diff --git a/cluster/addons/calico-policy-controller/README.md b/cluster/addons/calico-policy-controller/README.md index 920cb84d2c..7ef70eede2 100644 --- a/cluster/addons/calico-policy-controller/README.md +++ b/cluster/addons/calico-policy-controller/README.md @@ -9,6 +9,6 @@ Calico is an implementation of the Kubernetes network policy API. The provided ### Learn More -Learn more about Calico at http://docs.projectcalico.org +Learn more about Calico at https://docs.projectcalico.org [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/calico-policy-controller/README.md?pixel)]() diff --git a/cluster/addons/calico-policy-controller/calico-clusterrole.yaml b/cluster/addons/calico-policy-controller/calico-clusterrole.yaml new file mode 100644 index 0000000000..a23589cd3c --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-clusterrole.yaml @@ -0,0 +1,67 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: calico + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +rules: + - apiGroups: [""] + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: [""] + resources: + - endpoints + verbs: + - get + - apiGroups: [""] + resources: + - services + verbs: + - get + - apiGroups: [""] + resources: + - pods/status + verbs: + - update + - apiGroups: [""] + resources: + - pods + verbs: + - get + - list + - watch + - apiGroups: [""] + resources: + - nodes + verbs: + - get + - list + - update + - watch + - apiGroups: ["extensions"] + resources: + - networkpolicies + verbs: + - get + - list + - watch + - apiGroups: ["crd.projectcalico.org"] + resources: + - globalfelixconfigs + - globalbgpconfigs + - ippools + - globalnetworkpolicies + verbs: + - create + - get + - list + - update + - patch + - delete + - watch diff --git a/cluster/addons/calico-policy-controller/calico-clusterrolebinding.yaml b/cluster/addons/calico-policy-controller/calico-clusterrolebinding.yaml new file mode 100644 index 0000000000..b40c21875f --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-clusterrolebinding.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: calico + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: calico +subjects: +- kind: ServiceAccount + name: calico + namespace: kube-system diff --git a/cluster/addons/calico-policy-controller/calico-cpva-clusterrole.yaml b/cluster/addons/calico-policy-controller/calico-cpva-clusterrole.yaml new file mode 100644 index 0000000000..658b126aca --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-cpva-clusterrole.yaml @@ -0,0 +1,14 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: calico-cpva + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +rules: + - apiGroups: [""] + resources: ["nodes"] + verbs: ["list"] + - apiGroups: ["apps", "extensions"] + resources: ["deployments", "daemonsets"] + verbs: ["patch"] diff --git a/cluster/addons/calico-policy-controller/calico-cpva-clusterrolebinding.yaml b/cluster/addons/calico-policy-controller/calico-cpva-clusterrolebinding.yaml new file mode 100644 index 0000000000..f2b88270fa --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-cpva-clusterrolebinding.yaml @@ -0,0 +1,15 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: calico-cpva + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +subjects: + - kind: ServiceAccount + name: calico-cpva + namespace: kube-system +roleRef: + kind: ClusterRole + name: calico-cpva + apiGroup: rbac.authorization.k8s.io diff --git a/cluster/addons/calico-policy-controller/calico-cpva-serviceaccount.yaml b/cluster/addons/calico-policy-controller/calico-cpva-serviceaccount.yaml new file mode 100644 index 0000000000..a8e1b4fe07 --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-cpva-serviceaccount.yaml @@ -0,0 +1,8 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: calico-cpva + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile diff --git a/cluster/addons/calico-policy-controller/calico-node-daemonset.yaml b/cluster/addons/calico-policy-controller/calico-node-daemonset.yaml index 21a5402a85..7015b4145f 