tiller net=host #2222
Comments
|
That seems like an option we should be able to add easily. |
When 'helm init --net-host=true' is run, Tiller will be installed with access to the host network (net=host in Docker) Closes helm#2222
When 'helm init --net-host=true' is run, Tiller will be installed with access to the host network (net=host in Docker) Closes helm#2222
|
@kfox1111 bin is here if you want to test. |
|
This works good. Thank you. :) |
|
@technosophos afaik if we want this in, we just need to decide on final flag name and description. |
|
I have a slight preference to --net-host instead of --host-net, as its closer to whats in docker. but doesn't matter too much. One question would be when this would merge. If its going in to 2.3.1, I think its probably fine as is. If its going to wait for 2.4.0, then maybe we should ask the question, should it be defaulted on, and can be turned off rather then off and defaulted on? --net-sdn or something. Switching the default would be simpler for those wanting to deploy sdn and other low level things out of the box and I think should still work for everyone still. |
|
I believe this would also get around the problem of not having socat on nodes running kubelet. Maybe I'm wrong but I can test in my cluster. |
|
@kfox1111 i agree --net-host is better. I got it backwards myself telling someone so i think --net-host is more intuitive. |
|
@jascott1 a couple of other issues found while testing this: could the following toleration be added: and, some way to add nodeSelector's so tiller can be targeted to specific hosts rather then floating around the cluster. helm init -n key=value? Its kind of unrelated to this PR, but touches the same code. |
|
@kfox1111 So we want a switch to add that toleration or just use the key/value pattern like you suggested for nodeSelectors? |
|
hmm... a switch maybe? --on-master? |
|
or I guess it could be a switch. --tolerations key=value. a little harder to use, but very generic. |
|
We should probably go for --tolerations and --node-selectors |
|
Sounds good to me. :) |
|
@technosophos Sounds good? |
When 'helm init --net-host=true' is run, Tiller will be installed with access to the host network (net=host in Docker) Closes helm#2222
When 'helm init --net-host=true' is run, Tiller will be installed with access to the host network (net=host in Docker) Closes helm#2222
I'd like to use helm to deploy sdn plugins such as canal, calico or weave. This would allow much more easily configured sdn's due to helms templating engine. To do so, requires tiller to be running before the sdn.
Due to the way helm contacts tiller via proxy without using a svc, This seems to work by simply by launching tiller's pod with net=host.
Can support for that be added as a command line flag to helm init?
The text was updated successfully, but these errors were encountered: