diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c21bb0c43..1014440ab 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -257,10 +257,14 @@ before_script: # stage: deploy-special MOVED_TO_GROUP_VARS: "true" -.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables +.coreos_cilium_variables: &coreos_cilium_variables # stage: deploy-special MOVED_TO_GROUP_VARS: "true" +.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables +# stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + .rhel7_weave_variables: &rhel7_weave_variables # stage: deploy-part1 MOVED_TO_GROUP_VARS: "true" @@ -459,6 +463,17 @@ gce_ubuntu-contiv-sep: except: ['triggers'] only: ['master', /^pr-.*$/] +gce_coreos-cilium: + stage: deploy-special + <<: *job + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_cilium_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + gce_ubuntu-cilium-sep: stage: deploy-special <<: *job diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index edb2b1e75..e97297958 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -41,7 +41,7 @@ vault_version: 0.8.1 weave_version: 2.2.0 pod_infra_version: 3.0 contiv_version: 1.1.7 -cilium_version: "v1.0.0-rc4" +cilium_version: "v1.0.0-rc8" # Download URLs istioctl_download_url: "https://storage.googleapis.com/istio-release/releases/{{ istio_version }}/istioctl/istioctl-linux" diff --git a/roles/network_plugin/cilium/templates/cilium-cr.yml.j2 b/roles/network_plugin/cilium/templates/cilium-cr.yml.j2 index 8eae0e8ed..11fd01087 100755 --- a/roles/network_plugin/cilium/templates/cilium-cr.yml.j2 +++ b/roles/network_plugin/cilium/templates/cilium-cr.yml.j2 @@ -54,9 +54,11 @@ rules: - get - list - watch + - update - apiGroups: - cilium.io resources: - ciliumnetworkpolicies + - ciliumendpoints verbs: - "*" diff --git a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 index 9f48a62db..3d877a5cb 100755 --- a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 +++ b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 @@ -79,6 +79,13 @@ spec: optional: true key: prometheus-serve-addr {% endif %} + resources: + limits: + cpu: {{ cilium_cpu_limit }} + memory: {{ cilium_memory_limit }} + requests: + cpu: {{ cilium_cpu_requests }} + memory: {{ cilium_memory_requests }} livenessProbe: exec: command: diff --git a/tests/files/gce_centos7-cilium.yml b/tests/files/gce_centos7-cilium.yml index ca682f7ed..ec46a213d 100644 --- a/tests/files/gce_centos7-cilium.yml +++ b/tests/files/gce_centos7-cilium.yml @@ -7,5 +7,6 @@ mode: default # Deployment settings kube_network_plugin: cilium deploy_netchecker: true +enable_network_policy: true kubedns_min_replicas: 1 cloud_provider: gce diff --git a/tests/files/gce_coreos-cilium.yml b/tests/files/gce_coreos-cilium.yml index a09003970..1778929f0 100644 --- a/tests/files/gce_coreos-cilium.yml +++ b/tests/files/gce_coreos-cilium.yml @@ -9,5 +9,6 @@ kube_network_plugin: cilium bootstrap_os: coreos resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12 deploy_netchecker: true +enable_network_policy: true kubedns_min_replicas: 1 cloud_provider: gce diff --git a/tests/files/gce_rhel7-cilium.yml b/tests/files/gce_rhel7-cilium.yml index d67658a6c..0994d0099 100644 --- a/tests/files/gce_rhel7-cilium.yml +++ b/tests/files/gce_rhel7-cilium.yml @@ -6,5 +6,6 @@ mode: default # Deployment settings kube_network_plugin: cilium deploy_netchecker: true +enable_network_policy: true kubedns_min_replicas: 1 cloud_provider: gce diff --git a/tests/files/gce_ubuntu-cilium-sep.yml b/tests/files/gce_ubuntu-cilium-sep.yml index e7150a27e..0c0647743 100644 --- a/tests/files/gce_ubuntu-cilium-sep.yml +++ b/tests/files/gce_ubuntu-cilium-sep.yml @@ -6,6 +6,7 @@ mode: separate # Deployment settings kube_network_plugin: cilium deploy_netchecker: true +enable_network_policy: true kubedns_min_replicas: 1 cloud_provider: gce