100644 --- a/cluster/addons/calico-policy-controller/calico-node-daemonset.yaml +++ b/cluster/addons/calico-policy-controller/calico-node-daemonset.yaml @@ -23,12 +23,13 @@ spec: nodeSelector: projectcalico.org/ds-ready: "true" hostNetwork: true + serviceAccountName: calico containers: # Runs calico/node container on each Kubernetes node. This # container programs network policy and routes on each # host. - name: calico-node - image: calico/node:v1.3.0 + image: calico/node:v2.5.1 env: - name: CALICO_DISABLE_FILE_LOGGING value: "true" @@ -46,6 +47,8 @@ spec: value: "none" - name: FELIX_PROMETHEUSMETRICSENABLED value: "true" + - name: FELIX_HEALTHENABLED + value: "true" - name: IP value: "" - name: NO_DEFAULT_POOLS @@ -58,9 +61,18 @@ spec: value: "true" securityContext: privileged: true - resources: - requests: - cpu: __CALICO_NODE_CPU__ + livenessProbe: + httpGet: + path: /liveness + port: 9099 + periodSeconds: 10 + initialDelaySeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /readiness + port: 9099 + periodSeconds: 10 volumeMounts: - mountPath: /lib/modules name: lib-modules @@ -71,7 +83,7 @@ spec: # This container installs the Calico CNI binaries # and CNI network config file on each node. - name: install-cni - image: calico/cni:v1.9.1 + image: calico/cni:v1.10.0 command: ["/install-cni.sh"] env: - name: CNI_CONF_NAME @@ -103,7 +115,7 @@ spec: { "type": "portmap", "capabilities": {"portMappings": true}, - "snat": false + "snat": true } ] } diff --git a/cluster/addons/calico-policy-controller/calico-node-vertical-autoscaler-configmap.yaml b/cluster/addons/calico-policy-controller/calico-node-vertical-autoscaler-configmap.yaml new file mode 100644 index 0000000000..37dd40410e --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-node-vertical-autoscaler-configmap.yaml @@ -0,0 +1,22 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: calico-node-vertical-autoscaler + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +data: + node-autoscaler: |- + { + "calico-node": { + "requests": { + "cpu": { + "base": "80m", + "step": "20m", + "nodesPerStep": 10, + "max": "500m" + } + } + } + } diff --git a/cluster/addons/calico-policy-controller/calico-node-vertical-autoscaler-deployment.yaml b/cluster/addons/calico-policy-controller/calico-node-vertical-autoscaler-deployment.yaml new file mode 100644 index 0000000000..c66c3e0720 --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-node-vertical-autoscaler-deployment.yaml @@ -0,0 +1,37 @@ +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + name: calico-node-vertical-autoscaler + namespace: kube-system + labels: + k8s-app: calico-node-autoscaler + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + replicas: 1 + template: + metadata: + labels: + k8s-app: calico-node-autoscaler + annotations: + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + containers: + - image: gcr.io/google_containers/cpvpa-amd64:v0.6.0 + name: autoscaler + command: + - /cpvpa + - --target=daemonset/calico-node + - --namespace=kube-system + - --logtostderr=true + - --poll-period-seconds=30 + - --v=2 + - --config-file=/etc/config/node-autoscaler + volumeMounts: + - name: config + mountPath: /etc/config + volumes: + - name: config + configMap: + name: calico-node-vertical-autoscaler + serviceAccountName: calico-cpva diff --git a/cluster/addons/calico-policy-controller/calico-serviceaccount.yaml b/cluster/addons/calico-policy-controller/calico-serviceaccount.yaml new file mode 100644 index 0000000000..b24b07595a --- /dev/null +++ b/cluster/addons/calico-policy-controller/calico-serviceaccount.