Migrate from Calico v2.6.6 to to 3.0.1

* https://github.com/projectcalico/calico/releases/tag/v3.0.1
2026-01-27 10:20:45 +00:00 · 2018-01-19 22:21:00 -08:00
parent b339254ed5
commit f4ccbeee10
13 changed files with 88 additions and 39 deletions
--- a/resources/calico/bgpconfigurations-crd.yaml
+++ b/resources/calico/bgpconfigurations-crd.yaml
@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+description: Calico BGP Configuration
+kind: CustomResourceDefinition
+metadata:
+  name: bgpconfigurations.crd.projectcalico.org
+spec:
+  scope: Cluster
+  group: crd.projectcalico.org
+  version: v1
+  names:
+    kind: BGPConfiguration
+    plural: bgpconfigurations
+    singular: bgpconfiguration
--- a/resources/calico/calico-bgp-peers.yaml
+++ b/resources/calico/calico-bgp-peers.yaml
--- a/resources/calico/calico-cluster-role.yaml
+++ b/resources/calico/calico-cluster-role.yaml
@@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: calico-node
-  namespace: kube-system
 rules:
  - apiGroups: [""]
    resources:
@@ -23,6 +22,17 @@ rules:
      - get
      - list
      - watch
+      - patch
+  - apiGroups: [""]
+    resources:
+      - services
+    verbs:
+      - get
+  - apiGroups: [""]
+    resources:
+      - endpoints
+    verbs:
+      - get
  - apiGroups: [""]
    resources:
      - nodes
@@ -41,10 +51,14 @@ rules:
  - apiGroups: ["crd.projectcalico.org"]
    resources:
      - globalfelixconfigs
+      - felixconfigurations
      - bgppeers
      - globalbgpconfigs
+      - bgpconfigurations
      - ippools
      - globalnetworkpolicies
+      - networkpolicies
+      - clusterinformations
    verbs:
      - create
      - get
--- a/resources/calico/calico-config.yaml
+++ b/resources/calico/calico-config.yaml
@@ -4,6 +4,7 @@ metadata:
  name: calico-config
  namespace: kube-system
 data:
+  typha_service_name: "none"
  # The CNI network configuration to install on each node.
  cni_network_config: |-
    {
@@ -31,9 +32,8 @@ data:
        },
        {
          "type": "portmap",
-          "capabilities": {
-            "portMappings": true
-          }
+          "snat": true,
+          "capabilities": {"portMappings": true}
        }
      ]
    }
--- a/resources/calico/calico-gloabl-felix-configs.yaml
+++ b/resources/calico/calico-gloabl-felix-configs.yaml
@@ -1,13 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1beta1
-description: Calico Global Felix Configuration
-kind: CustomResourceDefinition
-metadata:
-   name: globalfelixconfigs.crd.projectcalico.org
-spec:
-  scope: Cluster
-  group: crd.projectcalico.org
-  version: v1
-  names:
-    kind: GlobalFelixConfig
-    plural: globalfelixconfigs
-    singular: globalfelixconfig
--- a/resources/calico/calico-global-bgp-configs.yaml
+++ b/resources/calico/calico-global-bgp-configs.yaml
@@ -1,13 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1beta1
-description: Calico Global BGP Configuration
-kind: CustomResourceDefinition
-metadata:
-  name: globalbgpconfigs.crd.projectcalico.org
-spec:
-  scope: Cluster
-  group: crd.projectcalico.org
-  version: v1
-  names:
-    kind: GlobalBGPConfig
-    plural: globalbgpconfigs
-    singular: globalbgpconfig
--- a/resources/calico/calico.yaml
+++ b/resources/calico/calico.yaml
@@ -10,9 +10,9 @@ spec:
    matchLabels:
      k8s-app: calico-node
  updateStrategy:
+    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
-    type: RollingUpdate
  template:
    metadata:
      labels:
@@ -61,15 +61,20 @@ spec:
            # Enable IP-in-IP within Felix.
            - name: FELIX_IPINIPENABLED
              value: "true"
+            # Typha support: controlled by the ConfigMap.
