb020db804d57065c687
diff --git a/README.rst b/README.rst
index 22df406..5eab3ee 100644
--- a/README.rst
+++ b/README.rst
@@ -22,7 +22,7 @@
Sample Pillars
==============
-**REQUIRED:** Define image to use for hyperkube, CNIs and calicoctl image
+**REQUIRED:** Define images to use for hyperkube and Calico
.. code-block:: yaml
@@ -36,6 +36,9 @@
calico:
calicoctl_image: calico/ctl
cni_image: calico/cni
+ image: calico/node
+ kube_controllers_image: calico/kube-controllers
+
Enable helm-tiller addon
@@ -48,16 +51,17 @@
helm:
enabled: true
-Enable calico-policy addon
+Enable calico-policy
.. code-block:: yaml
parameters:
kubernetes:
- common:
- addons:
- calico_policy:
- enabled: true
+ pool:
+ network:
+ calico:
+ policy:
+ enabled: true
Enable virtlet addon
@@ -604,7 +608,7 @@
ssl:
enabled: true
-Running with calico-policy controller:
+Running with calico-policy:
.. code-block:: yaml
@@ -613,16 +617,14 @@
network:
calico:
enabled: true
- addons:
- calico_policy:
+ policy:
enabled: true
master:
network:
calico:
enabled: true
- addons:
- calico_policy:
+ policy:
enabled: true
diff --git a/kubernetes/files/calico/calico-node.service.master b/kubernetes/files/calico/calico-node.service.master
index e79fc65..7cf05b7 100644
--- a/kubernetes/files/calico/calico-node.service.master
+++ b/kubernetes/files/calico/calico-node.service.master
@@ -15,8 +15,10 @@
-e CALICO_NETWORKING_BACKEND="{{ master.network.calico.network_backend }}"
{%- endif %}
-e AS={{ master.network.calico.get('as', '64512') }} \
- -e NO_DEFAULT_MASTERS={{ master.network.calico.get('no_default_masters') }} \
- -e CALICO_LIBNETWORK_ENABLED={{ master.network.calico.get('libnetwork_enabled', true ) }} \
+ -e NO_DEFAULT_POOLS={{ master.network.calico.get('no_default_pools', false ) }} \
+ -e CALICO_STARTUP_LOGLEVEL={{ master.network.calico.get('log_level', 'INFO') }} \
+ -e CLUSTER_TYPE='k8s,bgp' \
+ -e CALICO_LIBNETWORK_ENABLED={{ master.network.calico.get('libnetwork_enabled', false ) }} \
-e ETCD_ENDPOINTS={% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \
{%- if master.network.calico.etcd.get('ssl', {}).get('enabled') %}
-e ETCD_CA_CERT_FILE=/var/lib/etcd/ca.pem \
@@ -26,7 +28,8 @@
{%- endif %}
{%- if master.network.calico.get('prometheus', {}).get('enabled') %}
-e FELIX_PROMETHEUSMETRICSENABLED=true \
- -p {{ pool.network.calico.prometheus.get('address', '0.0.0.0') }}:{{ master.network.calico.get('prometheus', {}).get('port', 9091) }}:9091 \
+ -e FELIX_PROMETHEUSMETRICSPORT={{ master.network.calico.prometheus.get('port', 9091) }} \
+ -p {{ master.network.calico.prometheus.get('address', '0.0.0.0') }}:{{ master.network.calico.get('prometheus', {}).get('port', 9091) }}:9091 \
{%- endif %}
-v /var/log/calico:/var/log/calico \
-v /var/lib/calico:/var/lib/calico \
@@ -38,12 +41,12 @@
-v {{ volume }} \
{%- endfor %}
{%- endif %}
- {{ master.network.calico.get('image', 'calico/node') }}
+ {{ master.network.calico.image }}
Restart=always
RestartSec=10s
-ExecStop=-/usr/bin/docker stop calico-node
+ExecStop=-/usr/bin/docker rm -f calico-node
[Install]
WantedBy=multi-user.target
diff --git a/kubernetes/files/calico/calico-node.service.pool b/kubernetes/files/calico/calico-node.service.pool
index 0797fa3..7b76921 100644
--- a/kubernetes/files/calico/calico-node.service.pool
+++ b/kubernetes/files/calico/calico-node.service.pool
@@ -12,11 +12,13 @@
-e IP={{ pool.address }} \
-e IP6={{ pool.get('ipv6_address', '') }} \
{%- if pool.network.calico.network_backend is defined %}
- -e CALICO_NETWORKING_BACKEND="{{ pool.network.calico.network_backend }}"
+ -e CALICO_NETWORKING_BACKEND="{{ pool.network.calico.network_backend }}" \
{%- endif %}
-e AS={{ pool.network.calico.get('as', '64512') }} \