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: calico + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile diff --git a/cluster/addons/calico-policy-controller/globalbgpconfig-crd.yaml b/cluster/addons/calico-policy-controller/globalbgpconfig-crd.yaml new file mode 100644 index 0000000000..2d3e6bd284 --- /dev/null +++ b/cluster/addons/calico-policy-controller/globalbgpconfig-crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +description: Calico Global BGP Configuration +kind: CustomResourceDefinition +metadata: + name: globalbgpconfigs.crd.projectcalico.org + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: GlobalBGPConfig + plural: globalbgpconfigs + singular: globalbgpconfig diff --git a/cluster/addons/calico-policy-controller/globalfelixconfig-crd.yaml b/cluster/addons/calico-policy-controller/globalfelixconfig-crd.yaml new file mode 100644 index 0000000000..7e5c7b1969 --- /dev/null +++ b/cluster/addons/calico-policy-controller/globalfelixconfig-crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +description: Calico Global Felix Configuration +kind: CustomResourceDefinition +metadata: + name: globalfelixconfigs.crd.projectcalico.org + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: GlobalFelixConfig + plural: globalfelixconfigs + singular: globalfelixconfig diff --git a/cluster/addons/calico-policy-controller/globalnetworkpolicy-crd.yaml b/cluster/addons/calico-policy-controller/globalnetworkpolicy-crd.yaml new file mode 100644 index 0000000000..398c05949b --- /dev/null +++ b/cluster/addons/calico-policy-controller/globalnetworkpolicy-crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +description: Calico Global Network Policies +kind: CustomResourceDefinition +metadata: + name: globalnetworkpolicies.crd.projectcalico.org + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: GlobalNetworkPolicy + plural: globalnetworkpolicies + singular: globalnetworkpolicy diff --git a/cluster/addons/calico-policy-controller/ippool-crd.yaml b/cluster/addons/calico-policy-controller/ippool-crd.yaml new file mode 100644 index 0000000000..c09f73c188 --- /dev/null +++ b/cluster/addons/calico-policy-controller/ippool-crd.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +description: Calico IP Pools +kind: CustomResourceDefinition +metadata: + name: ippools.crd.projectcalico.org + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + scope: Cluster + group: crd.projectcalico.org + version: v1 + names: + kind: IPPool + plural: ippools + singular: ippool diff --git a/cluster/addons/calico-policy-controller/typha-deployment.yaml b/cluster/addons/calico-policy-controller/typha-deployment.yaml index dcc711ff89..f2442ffd02 100644 --- a/cluster/addons/calico-policy-controller/typha-deployment.yaml +++ b/cluster/addons/calico-policy-controller/typha-deployment.yaml @@ -8,7 +8,6 @@ metadata: addonmanager.kubernetes.io/mode: Reconcile k8s-app: calico-typha spec: - replicas: __CALICO_TYPHA_REPLICAS__ revisionHistoryLimit: 2 template: metadata: @@ -21,8 +20,9 @@ spec: - key: CriticalAddonsOnly operator: Exists hostNetwork: true + serviceAccountName: calico containers: - - image: calico/typha:v0.2.3 + - image: calico/typha:v0.4.1 name: calico-typha ports: - containerPort: 5473 @@ -45,13 +45,23 @@ spec: value: "kubernetes" - name: TYPHA_MAXCONNECTIONSLOWERLIMIT value: "1" + - name: TYPHA_HEALTHENABLED + value: "true" volumeMounts: - mountPath: /etc/calico name: etc-calico readOnly: true - resources: - requests: - cpu: __CALICO_TYPHA_CPU__ + livenessProbe: + httpGet: + path: /liveness + port: 9098 + periodSeconds: 30 + initialDelaySeconds: 30 + readinessProbe: + httpGet: + path: /readiness + port: 9098 + periodSeconds: 10 volumes: - name: etc-calico hostPath: diff --git a/cluster/addons/calico-policy-controller/typha-horizontal-autoscaler-configmap.yaml b/cluster/addons/calico-policy-controller/typha-horizontal-autoscaler-configmap.yaml new file mode 100644 index 0000000000..2f1c2b53eb --- /dev/null +++ b/cluster/addons/calico-policy-controller/typha-horizontal-autoscaler-configmap.yaml @@ -0,0 +1,24 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: calico-typha-horizontal-autoscaler + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +data: + ladder: |- + { + "coresToReplicas": [], + "nodesToReplicas": + [ + [1, 1], + [10, 2], + [100, 3], + [250, 4], + [500, 5], + [1000, 6], + [1500, 7], + [2000, 8] + ] + } diff --git