calico: upstream pr preparation by vsoch · Pull Request #7 · converged-computing/usernetes

vsoch · 2026-01-25T23:48:27Z

I'm not sure if this will be possible, but I'm trying to cleanup our current calico install. I was able to install from a release and then apply our custom manifests, but (so far) haven't been able to do the entire thing cleanly with yq. It's a weird case of needing to apply the initial setup they have, but then remove it and re-apply the customizations, importantly keeping the IP: autodetect set so the calico.vxlan network shows up with ip addr. I am finding that when I try to patch from the getgo with yq I run into a myriad of errors. If I don't create our customizations with autodetect the network has issues too. I still think it might be possible, and the next step is to look closely at what we have for the individual configs here and compare with what is being installed upstream.

Update: I've now removed all custom manifests - we get the upstream manifest and make all changes with yq. There are quite a few, but I think this is probably the slimmiest I can get it for something to review / easily see changes.

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

The user can install calico (even using the same flannel port) via a CRD for it, adding the rules for it, customizing the Daemonset env and the addresses that the containers use. Signed-off-by: vsoch <vsoch@users.noreply.github.com>

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

vsoch · 2026-02-04T16:45:45Z

@AkihiroSuda please take a look at these changes.

AkihiroSuda · 2026-02-05T04:16:17Z

Why does this need to be a daemonset?
Could be in https://github.com/rootless-containers/usernetes/tree/master/Dockerfile.d

We also had it as a COPY to the container via a udev rules files, but I don't think it took. At least whatever state changes the initial calico install triggered might have undone it.

AkihiroSuda · 2026-02-05T04:19:16Z

+wget https://raw.githubusercontent.com/projectcalico/calico/refs/heads/release-v3.31/manifests/calico.yaml -O $CALICO_FILE
+
+# backend to vxlan
+yq eval-all -i '(select(.kind == "ConfigMap" and .metadata.name == "calico-config").data.calico_backend) = "vxlan"' $CALICO_FILE


Can we use helm with values.yaml ?
https://docs.tigera.io/calico/latest/getting-started/kubernetes/helm

No we tried for weeks to get helm working - it was too complex. If you want to try and are successful we can do some testing of what you find.

Signed-off-by: Vanessa Sochat <814322+vsoch@users.noreply.github.com>

This is for our environment and I do not think is wanted here. Signed-off-by: Vanessa Sochat <814322+vsoch@users.noreply.github.com>

vsoch and others added 5 commits January 22, 2026 12:50

feat: example to add amd gpus

eb808ca

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

feat: add option to install calico

073e26f

The user can install calico (even using the same flannel port) via a CRD for it, adding the rules for it, customizing the Daemonset env and the addresses that the containers use. Signed-off-by: vsoch <vsoch@users.noreply.github.com>

Merge branch 'develop' into add-corona-calico

b818e49

wip: updating to simplify calico deploy

1e25811

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

wip: cleanup calico install

36b7501

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

vsoch mentioned this pull request Jan 25, 2026

Add corona calico #5

Open

vsoch added 2 commits January 25, 2026 21:31

update: remove extra configs in favor of yq

6c429ae

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

nit: remove corona changes of images

602ebb4

Signed-off-by: vsoch <vsoch@users.noreply.github.com>

vsoch force-pushed the calico-upstream-pr branch from 9efd023 to 602ebb4 Compare January 26, 2026 05:38