- -e NO_DEFAULT_POOLS={{ pool.network.calico.get('no_default_pools') }} \
- -e CALICO_LIBNETWORK_ENABLED={{ pool.network.calico.get('libnetwork_enabled', true ) }} \
+ -e NO_DEFAULT_POOLS={{ pool.network.calico.get('no_default_pools', false ) }} \
+ -e CALICO_STARTUP_LOGLEVEL={{ pool.network.calico.get('log_level', 'INFO') }} \
+ -e CLUSTER_TYPE='k8s,bgp' \
+ -e CALICO_LIBNETWORK_ENABLED={{ pool.network.calico.get('libnetwork_enabled', false ) }} \
-e ETCD_ENDPOINTS={% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \
{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
-e ETCD_CA_CERT_FILE=/var/lib/etcd/ca.pem \
@@ -39,12 +41,12 @@
-v {{ volume }} \
{%- endfor %}
{%- endif %}
- {{ pool.network.calico.get('image', 'calico/node') }}
+ {{ pool.network.calico.image }}
Restart=always
RestartSec=10s
-ExecStop=-/usr/bin/docker stop calico-node
+ExecStop=-/usr/bin/docker rm -f calico-node
[Install]
WantedBy=multi-user.target
diff --git a/kubernetes/files/calico/calico.conf b/kubernetes/files/calico/calico.conf
index 0a231aa..208b6f6 100644
--- a/kubernetes/files/calico/calico.conf
+++ b/kubernetes/files/calico/calico.conf
@@ -3,11 +3,7 @@
{
"nodeName": "{{ pool.host.name }}{% if pool.host.get('domain') %}.{{ pool.host.domain }}{%- endif %}",
"name": "calico-k8s-network",
- {%- if pool.network.get('genie', {}).get('enabled', False) %}
"cniVersion": "0.3.0",
- {%- else %}
- "cniVersion": "0.2.0",
- {%- endif %}
"type": "calico",
"etcd_endpoints": "{% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}",
{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
@@ -15,7 +11,7 @@
"etcd_cert_file": "/var/lib/etcd/etcd-client.pem",
"etcd_ca_cert_file": "/var/lib/etcd/ca.pem",
{%- endif %}
-{%- if common.get('addons', {}).get('calico_policy', {}).get('enabled', False) %}
+{%- if pool.network.calico.get('policy', {}).get('enabled', False) %}
"policy": {
"type": "k8s"
},
@@ -23,7 +19,7 @@
{%- if pool.network.calico.get('mtu') %}
"mtu": {{ pool.network.calico.mtu }},
{%- endif %}
- "log_level": "info",
+ "log_level": pool.network.calico.get('log_level', 'INFO'),
"ipam": {
"type": "calico-ipam"
},
diff --git a/kubernetes/files/calico/calicoctl.cfg.master b/kubernetes/files/calico/calicoctl.cfg.master
index c0fd0ad..39e40d2 100644
--- a/kubernetes/files/calico/calicoctl.cfg.master
+++ b/kubernetes/files/calico/calicoctl.cfg.master
@@ -1,9 +1,9 @@
{%- from "kubernetes/map.jinja" import master with context %}
-apiVersion: v1
-kind: calicoApiConfig
+apiVersion: projectcalico.org/v3
+kind: CalicoAPIConfig
metadata:
spec:
- datastoreType: "etcdv2"
+ datastoreType: "etcdv3"
etcdEndpoints: {% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
{%- if master.network.calico.etcd.get('ssl', {}).get('enabled') %}
etcdKeyFile: /var/lib/etcd/etcd-client.pem
diff --git a/kubernetes/files/calico/calicoctl.cfg.pool b/kubernetes/files/calico/calicoctl.cfg.pool
index 1d5f9f8..b31ba68 100644
--- a/kubernetes/files/calico/calicoctl.cfg.pool
+++ b/kubernetes/files/calico/calicoctl.cfg.pool
@@ -1,9 +1,9 @@
{%- from "kubernetes/map.jinja" import pool with context %}
-apiVersion: v1
-kind: calicoApiConfig
+apiVersion: projectcalico.org/v3
+kind: CalicoAPIConfig
metadata:
spec:
- datastoreType: "etcdv2"
+ datastoreType: "etcdv3"
etcdEndpoints: {% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
etcdKeyFile: /var/lib/etcd/etcd-client.pem
diff --git a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
deleted file mode 100644
index 52d1b26..0000000
--- a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
+++ /dev/null
@@ -1,147 +0,0 @@
-{%- from "kubernetes/map.jinja" import common with context -%}
-{%- from "kubernetes/map.jinja" import master with context -%}
-# This manifest deploys the Calico Kubernetes controllers.
