| blob | 05987df88c1873449b2c8cf80b67f9b6be8429db |
1 { config, lib, pkgs, ... }:
2 let
3 cfg = config.services.flannel;
5 networkConfig = lib.filterAttrs (n: v: v != null) {
6 Network = cfg.network;
7 SubnetLen = cfg.subnetLen;
8 SubnetMin = cfg.subnetMin;
9 SubnetMax = cfg.subnetMax;
10 Backend = cfg.backend;
11 };
12 in {
13 options.services.flannel = {
14 enable = lib.mkEnableOption "flannel";
16 package = lib.mkPackageOption pkgs "flannel" { };
18 publicIp = lib.mkOption {
19 description = ''
20 IP accessible by other nodes for inter-host communication.
21 Defaults to the IP of the interface being used for communication.
22 '';
23 type = lib.types.nullOr lib.types.str;
24 default = null;
25 };
27 iface = lib.mkOption {
28 description = ''
29 Interface to use (IP or name) for inter-host communication.
30 Defaults to the interface for the default route on the machine.
31 '';
32 type = lib.types.nullOr lib.types.str;
33 default = null;
34 };
36 etcd = {
37 endpoints = lib.mkOption {
38 description = "Etcd endpoints";
39 type = lib.types.listOf lib.types.str;
40 default = ["http://127.0.0.1:2379"];
41 };
43 prefix = lib.mkOption {
44 description = "Etcd key prefix";
45 type = lib.types.str;
46 default = "/coreos.com/network";
47 };
49 caFile = lib.mkOption {
50 description = "Etcd certificate authority file";
51 type = lib.types.nullOr lib.types.path;
52 default = null;
53 };
55 certFile = lib.mkOption {
56 description = "Etcd cert file";
57 type = lib.types.nullOr lib.types.path;
58 default = null;
59 };
61 keyFile = lib.mkOption {
62 description = "Etcd key file";
63 type = lib.types.nullOr lib.types.path;
64 default = null;
65 };
66 };
68 kubeconfig = lib.mkOption {
69 description = ''
70 Path to kubeconfig to use for storing flannel config using the
71 Kubernetes API
72 '';
73 type = lib.types.nullOr lib.types.path;
74 default = null;
75 };
77 network = lib.mkOption {
78 description = " IPv4 network in CIDR format to use for the entire flannel network.";
79 type = lib.types.str;
80 };
82 nodeName = lib.mkOption {
83 description = ''
84 Needed when running with Kubernetes as backend as this cannot be auto-detected";
85 '';
86 type = lib.types.nullOr lib.types.str;
87 default = config.networking.fqdnOrHostName;
88 defaultText = lib.literalExpression "config.networking.fqdnOrHostName";
89 example = "node1.example.com";
90 };
92 storageBackend = lib.mkOption {
93 description = "Determines where flannel stores its configuration at runtime";
94 type = lib.types.enum ["etcd" "kubernetes"];
95 default = "etcd";
96 };
98 subnetLen = lib.mkOption {
99 description = ''
100 The size of the subnet allocated to each host. Defaults to 24 (i.e. /24)
101 unless the Network was configured to be smaller than a /24 in which case
102 it is one less than the network.
103 '';
104 type = lib.types.int;
105 default = 24;
106 };
108 subnetMin = lib.mkOption {
109 description = ''
110 The beginning of IP range which the subnet allocation should start with.
111 Defaults to the first subnet of Network.
112 '';
113 type = lib.types.nullOr lib.types.str;
114 default = null;
115 };
117 subnetMax = lib.mkOption {
118 description = ''
119 The end of IP range which the subnet allocation should start with.
120 Defaults to the last subnet of Network.
121 '';
122 type = lib.types.nullOr lib.types.str;
123 default = null;
124 };
126 backend = lib.mkOption {
127 description = "Type of backend to use and specific configurations for that backend.";
128 type = lib.types.attrs;
129 default = {
130 Type = "vxlan";
131 };
132 };
133 };
135 config = lib.mkIf cfg.enable {
136 systemd.services.flannel = {
137 description = "Flannel Service";
138 wantedBy = [ "multi-user.target" ];
139 after = [ "network.target" ];
140 environment = {
141 FLANNELD_PUBLIC_IP = cfg.publicIp;
142 FLANNELD_IFACE = cfg.iface;
143 } // lib.optionalAttrs (cfg.storageBackend == "etcd") {
144 FLANNELD_ETCD_ENDPOINTS = lib.concatStringsSep "," cfg.etcd.endpoints;
145 FLANNELD_ETCD_KEYFILE = cfg.etcd.keyFile;
146 FLANNELD_ETCD_CERTFILE = cfg.etcd.certFile;
147 FLANNELD_ETCD_CAFILE = cfg.etcd.caFile;
148 ETCDCTL_CERT = cfg.etcd.certFile;
149 ETCDCTL_KEY = cfg.etcd.keyFile;
150 ETCDCTL_CACERT = cfg.etcd.caFile;
151 ETCDCTL_ENDPOINTS = lib.concatStringsSep "," cfg.etcd.endpoints;
152 ETCDCTL_API = "3";
153 } // lib.optionalAttrs (cfg.storageBackend == "kubernetes") {
154 FLANNELD_KUBE_SUBNET_MGR = "true";
155 FLANNELD_KUBECONFIG_FILE = cfg.kubeconfig;
156 NODE_NAME = cfg.nodeName;
157 };
158 path = [ pkgs.iptables ];
159 preStart = lib.optionalString (cfg.storageBackend == "etcd") ''
160 echo "setting network configuration"
161 until ${pkgs.etcd}/bin/etcdctl put /coreos.com/network/config '${builtins.toJSON networkConfig}'
162 do
163 echo "setting network configuration, retry"
164 sleep 1
165 done
166 '';
167 serviceConfig = {
168 ExecStart = "${cfg.package}/bin/flannel";
169 Restart = "always";
170 RestartSec = "10s";
171 RuntimeDirectory = "flannel";
172 };
173 };
175 services.etcd.enable = lib.mkDefault (cfg.storageBackend == "etcd" && cfg.etcd.endpoints == ["http://127.0.0.1:2379"]);
177 # for some reason, flannel doesn't let you configure this path
178 # see: https://github.com/coreos/flannel/blob/master/Documentation/configuration.md#configuration
179 environment.etc."kube-flannel/net-conf.json" = lib.mkIf (cfg.storageBackend == "kubernetes") {
180 source = pkgs.writeText "net-conf.json" (builtins.toJSON networkConfig);
181 };
182 };
183 }