diff --git a/docs/bare-metal.md b/docs/bare-metal.md index 34609566..bf5d584a 100644 --- a/docs/bare-metal.md +++ b/docs/bare-metal.md @@ -357,6 +357,8 @@ Learn about [version pinning](concepts.md#versioning), maintenance, and [addons] | install_disk | Disk device where Container Linux should be installed | "/dev/sda" | "/dev/sdb" | | container_linux_oem | Specify alternative OEM image ids for the disk install | "" | "vmware_raw", "xen" | | experimental_self_hosted_etcd | Self-host etcd as pods on Kubernetes (not recommended) | false | true | +| networking | Choice of networking provider | "flannel" | "flannel" or "calico" | +| network_mtu | CNI interface MTU (calico-only) | 1480 | - | | pod_cidr | CIDR range to assign to Kubernetes pods | "10.2.0.0/16" | "10.22.0.0/16" | | service_cidr | CIDR range to assgin to Kubernetes services | "10.3.0.0/16" | "10.3.0.0/24" | diff --git a/docs/digital-ocean.md b/docs/digital-ocean.md index 2771bf46..dca7bd90 100644 --- a/docs/digital-ocean.md +++ b/docs/digital-ocean.md @@ -238,8 +238,12 @@ If you uploaded an SSH key to DigitalOcean (not required), find the fingerprint | controller_type | Digital Ocean droplet size | 2gb | 2gb (min), 4gb, 8gb | | worker_count | Number of workers | 1 | 3 | | worker_type | Digital Ocean droplet size | 512mb | 512mb, 1gb, 2gb, 4gb | +| networking | Choice of networking provider | "flannel" | "flannel" | | pod_cidr | CIDR range to assign to Kubernetes pods | "10.2.0.0/16" | "10.22.0.0/16" | | service_cidr | CIDR range to assgin to Kubernetes services | "10.3.0.0/16" | "10.3.0.0/24" | !!! warning Do not choose a `controller_type` smaller than `2gb`. The `1gb` droplet is not sufficient for running a controller and bootstrapping will fail. + +!!! bug + Digital Ocean firewalls do not yet support the IP tunneling (IP in IP) protocol used by Calico. You can try using "calico" for `networking`, but it will only work if the cloud firewall is removed (unsafe). diff --git a/docs/google-cloud.md b/docs/google-cloud.md index 28487118..0d0c8a9d 100644 --- a/docs/google-cloud.md +++ b/docs/google-cloud.md @@ -230,6 +230,7 @@ resource "google_dns_managed_zone" "zone-for-clusters" { | controller_count | Number of controllers (i.e. masters) | 1 | 1 | | worker_count | Number of workers | 1 | 3 | | worker_preemptible | If enabled, Compute Engine will terminate controllers randomly within 24 hours | false | true | +| networking | Choice of networking provider | "flannel" | "flannel" or "calico" | | pod_cidr | CIDR range to assign to Kubernetes pods | "10.2.0.0/16" | "10.22.0.0/16" | | service_cidr | CIDR range to assgin to Kubernetes services | "10.3.0.0/16" | "10.3.0.0/24" | diff --git a/docs/index.md b/docs/index.md index bece23af..2acffc73 100644 --- a/docs/index.md +++ b/docs/index.md @@ -12,9 +12,9 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster ## Features * Kubernetes v1.7.3 (upstream, via [kubernetes-incubator/bootkube](https://github.com/kubernetes-incubator/bootkube)) -* Self-hosted control plane, single or multi master, workloads isolated to workers -* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled -* Ready for Ingress, Metrics, Dashboards, and other optional [addons](addons/overview.md) +* Single or multi-master, workloads isolated on workers, [flannel](https://github.com/coreos/flannel) or [Calico](https://www.projectcalico.org/) networking (with BGP peering) +* On-cluster etcd with TLS, [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)-enabled, [network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) +* Ready for Ingress, Dashboards, Metrics and other optional [addons](addons/overview.md) * Provided via Terraform Modules ## Modules