-# See https://github.com/projectcalico/kube-controllers
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: calico-kube-controllers
- namespace: {{ common.addons.calico_policy.namespace }}
- labels:
- k8s-app: calico-kube-controllers
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- # The controllers can only have a single active instance.
- replicas: 1
- selector:
- matchLabels:
- k8s-app: calico-kube-controllers
- strategy:
- type: Recreate
- template:
- metadata:
- name: calico-kube-controllers
- namespace: {{ common.addons.calico_policy.namespace }}
- labels:
- k8s-app: calico-kube-controllers
- annotations:
- # Mark this pod as a critical add-on; when enabled, the critical add-on scheduler
- # reserves resources for critical add-on pods so that they can be rescheduled after
- # a failure. This annotation works in tandem with the toleration below.
- # Note. Rescheduler is deprecated in k8s v1.10 and is to be removed in k8s v1.11.
- scheduler.alpha.kubernetes.io/critical-pod: ''
-{%- if common.addons.calico_policy.cni is defined %}
- cni: {{ common.addons.calico_policy.cni }}
-{%- endif %}
- spec:
- # The controllers must run in the host network namespace so that
- # it isn't governed by policy that would prevent it from working.
- hostNetwork: true
- tolerations:
- # this taint is set by all kubelets running `--cloud-provider=external`
- # so we should tolerate it to schedule the calico pods
- - key: node.cloudprovider.kubernetes.io/uninitialized
- value: "true"
- effect: NoSchedule
- - key: node-role.kubernetes.io/master
- effect: NoSchedule
- # Allow this pod to be rescheduled while the node is in "critical add-ons only" mode.
- # This, along with the annotation above marks this pod as a critical add-on.
- # Note. Rescheduler is deprecated in k8s v1.10 and is to be removed in k8s v1.11.
- - key: CriticalAddonsOnly
- operator: Exists
- serviceAccountName: calico-kube-controllers
- containers:
- - name: calico-kube-controllers
- image: {{ common.addons.calico_policy.image }}
- imagePullPolicy: IfNotPresent
- resources:
- limits:
- cpu: 100m
- memory: 256M
- requests:
- cpu: 30m
- memory: 64M
- env:
- # The list of etcd nodes in the cluster.
- - name: ETCD_ENDPOINTS
- value: "{% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}"
- # CA certificate, client certificate, client key files for accessing the etcd cluster.
- - name: ETCD_CA_CERT_FILE
- value: "/var/lib/etcd/ca.pem"
- - name: ETCD_CERT_FILE
- value: "/var/lib/etcd/etcd-client.pem"
- - name: ETCD_KEY_FILE
- value: "/var/lib/etcd/etcd-client.pem"
- # Which controllers to run.
- - name: ENABLED_CONTROLLERS
- value: "policy,profile,workloadendpoint,node"
- # Minimum log level to be displayed.
- - name: LOG_LEVEL
- value: "info"
- # Period to perform reconciliation with the Calico datastore. Default is 5m.
- - name: RECONCILER_PERIOD
- value: "1m"
- volumeMounts:
- - mountPath: /var/lib/etcd/
- name: etcd-certs
- readOnly: true
- volumes:
- - hostPath:
- path: /var/lib/etcd
- name: etcd-certs
-
----
-
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
- name: calico-kube-controllers
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: calico-kube-controllers
-subjects:
-- kind: ServiceAccount
- name: calico-kube-controllers
- namespace: {{ common.addons.calico_policy.namespace }}
-
----
-
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: calico-kube-controllers
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-rules:
- - apiGroups:
- - ""
- - extensions
- resources:
- - pods
- - namespaces
- - networkpolicies
- - nodes
- verbs:
- - watch
- - list
- - apiGroups:
- - networking.k8s.io
- resources:
- - networkpolicies
- verbs:
- - watch
- - list
-
----
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: calico-kube-controllers
- namespace: {{ common.addons.calico_policy.namespace }}
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
diff --git a/kubernetes/files/kube-addons/calico/calico-kube-controllers.yml b/kubernetes/files/kube-addons/calico/calico-kube-controllers.yml
new file mode 100644
index 0000000..cf90c9e
--- /dev/null
+++ b/kubernetes/files/kube-addons/calico/calico-kube-controllers.yml
@@ -0,0 +1,90 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+# Calico Version v3.1.3
+# https://docs.projectcalico.org/v3.1/releases#v3.1.3
+# This manifest includes the following component versions:
+# calico/kube-controllers:v3.1.3
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: calico-kube-controllers
+ namespace: kube-system
+ labels:
+ k8s-app: calico-kube-controllers
+ addonmanager.kubernetes.io/mode: Reconcile
+spec:
+ # Only a single instance of the this pod should be
+ # active at a time. Since this pod is run as a Deployment,
+ # Kubernetes will ensure the pod is recreated in case of failure,
+ # removing the need for passive backups.
