docs: Add docs on Calico networking support

* Digital Ocean firewalls don't yet support the required
IP tunneling protocol so Calico cannot be used without
disabling firewalls right now.
This commit is contained in:
Dalton Hubble 2017-09-05 18:43:08 -07:00
parent 1efe39d6bc
commit 00b61a26c0
4 changed files with 10 additions and 3 deletions

View File

@ -357,6 +357,8 @@ Learn about [version pinning](concepts.md#versioning), maintenance, and [addons]
| install_disk | Disk device where Container Linux should be installed | "/dev/sda" | "/dev/sdb" |
| container_linux_oem | Specify alternative OEM image ids for the disk install | "" | "vmware_raw", "xen" |
| experimental_self_hosted_etcd | Self-host etcd as pods on Kubernetes (not recommended) | false | true |
| networking | Choice of networking provider | "flannel" | "flannel" or "calico" |
| network_mtu | CNI interface MTU (calico-only) | 1480 | - |
| pod_cidr | CIDR range to assign to Kubernetes pods | "10.2.0.0/16" | "10.22.0.0/16" |
| service_cidr | CIDR range to assgin to Kubernetes services | "10.3.0.0/16" | "10.3.0.0/24" |

View File

@ -238,8 +238,12 @@ If you uploaded an SSH key to DigitalOcean (not required), find the fingerprint
| controller_type | Digital Ocean droplet size | 2gb | 2gb (min), 4gb, 8gb |
| worker_count | Number of workers | 1 | 3 |
| worker_type | Digital Ocean droplet size | 512mb | 512mb, 1gb, 2gb, 4gb |
| networking | Choice of networking provider | "flannel" | "flannel" |
| pod_cidr | CIDR range to assign to Kubernetes pods | "10.2.0.0/16" | "10.22.0.0/16" |
| service_cidr | CIDR range to assgin to Kubernetes services | "10.3.0.0/16" | "10.3.0.0/24" |
!!! warning
Do not choose a `controller_type` smaller than `2gb`. The `1gb` droplet is not sufficient for running a controller and bootstrapping will fail.
!!! bug
Digital Ocean firewalls do not yet support the IP tunneling (IP in IP) protocol used by Calico. You can try using "calico" for `networking`, but it will only work if the cloud firewall is removed (unsafe).

View File

@ -230,6 +230,7 @@ resource "google_dns_managed_zone" "zone-for-clusters" {
| controller_count | Number of controllers (i.e. masters) | 1 | 1 |
| worker_count | Number of workers | 1 | 3 |
| worker_preemptible | If enabled, Compute Engine will terminate controllers randomly within 24 hours | false | true |
| networking | Choice of networking provider | "flannel" | "flannel" or "calico" |
| pod_cidr | CIDR range to assign to Kubernetes pods | "10.2.0.0/16" | "10.22.0.0/16" |
| service_cidr | CIDR range to assgin to Kubernetes services | "10.3.0.0/16" | "10.3.0.0/24" |

View File

@ -12,9 +12,9 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
## Features
* Kubernetes v1.7.3 (upstream, via [kubernetes-incubator/bootkube](https://github.com/kubernetes-incubator/bootkube))
* Self-hosted control plane, single or multi master, workloads isolated to workers
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled
* Ready for Ingress, Metrics, Dashboards, and other optional [addons](addons/overview.md)
* Single or multi-master, workloads isolated on workers, [flannel](https://github.com/coreos/flannel) or [Calico](https://www.projectcalico.org/) networking (with BGP peering)
* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
* Ready for Ingress, Dashboards, Metrics and other optional [addons](addons/overview.md)
* Provided via Terraform Modules
## Modules