feat: add support for Cilium 1.14 (#10684)

* update cilium configmap template for new routing mode and tunnel-protocol options Ryan Lonergan ryan.tlonergan@gmail.com * add rbac for new cilium crd in 1.14 Ryan Lonergan ryan.tlonergan@gmail.com * add conditional for cni-install.sh that's no longer included in cilium 1.14 Ryan Lonergan ryan.tlonergan@gmail.com * Update roles/network_plugin/cilium/templates/cilium/ds.yml.j2 Co-authored-by: Cyclinder <qifeng.guo@daocloud.io> --------- Co-authored-by: Cyclinder <qifeng.guo@daocloud.io>
2024-01-07 20:43:02 -05:00 · 2024-01-07 20:43:02 -05:00 · eda7ea5695
parent 08c0b34270
commit eda7ea5695
3 changed files with 18 additions and 0 deletions
--- a/roles/network_plugin/cilium/templates/cilium/config.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium/config.yml.j2
@ -115,7 +115,14 @@ data:
  #   - disabled
  #   - vxlan (default)
  #   - geneve
+{% if cilium_version | regex_replace('v') is version('1.14.0', '<') %}
  tunnel: "{{ cilium_tunnel_mode }}"
+{% elif cilium_version | regex_replace('v') is version('1.14.0', '>=') and cilium_tunnel_mode == 'disabled' %}
+  routing-mode: 'native'
+{% elif cilium_version | regex_replace('v') is version('1.14.0', '>=') and cilium_tunnel_mode != 'disabled' %}
+  routing-mode: 'tunnel'
+  tunnel-protocol: "{{ cilium_tunnel_mode }}"
+{% endif %}

  # Enable Bandwidth Manager
  # Cilium’s bandwidth manager supports the kubernetes.io/egress-bandwidth Pod annotation.
--- a/roles/network_plugin/cilium/templates/cilium/cr.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium/cr.yml.j2
@ -120,3 +120,12 @@ rules:
  - list
  - watch
 {% endif %}
+{% if cilium_version | regex_replace('v') is version('1.14', '>=') %}
+- apiGroups:
+  - cilium.io
+  resources:
+  - ciliumcidrgroups
+  verbs:
+  - list
+  - watch
+{% endif %}
--- a/roles/network_plugin/cilium/templates/cilium/ds.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium/ds.yml.j2
@ -106,6 +106,7 @@ spec:
        - {{ env_var | to_nice_yaml(indent=2) | indent(10) }}
 {% endfor %}
        lifecycle:
+{% if cilium_version | regex_replace('v') is version('1.14', '<') %}
          postStart:
            exec:
              command:
@ -114,6 +115,7 @@ spec:
 {% if cilium_version | regex_replace('v') is version('1.12', '>=') %}
              - "--enable-debug={{ cilium_debug | string | lower }}"
              - "--log-file={{ cilium_cni_log_file }}"
+{% endif %}
 {% endif %}
          preStop:
            exec: