Skip to content

Commit

Permalink
Merge pull request #1489 from GiganticMinecraft/fix-bgp-local-as
Browse files Browse the repository at this point in the history 
update cilium config
  • Loading branch information
@unchama
unchama authored Dec 15, 2023
2 parents c7b8a5d + cdbc293 commit 4d54724
Show file tree
Hide file tree
Showing 3 changed files with 171 additions and 173 deletions.
173 changes: 0 additions & 173 deletions ...-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,176 +58,3 @@ spec:
automated:
prune: true
selfHeal: true
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumLoadBalancerIPPool
metadata:
name: "lb-pool"
spec:
cidrs:
# 10.96.0.0-10.96.3.255 をloadBalancerのIPに割当可能
- cidr: "10.96.0.0/22"
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-cp-1
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-cp-1
virtualRouters:
- localASN: 65184
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120

---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-cp-2
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-cp-2
virtualRouters:
- localASN: 65184
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-cp-3
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-cp-3
virtualRouters:
- localASN: 65184
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-wk-1
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-wk-1
virtualRouters:
- localASN: 65184
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-wk-2
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-wk-2
virtualRouters:
- localASN: 65184
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-wk-3
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-wk-3
virtualRouters:
- localASN: 65184
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
163 changes: 163 additions & 0 deletions ...ifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-cp-1
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-cp-1
virtualRouters:
- localASN: 65201
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120

---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-cp-2
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-cp-2
virtualRouters:
- localASN: 65202
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-cp-3
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-cp-3
virtualRouters:
- localASN: 65203
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-wk-1
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-wk-1
virtualRouters:
- localASN: 65301
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-wk-2
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-wk-2
virtualRouters:
- localASN: 65302
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
apiVersion: "cilium.io/v2alpha1"
kind: CiliumBGPPeeringPolicy
metadata:
name: peerpolicy--seichi-onp-k8s-wk-3
spec:
nodeSelector:
matchLabels:
kubernetes.io/hostname: seichi-onp-k8s-wk-3
virtualRouters:
- localASN: 65303
exportPodCIDR: true
# 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
# https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
serviceSelector:
matchExpressions:
- {key: somekey, operator: NotIn, values: ['never-used-value']}
neighbors:
- peerAddress: "192.168.3.254/32"
peerASN: 65184
eBGPMultihopTTL: 10
connectRetryTimeSeconds: 120
holdTimeSeconds: 90
keepAliveTimeSeconds: 30
gracefulRestart:
enabled: true
restartTimeSeconds: 120
---
8 changes: 8 additions & 0 deletions ...sts/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/loadlbalancer-ip-pool.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: "cilium.io/v2alpha1"
kind: CiliumLoadBalancerIPPool
metadata:
name: "lb-pool"
spec:
cidrs:
# 10.96.0.0-10.96.3.255 をloadBalancerのIPに割当可能
- cidr: "10.96.0.0/22"

0 comments on commit 4d54724

Please sign in to comment.