+            - name: FELIX_TYPHAK8SSERVICENAME
+              valueFrom:
+                configMapKeyRef:
+                  name: calico-config
+                  key: typha_service_name
            # Set node name based on k8s nodeName.
            - name: NODENAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
+            # Auto-detect the BGP IP address.
            - name: IP
-              valueFrom:
-                fieldRef:
-                  fieldPath: status.podIP
+              value: "autodetect"
            - name: FELIX_HEALTHENABLED
              value: "true"
          securityContext:
@@ -101,20 +106,22 @@ spec:
          image: ${calico_cni_image}
          command: ["/install-cni.sh"]
          env:
+            # Name of the CNI config file to create on each node.
            - name: CNI_CONF_NAME
-              value: 10-calico.conflist
+              value: "10-calico.conflist"
+            # Contents of the CNI config to create on each node.
            - name: CNI_NETWORK_CONFIG
              valueFrom:
                configMapKeyRef:
                  name: calico-config
                  key: cni_network_config
-            - name: CNI_NET_DIR
-              value: "/etc/kubernetes/cni/net.d"
            # Set node name based on k8s nodeName
            - name: KUBERNETES_NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
+            - name: CNI_NET_DIR
+              value: "/etc/kubernetes/cni/net.d"
          volumeMounts:
            - mountPath: /host/opt/cni/bin
              name: cni-bin-dir
@@ -122,12 +129,14 @@ spec:
              name: cni-net-dir
      terminationGracePeriodSeconds: 0
      volumes:
+        # Used by calico/node
        - name: lib-modules
          hostPath:
            path: /lib/modules
        - name: var-run-calico
          hostPath:
            path: /var/run/calico
+        # Used by install-cni
        - name: cni-bin-dir
          hostPath:
            path: /opt/cni/bin
--- a/resources/calico/clusterinformations-crd.yaml
+++ b/resources/calico/clusterinformations-crd.yaml
@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+description: Calico Cluster Information
+kind: CustomResourceDefinition
+metadata:
+  name: clusterinformations.crd.projectcalico.org
+spec:
+  scope: Cluster
+  group: crd.projectcalico.org
+  version: v1
+  names:
+    kind: ClusterInformation
+    plural: clusterinformations
+    singular: clusterinformation
--- a/resources/calico/felixconfigurations-crd.yaml
+++ b/resources/calico/felixconfigurations-crd.yaml
@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+description: Calico Felix Configuration
+kind: CustomResourceDefinition
+metadata:
+   name: felixconfigurations.crd.projectcalico.org
+spec:
+  scope: Cluster
+  group: crd.projectcalico.org
+  version: v1
+  names:
+    kind: FelixConfiguration
+    plural: felixconfigurations
+    singular: felixconfiguration
--- a/resources/calico/globalnetworkpolicies-crd.yaml
+++ b/resources/calico/globalnetworkpolicies-crd.yaml
--- a/resources/calico/calico-ip-pools.yaml
+++ b/resources/calico/calico-ip-pools.yaml
--- a/resources/calico/networkpolicies-crd.yaml
+++ b/resources/calico/networkpolicies-crd.yaml
@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+description: Calico Network Policies
+kind: CustomResourceDefinition
+metadata:
+  name: networkpolicies.crd.projectcalico.org
+spec:
+  scope: Namespaced
+  group: crd.projectcalico.org
+  version: v1
+  names:
+    kind: NetworkPolicy
+    plural: networkpolicies
+    singular: networkpolicy
--- a/variables.tf
+++ b/variables.tf
@@ -63,8 +63,8 @@ variable "container_images" {
  type        = "map"

  default = {
-    calico           = "quay.io/calico/node:v2.6.6"
-    calico_cni       = "quay.io/calico/cni:v1.11.2"
+    calico           = "quay.io/calico/node:v3.0.1"
+    calico_cni       = "quay.io/calico/cni:v2.0.0"
    flannel          = "quay.io/coreos/flannel:v0.9.1-amd64"
    flannel_cni      = "quay.io/coreos/flannel-cni:v0.3.0"
    hyperkube        = "gcr.io/google_containers/hyperkube:v1.9.2"