CNI

When deploying a cluster with CAPI, deployment and configuration of CNI is up to the user. By leveraging CAPI cluster lifecycle hooks, this handler deploys a requested CNI provider on the new cluster at the AfterControlPlaneInitialized phase.

The hook uses either the Cluster API Add-on Provider for Helm or ClusterResourceSet to deploy the CNI resources depending on the selected deployment strategy.

Currently the hook supports Cilium and Calico CNI providers.

Cilium

Deployment of Cilium is opt-in via the provider-specific cluster configuration.

Cilium Example

To enable deployment of Cilium on a cluster, specify the following values:

apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
  name: <NAME>
spec:
  topology:
    variables:
      - name: clusterConfig
        value:
          addons:
            cni:
              provider: Cilium
              strategy: HelmAddon

To deploy the addon via ClusterResourceSet replace the value of strategy with ClusterResourceSet.

Calico

Deployment of Calico is opt-in via the provider-specific cluster configuration.

Calico Example

To enable deployment of Calico on a cluster, specify the following values:

apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
  name: <NAME>
spec:
  topology:
    variables:
      - name: clusterConfig
        value:
          addons:
            cni:
              provider: Calico
              strategy: HelmAddon

ClusterResourceSet strategy

To deploy the addon via ClusterResourceSet replace the value of strategy with ClusterResourceSet.

When using the ClusterResourceSet strategy, the hook creates two ClusterResourceSets: one to deploy the Tigera Operator, and one to deploy Calico via the Tigera Installation CRD. The Tigera Operator CRS is shared between all clusters in the operator, whereas the Calico installation CRS is unique per cluster.

As ClusterResourceSets must exist in the same name as the cluster they apply to, the lifecycle hook copies default ConfigMaps from the same namespace as the CAPI runtime extensions hook pod is running in. This enables users to configure defaults specific for their environment rather than compiling the defaults into the binary.

The Helm chart comes with default configurations for the Calico Installation CRS per supported provider, but overriding is possible. For example. to change Docker provider's Calico configuration, specify following helm argument when deploying cluster-api-runtime-extensions-nutanix chart:

--set-file hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content=<file>

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified September 12, 2024: fix: Do not use digests for Cilium images (#901) (10ea179)