microk8s icon indicating copy to clipboard operation
microk8s copied to clipboard
verified publisher icon canonical

Move default CNI to Addon (similar to CoreDNS)

Open emolitor opened this issue 10 months ago • 4 comments

Summary

Currently Calico is installed as a default CNI. This proposal is to move Calico to a core addon which is included by the default launch configuration. This offers a cleaner separation of concerns simplifying the effort to use an alternative CNI or none at all. This is also consistent with how DNS is handled in the default launch configuration.

Why is this important?

Currently the coupling of Calico as a default CNI means that in order to swap it out you must remove Calico, tear down any of its devices and remove any UFW firewall rules added for the vxlan and cali+ devices. This coupling is unnecessary IMO and it will be easier to support and maintain CNIs if they are treated as addons.

Are you interested in contributing to this feature?

yes

emolitor avatar Feb 11 '25 12:02 emolitor

In order to implement this I propose to create addons for Calico and Flannel. These addons will match the existing functionality and behaviour of the existing implementations. They will also handle cleanly migrating from the 'integrated' model in the existing form to the new decoupled behaviour. Once that is working the second step is to add them to the default launch configuration and remove them from the existing implementation. Finally it's likely some level of custom logic will be needed to facilitate upgrading existing clusters but I have not looked that far yet.

emolitor avatar Feb 11 '25 12:02 emolitor

Hi @emolitor,

Thanks for raising your issue. We do not intend to move the default CNI to addons because one command should bring up a Kubernetes cluster with all its core features.

We've addressed this limitation in our new product Canonical Kubernetes which allows you to disable the default network on bootstrap. Try this getting-started tutorial and then follow the steps in this alternative CNI guide. We would love to hear your feedback!

Best regards, Louise

louiseschmidtgen avatar Feb 13 '25 16:02 louiseschmidtgen

Hi @emolitor,

Thanks for raising your issue. We do not intend to move the default CNI to addons because one command should bring up a Kubernetes cluster with all its core features.

The intent is not to remove one command to bring up a k8s cluster with all core features but to allow launch templates to more cleanly override the built in features. I will find a bit more time to write-up what I'm thinking to see if it is desired or not.

We've addressed this limitation in our new product Canonical Kubernetes which allows you to disable the default network on bootstrap. Try this getting-started tutorial and then follow the steps in this alternative CNI guide. We would love to hear your feedback!

That might be a viable option for my use case but are you planning on supporting Canonical Kubernetes on Ubuntu Core?

error: snap "k8s" requires classic confinement which is only available on
       classic systems

emolitor avatar Feb 14 '25 09:02 emolitor

You are correct @emolitor, Canonical K8s is not available for Ubuntu Core yet.

ktsakalozos avatar Feb 14 '25 10:02 ktsakalozos