How To Change calicoIpIpMode to Never in Existing PMK Cluster
Problem
How to change calicoIpIpMode to Never in an existing PMK cluster?
Environment
- Platform9 Managed Kubernetes - v5.2 and Higher
- Calico CNI
Procedure
For example, consider a single master node Calico CNI cluster created with calicoIpIpMode as Always.
# cat /etc/pf9/kube.env | grep -i "CALICO_IPIP_MODE"export CALICO_IPIP_MODE="Always"Reference: How-To Run Calicoctl Commands
# /opt/pf9/pf9-kube/bin/calicoctl get ippools default-ipv4-ippoolNAME CIDR SELECTORdefault-ipv4-ippool 10.20.0.0/16 all()# /opt/pf9/pf9-kube/bin/calicoctl get ippools default-ipv4-ippool --export -o yaml > default-ipv4-ippool.yaml# cat default-ipv4-ippool.yamlapiVersion: projectcalico.org/v3kind: IPPoolmetadata: creationTimestamp: null name: default-ipv4-ippoolspec: blockSize: 26 cidr: 10.20.0.0/16 ipipMode: Always natOutgoing: true nodeSelector: all() vxlanMode: NeverChange the ipipMode from Always to Never & apply the change. Once this is done, the change will get updated on the routing table of all nodes part of the cluster.
# cat default-ipv4-ippool.yamlapiVersion: projectcalico.org/v3kind: IPPoolmetadata: creationTimestamp: null name: default-ipv4-ippoolspec: blockSize: 26 cidr: 10.20.0.0/16 ipipMode: Never natOutgoing: true nodeSelector: all() vxlanMode: Never# /opt/pf9/pf9-kube/bin/calicoctl apply -f default-ipv4-ippool.yamlSuccessfully applied 1 'IPPool' resource(s)As long as the IPPool object exists in the cluster, independently of the changed contents, it will not be recreated post cluster upgrade. However, as good practice, one can also opt to update the value in Qbert DB, so that when the next upgrade/reboot of the stack happens, the information displayed for the cluster with regards to the calico properties is up to date. Please reach out to Platform9 Support to get the change implemented in Qbert DB for SaaS customers.
##