Getting bored with weavenet, now I tried calico
curl https://docs.projectcalico.org/manifests/calico-etcd.yaml -o calico.yaml
First of all, you must have one https etcd cluster for it.
Edit these 3 lines, inset output from command
cat <file> | base64 -w 0
etcd-key: xxx
etcd-cert: xxx
etcd-ca: xxx
inset etcd url and un-comment these lines (don’t change certificate filename)
etcd_endpoints: "https://etcd-cni.home.net:2379"
etcd_ca: "/calico-secrets/etcd-ca"
etcd_cert: "/calico-secrets/etcd-cert"
etcd_key: "/calico-secrets/etcd-key"
finally, change etcd-certs file permission to 0440
volumes:
- name: etcd-certs
secret:
secretName: calico-etcd-secrets
defaultMode: 0440
done
PS. you may use simple version here
curl https://docs.projectcalico.org/manifests/calico.yaml -O