✨suppor k8s node etcd

kustomize/network/calico-k8s/kustomization.yaml

@@ -0,0 +1,11 @@
+bases:
+- ../crds
+
+resources:
+- network.yaml
+- role.yaml
+
+patchesStrategicMerge:
+  - patch_image_name.yaml
+
+namespace: network-test-f22e8ea9

kustomize/network/calico-k8s/network.yaml

@@ -0,0 +1,69 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name:  network-system
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: network-manager
+  namespace: network-system
+  labels:
+    control-plane: network-manager
+spec:
+  selector:
+    matchLabels:
+      control-plane: network-manager
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        control-plane: network-manager
+    spec:
+      nodeSelector:
+        node-role.kubernetes.io/master: ""
+      tolerations:
+        - key: "CriticalAddonsOnly"
+          operator: "Exists"
+        - key: "node-role.kubernetes.io/master"
+          effect: NoSchedule
+      serviceAccountName: network-manager
+      containers:
+      - command:
+        - /ks-network
+        args:
+          - -v=4
+          - np-provider=calico
+          - datastore-type=k8s
+        image: network:latest
+        imagePullPolicy: Always
+        name: manager
+        resources:
+          limits:
+            cpu: 100m
+            memory: 30Mi
+          requests:
+            cpu: 100m
+            memory: 20Mi
+      terminationGracePeriodSeconds: 10
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: net-role-binding
+  namespace: network-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: network-manager
+subjects:
+- kind: ServiceAccount
+  name: network-manager
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: network-manager

kustomize/network/calico-k8s/patch_image_name.yaml

@@ -0,0 +1,12 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: network-manager
+  namespace: network-system
+spec:
+  template:
+    spec:
+      containers:
+      # Change the value of image field below to your controller image URL
+      - image: magicsong/ks-network:f22e8ea9
+        name: manager

kustomize/network/calico-k8s/patch_role_binding.yaml

@@ -0,0 +1,8 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: net-role-binding
+subjects:
+- kind: ServiceAccount
+  name: network-manager
+  namespace: network-test-f22e8ea9

kustomize/network/calico-k8s/role.yaml

@@ -0,0 +1,54 @@
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: network-manager
+rules:
+- apiGroups:
+  - crd.projectcalico.org
+  resources:
+  - clusterinformations
+  - felixconfigurations
+  - globalfelixconfigs
+  - globalnetworkpolicies
+  - globalnetworksets
+  - hostendpoints
+  - ipamblocks
+  - ippools
+  - networkpolicies
+  - networksets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - network.kubesphere.io
+  resources:
+  - namespacenetworkpolicies
+  - workspacenetworkpolicies
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - tenant.kubesphere.io
+  resources:
+  - workspaces
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch