diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml index 2c70129e5..5badefd40 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml @@ -68,6 +68,10 @@ # set VXLAN encapsulation mode: "Always", "CrossSubnet", "Never" # calico_vxlan_mode: 'Never' +# set VXLAN port and VNI +# calico_vxlan_vni: 4096 +# calico_vxlan_port: 4789 + # If you want to use non default IP_AUTODETECTION_METHOD for calico node set this option to one of: # * can-reach=DESTINATION # * interface=INTERFACE-REGEX diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml index b8ed03393..f183606c2 100644 --- a/roles/network_plugin/calico/defaults/main.yml +++ b/roles/network_plugin/calico/defaults/main.yml @@ -29,6 +29,12 @@ calico_node_memory_requests: 64M calico_node_cpu_requests: 150m calico_felix_chaininsertmode: Insert +# Virtual network ID to use for VXLAN traffic. A value of 0 means “use the kernel default”. +calico_vxlan_vni: 4096 + +# Port to use for VXLAN traffic. A value of 0 means “use the kernel default”. +calico_vxlan_port: 4789 + # Enable Prometheus Metrics endpoint for felix calico_felix_prometheusmetricsenabled: false calico_felix_prometheusmetricsport: 9091 diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2 index 14366c33d..4f54a4e31 100644 --- a/roles/network_plugin/calico/templates/calico-node.yml.j2 +++ b/roles/network_plugin/calico/templates/calico-node.yml.j2 @@ -173,6 +173,12 @@ spec: # Wait for the datastore. - name: WAIT_FOR_DATASTORE value: "true" +{% endif %} +{% if calico_network_backend is defined and calico_network_backend == 'vxlan' %} + - name: FELIX_VXLANVNI + value: "{{ calico_vxlan_vni }}" + - name: FELIX_VXLANPORT + value: "{{ calico_vxlan_port }}" {% endif %} # Choose the backend to use. - name: CALICO_NETWORKING_BACKEND