mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-08-15 02:57:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
b09be2a69c
talos/website/content/docs/v0.14/Guides/deploying-cilium.md
Noel Georgi 4c96e936ed
docs: add cilium guide 
- Add Cilium CNI install guide
- Use Canal CNI for default examples

Fixes #4477

Signed-off-by: Noel Georgi <git@frezbo.dev>
2021-12-16 20:37:03 +05:30

3.0 KiB
Raw Blame History

title description
Deploying Cilium CNI In this guide you will learn how to set up Cilium CNI on Talos.

From v1.9 onwards cilium doesn't provide a one liner install manifest that can be used to install cilium on a node via kubectl apply -f or passing in as extra urls in Talos machine configuration.

installing Cilium via cilium cli is broken, so we'll be using helm to install cilium.

Refer Installing with Helm for more information.

First we'll need to add the helm repo for cilium.

helm repo add cilium https://helm.cilium.io/
helm repo update

This documentation will outline installing Cilium CNI on Talos in two different ways.

With Kube Proxy enabled

When generating the machine config for a node add the following config patch. An example usage is shown below:

talosctl gen config \
    my-cluster https://mycluster.local:6443 \
    --config-patch '[{"op":"add", "path": "/cluster/network/cni", "value": {"name": "none"}}]'

Now we can move onto installing cilium.

If you want to install with helm run the following:

helm install cilium cilium/cilium \
    --version 1.11.0 \
    --namespace kube-system

If you want to generate a manifest and apply manually run the following:

helm template cilium cilium/cilium \
    --version 1.11.0 \
    --namespace kube-system > cilium.yaml

kubectl apply -f cilium.yaml

Without Kube Proxy

If you want to deploy Cilium in strict mode without kube-proxy, you can use the following config patch when generating a machine config. This will create the Talos cluster with no CNI and kube-proxy disabled.

An example usage is shown below:

talosctl gen config \
    my-cluster https://mycluster.local:6443 \
    --config-patch '[{"op": "add", "path": "/cluster/proxy", "value": {"disabled": true}}, {"op":"add", "path": "/cluster/network/cni", "value": {"name": "none"}}]'

You need to pass in the Kubernetes API server address to the helm commands. Refer Kube Proxy free for more information.

export KUBERNETES_API_SERVER_ADDRESS=<>
export KUBERNETES_API_SERVER_PORT=6443

If you want to install with helm run the following:

helm install cilium cilium/cilium \
    --version 1.11.0 \
    --namespace kube-system \
    --set kubeProxyReplacement=strict \
    --set k8sServiceHost="${KUBERNETES_API_SERVER_ADDRESS}" \
    --set k8sServicePort="${KUBERNETES_API_SERVER_PORT}"

If you want to generate a manifest and apply manually run the following:

helm template cilium cilium/cilium \
    --version 1.11.0 \
    --namespace kube-system \
    --set kubeProxyReplacement=strict \
    --set k8sServiceHost="${KUBERNETES_API_SERVER_ADDRESS}" \
    --set k8sServicePort="${KUBERNETES_API_SERVER_PORT}" > cilium.yaml

kubectl apply -f cilium.yaml