+ replicas: 1
+ strategy:
+ type: Recreate
+ selector:
+ matchLabels:
+ k8s-app: calico-kube-controllers
+ template:
+ metadata:
+ name: calico-kube-controllers
+ namespace: kube-system
+ labels:
+ k8s-app: calico-kube-controllers
+ spec:
+ # The controllers must run in the host network namespace so that
+ # it isn't governed by policy that would prevent it from working.
+ hostNetwork: true
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+ serviceAccountName: calico-kube-controllers
+ containers:
+ - name: calico-kube-controllers
+ # Make sure to pin this to your desired version.
+ image: {{ master.network.calico.kube_controllers_image }}
+ imagePullPolicy: IfNotPresent
+ resources:
+ limits:
+ cpu: 100m
+ memory: 256M
+ requests:
+ cpu: 30m
+ memory: 64M
+ env:
+ # The list of etcd nodes in the cluster.
+ - name: ETCD_ENDPOINTS
+ value: "{% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}"
+{%- if master.network.calico.etcd.get('ssl', {}).get('enabled') %}
+ # CA certificate, client certificate, client key files for accessing the etcd cluster.
+ - name: ETCD_CA_CERT_FILE
+ value: "/var/lib/etcd/ca.pem"
+ - name: ETCD_CERT_FILE
+ value: "/var/lib/etcd/etcd-client.pem"
+ - name: ETCD_KEY_FILE
+ value: "/var/lib/etcd/etcd-client.pem"
+{%- endif %}
+ # Which controllers to run.
+ - name: ENABLED_CONTROLLERS
+ value: "policy,profile,workloadendpoint,node"
+ # Minimum log level to be displayed.
+ - name: LOG_LEVEL
+ value: "info"
+ # Period to perform reconciliation with the Calico datastore. Default is 5m.
+ - name: RECONCILER_PERIOD
+ value: "1m"
+ volumeMounts:
+ - mountPath: /var/lib/etcd/
+ name: etcd-certs
+ readOnly: true
+ volumes:
+ - hostPath:
+ path: /var/lib/etcd
+ name: etcd-certs
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: calico-kube-controllers
+ namespace: kube-system
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
diff --git a/kubernetes/files/kube-addons/calico/calico-rbac.yml b/kubernetes/files/kube-addons/calico/calico-rbac.yml
new file mode 100644
index 0000000..ea3de58
--- /dev/null
+++ b/kubernetes/files/kube-addons/calico/calico-rbac.yml
@@ -0,0 +1,78 @@
+# Calico Version v3.1.3
+# https://docs.projectcalico.org/v3.1/releases#v3.1.3
+
+---
+
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: calico-kube-controllers
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+rules:
+ - apiGroups:
+ - ""
+ - extensions
+ resources:
+ - pods
+ - namespaces
+ - networkpolicies
+ - nodes
+ verbs:
+ - watch
+ - list
+ - apiGroups:
+ - networking.k8s.io
+ resources:
+ - networkpolicies
+ verbs:
+ - watch
+ - list
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: calico-kube-controllers
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: calico-kube-controllers
+subjects:
+- kind: ServiceAccount
+ name: calico-kube-controllers
+ namespace: kube-system
+
+---
+
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: calico-node
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+rules:
+ - apiGroups: [""]
+ resources:
+ - pods
+ - nodes
+ verbs:
+ - get
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: calico-node
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: calico-node
+subjects:
+- kind: ServiceAccount
+ name: calico-node
+ namespace: kube-system
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index 86a6c4f..4916a3f 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -77,10 +77,18 @@
{% endif %}
-{%- if common.addons.get('calico_policy', {}).get('enabled', False) and master.network.get('calico', {}).get('enabled', False) %}
-/etc/kubernetes/addons/calico_policy/calico-policy-controller.yml:
+{%- if master.network.get('calico', {}).get('enabled', False) %}
+/etc/kubernetes/addons/calico/calico-kube-controllers.yml:
file.managed:
- - source: salt://kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
+ - source: salt://kubernetes/files/kube-addons/calico/calico-kube-controllers.yml
+ - template: jinja
+ - group: root
+ - dir_mode: 755
+ - makedirs: True
+
+/etc/kubernetes/addons/calico/calico-rbac.yml:
