Skip to content

Commit

Permalink
CNI: replace Weave with Cilium (#92)
Browse files Browse the repository at this point in the history
  • Loading branch information
pstadler authored Sep 20, 2023
1 parent afdb726 commit bc5dfd1
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 11 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
.terraform/
.terraform.lock.hcl
terraform.tfstate*
.terraform.tfstate*
terraform.tfvars
Expand Down
17 changes: 7 additions & 10 deletions service/kubernetes/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,16 +42,16 @@ variable "etcd_endpoints" {
}

variable "overlay_interface" {
default = "weave"
default = "cilium_vxlan"
}

variable "overlay_cidr" {
default = "10.96.0.0/16"
}

variable "weave_net_version" {
variable "cilium_version" {
type = string
default = "v2.8.1"
default = "1.14.1"
}

resource "random_string" "token1" {
Expand Down Expand Up @@ -109,11 +109,7 @@ resource "null_resource" "kubernetes" {

provisioner "remote-exec" {
inline = [
templatefile("${path.module}/scripts/install.sh", {
vpn_interface = var.vpn_interface
overlay_cidr = var.overlay_cidr
}
)
file("${path.module}/scripts/install.sh")
]
}

Expand All @@ -122,8 +118,9 @@ resource "null_resource" "kubernetes" {
count.index == 0
? templatefile("${path.module}/scripts/master.sh",
{
token = local.cluster_token
weave_net_version = var.weave_net_version
token = local.cluster_token
cilium_version = var.cilium_version
overlay_cidr = var.overlay_cidr
})
: templatefile("${path.module}/scripts/slave.sh",
{
Expand Down
10 changes: 9 additions & 1 deletion service/kubernetes/scripts/master.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,15 @@ until nc -z localhost 6443; do
done

echo "Install CNI"
kubectl apply -f "https://github.com/weaveworks/weave/releases/download/${weave_net_version}/weave-daemonset-k8s.yaml"
CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt)
CLI_ARCH="$(arch | sed 's/x86_64/amd64/; s/aarch64/arm64/')"
curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/$${CILIUM_CLI_VERSION}/cilium-linux-$${CLI_ARCH}.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-$${CLI_ARCH}.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-$${CLI_ARCH}.tar.gz /usr/local/bin
rm cilium-linux-$${CLI_ARCH}.tar.gz*

cilium install --version ${cilium_version} --set ipam.mode=cluster-pool --set ipam.operator.clusterPoolIPv4PodCIDRList=${overlay_cidr}
cilium status --wait

echo "Add cluster role binding"
# See: https://kubernetes.io/docs/admin/authorization/rbac/
Expand Down

0 comments on commit bc5dfd1

Please sign in to comment.