a/cluster/addons/calico-policy-controller/typha-horizontal-autoscaler-deployment.yaml b/cluster/addons/calico-policy-controller/typha-horizontal-autoscaler-deployment.yaml new file mode 100644 index 0000000000..b5d7f657d5 --- /dev/null +++ b/cluster/addons/calico-policy-controller/typha-horizontal-autoscaler-deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: calico-typha-horizontal-autoscaler + namespace: kube-system + labels: + k8s-app: calico-typha-autoscaler + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + replicas: 1 + template: + metadata: + labels: + k8s-app: calico-typha-autoscaler + annotations: + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + containers: + - image: gcr.io/google_containers/cluster-proportional-autoscaler-amd64:1.1.2 + name: autoscaler + command: + - /cluster-proportional-autoscaler + - --namespace=kube-system + - --configmap=calico-typha-horizontal-autoscaler + - --target=deployment/calico-typha + - --logtostderr=true + - --v=2 + resources: + requests: + cpu: 10m + limits: + cpu: 10m diff --git a/cluster/addons/calico-policy-controller/typha-vertical-autoscaler-configmap.yaml b/cluster/addons/calico-policy-controller/typha-vertical-autoscaler-configmap.yaml new file mode 100644 index 0000000000..4300761e78 --- /dev/null +++ b/cluster/addons/calico-policy-controller/typha-vertical-autoscaler-configmap.yaml @@ -0,0 +1,22 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: calico-typha-vertical-autoscaler + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +data: + typha-autoscaler: |- + { + "calico-typha": { + "requests": { + "cpu": { + "base": "120m", + "step": "80m", + "nodesPerStep": 10, + "max": "1000m" + } + } + } + } diff --git a/cluster/addons/calico-policy-controller/typha-vertical-autoscaler-deployment.yaml b/cluster/addons/calico-policy-controller/typha-vertical-autoscaler-deployment.yaml new file mode 100644 index 0000000000..c59be9af62 --- /dev/null +++ b/cluster/addons/calico-policy-controller/typha-vertical-autoscaler-deployment.yaml @@ -0,0 +1,37 @@ +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + name: calico-typha-vertical-autoscaler + namespace: kube-system + labels: + k8s-app: calico-typha-autoscaler + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + replicas: 1 + template: + metadata: + labels: + k8s-app: calico-typha-autoscaler + annotations: + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + containers: + - image: gcr.io/google_containers/cpvpa-amd64:v0.6.0 + name: autoscaler + command: + - /cpvpa + - --target=deployment/calico-typha + - --namespace=kube-system + - --logtostderr=true + - --poll-period-seconds=30 + - --v=2 + - --config-file=/etc/config/typha-autoscaler + volumeMounts: + - name: config + mountPath: /etc/config + volumes: + - name: config + configMap: + name: calico-typha-vertical-autoscaler + serviceAccountName: calico-cpva diff --git a/cluster/gce/container-linux/configure-helper.sh b/cluster/gce/container-linux/configure-helper.sh index f4779165f1..28b2984dfd 100755 --- a/cluster/gce/container-linux/configure-helper.sh +++ b/cluster/gce/container-linux/configure-helper.sh @@ -34,54 +34,6 @@ function create-dirs { fi } -# Vars assumed: -# NUM_NODES -function get-calico-node-cpu { - local suggested_calico_cpus=100m - if [[ "${NUM_NODES}" -gt "10" ]]; then - suggested_calico_cpus=250m - fi - if [[ "${NUM_NODES}" -gt "100" ]]; then - suggested_calico_cpus=500m - fi - if [[ "${NUM_NODES}" -gt "500" ]]; then - suggested_calico_cpus=1000m - fi - echo "${suggested_calico_cpus}" -} - -# Vars assumed: -# NUM_NODES -function get-calico-typha-replicas { - local typha_count=1 - if [[ "${NUM_NODES}" -gt "10" ]]; then - typha_count=2 - fi - if [[ "${NUM_NODES}" -gt "100" ]]; then - typha_count=3 - fi - if [[ "${NUM_NODES}" -gt "250" ]]; then - typha_count=4 - fi - if [[ "${NUM_NODES}" -gt "500" ]]; then - typha_count=5 - fi - echo "${typha_count}" -} - -# Vars assumed: -# NUM_NODES -function get-calico-typha-cpu { - local typha_cpu=200m - if [[ "${NUM_NODES}" -gt "10" ]]; then - typha_cpu=500m - fi - if [[ "${NUM_NODES}" -gt "100" ]]; then - typha_cpu=1000m - fi - echo "${typha_cpu}" -} - # Create directories referenced in the kube-controller-manager manifest for # bindmounts. This is used under the rkt runtime to work around # https://github.com/kubernetes/kubernetes/issues/26816 @@ -1363,20 +1315,9 @@ function start-kube-addons { if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then setup-addon-manifests "addons" "calico-policy-controller" - # Configure Calico based on cluster size and image type. + # Configure Calico CNI directory. local -r ds_file="${dst_dir}/calico-policy-controller/calico-node-daemonset.yaml" - local -r typha_dep_file="${dst_dir}/calico-policy-controller/typha-deployment.yaml" sed -i -e "s@__CALICO_CNI_DIR__@/opt/cni/bin@g" "${ds_file}" - sed -i -e "s@__CALICO_NODE_CPU__@$(get-calico-node-cpu)@g" "${ds_file}" - sed -i -e "s@__CALICO_TYPHA_CPU__@$(get-calico-typha-cpu)@g" "${typha_dep_file}" - sed -i -e "s@__CALICO_TYPHA_REPLICAS__@$(get-calico-typha-replicas)@g" "${typha_dep_file}" - else - # If not configured to use Calico, the set the typha replica count to 0, but only if the - # addon is present. - local -r typha_dep_file="${dst_dir}/calico-policy-controller/typha-deployment.yaml" - if [[ -e $typha_dep_file ]]; then - sed -i -e "s@__CALICO_TYPHA_REPLICAS__@0@g" "${typha_dep_file}" - fi fi if [[ "${ENABLE_DEFAULT_STORAGE_CLASS:-}" == "true" ]]; then setup-addon-manifests "addons" "storage-class/gce" diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index 863a2d6bac..d15f543ebd 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -32,54 +32,6 @@ function setup-os-params { echo "core.%e.%p.%t" > /proc/sys/kernel/core_pattern } -# Vars assumed: -# NUM_NODES -function get-calico-node-cpu { - local suggested_calico_cpus=100m - if [[ "${NUM_NODES}" -gt "10" ]]; then - suggested_calico_cpus=250m - fi - if [[ "${NUM_NODES}" -gt "100" ]]; then - suggested_calico_cpus=500m - fi - if [[ "${NUM_NODES}" -gt "500" ]]; then - suggested_calico_cpus=1000m - fi - echo "${suggested_calico_cpus}" -} - -# Vars assumed: -# NUM_NODES -function get-calico-typha-replicas { - local typha_count=1 - if [[ "${NUM_NODES}" -gt "10" ]]; then - typha_count=2 - fi - if [[ "${NUM_NODES}" -gt "100" ]]; then - typha_count=3 - fi - if [[ "${NUM_NODES}" -gt "250" ]]; then - typha_count=4 - fi - if [[ "${NUM_NODES}" -gt "500" ]]; then - typha_count=5 - fi - echo "${typha_count}" -} - -# Vars assumed: -# NUM_NODES -function get-calico-typha-cpu { - local typha_cpu=200m - if [[ "${NUM_NODES}" -gt "10" ]]; then - typha_cpu=500m - fi - if [[ "${NUM_NODES}" -gt "100" ]]; then - typha_cpu=1000m - fi - echo "${typha_cpu}" -} - function config-ip-firewall { echo "Configuring IP firewall rules" # The GCI image has host firewall which drop most inbound/forwarded packets. @@ -1796,20 +1748,9 @@ function start-kube-addons { if [[ "${NETWORK_POLICY_PROVIDER:-}" == "calico" ]]; then setup-addon-manifests "addons" "calico-policy-controller" - # Configure Calico based on cluster size and image type. + # Configure Calico CNI directory. local -r ds_file="${dst_dir}/calico-policy-controller/calico-node-daemonset.yaml" - local -r typha_dep_file="${dst_dir}/calico-policy-controller/typha-deployment.yaml" sed -i -e "s@__CALICO_CNI_DIR__@/home/kubernetes/bin@g" "${ds_file}" - sed -i -e "s@__CALICO_NODE_CPU__@$(get-calico-node-cpu)@g" "${ds_file}" - sed -i -e "s@__CALICO_TYPHA_CPU__@$(get-calico-typha-cpu)@g" "${typha_dep_file}" - sed -i -e "s@__CALICO_TYPHA_REPLICAS__@$(get-calico-typha-replicas)@g" "${typha_dep_file}" - else - # If not configured to use Calico, the set the typha replica count to 0, but only if the - # addon is present. - local -r typha_dep_file="${dst_dir}/calico-policy-controller/typha-deployment.yaml" - if [[ -e $typha_dep_file ]]; then - sed -i -e "s@__CALICO_TYPHA_REPLICAS__@0@g" "${typha_dep_file}" - fi fi if [[ "${ENABLE_DEFAULT_STORAGE_CLASS:-}" == "true" ]]; then setup-addon-manifests "addons" "storage-class/gce"