+ file.managed:
+ - source: salt://kubernetes/files/kube-addons/calico/calico-rbac.yml
- template: jinja
- group: root
- dir_mode: 755
diff --git a/kubernetes/pool/calico.sls b/kubernetes/pool/calico.sls
index ef47e2a..30f4956 100644
--- a/kubernetes/pool/calico.sls
+++ b/kubernetes/pool/calico.sls
@@ -29,7 +29,7 @@
copy-calico-node:
cmd.run:
- - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.calico.get('image', 'calico/node') }} -v /bin/birdcl /tmp/calico/
+ - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.calico.image }} -v /bin/birdcl /tmp/calico/
- require:
- file: /tmp/calico/
{%- if grains.get('noservices') %}
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index 0fa49df..4d692b4 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -33,10 +33,6 @@
port: 80
agent_image: mirantis/k8s-netchecker-agent:stable
server_image: mirantis/k8s-netchecker-server:stable
- calico_policy:
- enabled: False
- image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/kube-controllers:v1.0.4
- namespace: kube-system
contrail_network_controller:
enabled: False
namespace: kube-system
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index 223b4f0..f00bd2b 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -51,10 +51,6 @@
helm:
enabled: False
tiller_image: gcr.io/kubernetes-helm/tiller:v2.4.2
- calico_policy:
- enabled: False
- image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/kube-controllers:v1.0.4
- namespace: kube-system
contrail_network_controller:
enabled: False
namespace: kube-system
diff --git a/tests/pillar/common_storageclass.sls b/tests/pillar/common_storageclass.sls
index 11bae00..5cb7e30 100644
--- a/tests/pillar/common_storageclass.sls
+++ b/tests/pillar/common_storageclass.sls
@@ -19,6 +19,8 @@
enabled: true
calicoctl_image: calico/ctl
cni_image: calico/cni
+ image: calico/node
+ kube_controllers_image: calico/kube-controllers
etcd:
members:
- host: 127.0.0.1
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index 1093758..a61ce7e 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -30,10 +30,6 @@
server_image: image
agent_image: image
agent_probeurls: "http://ipinfo.io"
- calico_policy:
- enabled: true
- namespace: kube-system
- image: image
virtlet:
enabled: true
namespace: kube-system
@@ -69,6 +65,8 @@
enabled: true
calicoctl_image: calico/ctl
cni_image: calico/cni
+ image: calico/node
+ kube_controllers_image: calico/kube-controllers
etcd:
members:
- host: 127.0.0.1
diff --git a/tests/pillar/master_contrail.sls b/tests/pillar/master_contrail.sls
index 8affa7d..d506d2f 100644
--- a/tests/pillar/master_contrail.sls
+++ b/tests/pillar/master_contrail.sls
@@ -30,10 +30,6 @@
server_image: image
agent_image: image
agent_probeurls: "http://ipinfo.io"
- calico_policy:
- enabled: true
- namespace: kube-system
- image: image
virtlet:
enabled: true
namespace: kube-system
diff --git a/tests/pillar/master_contrail4_0.sls b/tests/pillar/master_contrail4_0.sls
index 4b7bb31..60b6cb0 100644
--- a/tests/pillar/master_contrail4_0.sls
+++ b/tests/pillar/master_contrail4_0.sls
@@ -30,10 +30,6 @@
server_image: image
agent_image: image
agent_probeurls: "http://ipinfo.io"
- calico_policy:
- enabled: true
- namespace: kube-system
- image: image
virtlet:
enabled: true
namespace: kube-system
diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls
index 1b7d364..5f34de4 100644
--- a/tests/pillar/pool_cluster.sls
+++ b/tests/pillar/pool_cluster.sls
@@ -49,6 +49,8 @@
enabled: true
calicoctl_image: calico/ctl
cni_image: calico/cni
+ image: calico/node
+ kube_controllers_image: calico/kube-controllers
etcd:
members:
- host: 127.0.0.1
diff --git a/tests/pillar/pool_cluster_with_domain.sls b/tests/pillar/pool_cluster_with_domain.sls
index 276c80f..4bfc733 100644
--- a/tests/pillar/pool_cluster_with_domain.sls
+++ b/tests/pillar/pool_cluster_with_domain.sls
@@ -50,6 +50,8 @@
enabled: true
calicoctl_image: calico/ctl
cni_image: calico/cni
+ image: calico/node
+ kube_controllers_image: calico/kube-controllers
etcd:
members:
- host: 127.0.0.1