diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml index d340f2d6a..4c192c71a 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml @@ -8,7 +8,7 @@ spec: source: chart: cilium repoURL: https://helm.cilium.io/ - targetRevision: 1.15.7 + targetRevision: 1.16.5 helm: releaseName: cilium values: | @@ -23,9 +23,14 @@ spec: algorithm: maglev routingMode: native bpf: + datapathMode: netkit masquerade: true + bandwidthManager: + enabled: true + bbr: true ipv4: enabled: true + enableIPv4BIGTCP: true ipv4NativeRoutingCIDR: "10.96.128.0/18" # modify it if necessary ipam: operator: diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy-v2.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy-v2.yaml deleted file mode 100644 index 7ce6840c5..000000000 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy-v2.yaml +++ /dev/null @@ -1,155 +0,0 @@ -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPClusterConfig -metadata: - name: cilium-bgp-cluster-config-cp-1 -spec: - nodeSelector: - matchLabels: - kubernetes.io/hostname: seichi-onp-k8s-cp-1 - bgpInstances: - - name: "instance-65201" - localASN: 65201 - peers: - - name: "peer-to-router" - peerASN: 65184 - peerAddress: 192.168.3.254 - peerConfigRef: - name: "common-peer-config" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPClusterConfig -metadata: - name: cilium-bgp-cluster-config-cp-2 -spec: - nodeSelector: - matchLabels: - kubernetes.io/hostname: seichi-onp-k8s-cp-2 - bgpInstances: - - name: "instance-65202" - localASN: 65202 - peers: - - name: "peer-to-router" - peerASN: 65184 - peerAddress: 192.168.3.254 - peerConfigRef: - name: "common-peer-config" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPClusterConfig -metadata: - name: cilium-bgp-cluster-config-cp-3 -spec: - nodeSelector: - matchLabels: - kubernetes.io/hostname: seichi-onp-k8s-cp-3 - bgpInstances: - - name: "instance-65203" - localASN: 65203 - peers: - - name: "peer-to-router" - peerASN: 65184 - peerAddress: 192.168.3.254 - peerConfigRef: - name: "common-peer-config" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPClusterConfig -metadata: - name: cilium-bgp-cluster-config-wk-1 -spec: - nodeSelector: - matchLabels: - kubernetes.io/hostname: seichi-onp-k8s-wk-1 - bgpInstances: - - name: "instance-65301" - localASN: 65301 - peers: - - name: "peer-to-router" - peerASN: 65184 - peerAddress: 192.168.3.254 - peerConfigRef: - name: "common-peer-config" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPClusterConfig -metadata: - name: cilium-bgp-cluster-config-wk-2 -spec: - nodeSelector: - matchLabels: - kubernetes.io/hostname: seichi-onp-k8s-wk-2 - bgpInstances: - - name: "instance-65302" - localASN: 65302 - peers: - - name: "peer-to-router" - peerASN: 65184 - peerAddress: 192.168.3.254 - peerConfigRef: - name: "common-peer-config" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPClusterConfig -metadata: - name: cilium-bgp-cluster-config-wk-3 -spec: - nodeSelector: - matchLabels: - kubernetes.io/hostname: seichi-onp-k8s-wk-3 - bgpInstances: - - name: "instance-65303" - localASN: 65303 - peers: - - name: "peer-to-router" - peerASN: 65184 - peerAddress: 192.168.3.254 - peerConfigRef: - name: "common-peer-config" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPPeerConfig -metadata: - name: common-peer-config -spec: - timers: - connectRetryTimeSeconds: 120 - holdTimeSeconds: 90 - keepAliveTimeSeconds: 30 - gracefulRestart: - enabled: true - restartTimeSeconds: 120 - families: - - afi: ipv4 - safi: unicast - advertisements: - matchLabels: - advertise: podcidr - - afi: ipv4 - safi: unicast - advertisements: - matchLabels: - advertise: service ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPAdvertisement -metadata: - name: podcidr-advertisement - labels: - advertise: podcidr -spec: - advertisements: - - advertisementType: "PodCIDR" ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumBGPAdvertisement -metadata: - name: service-advertisement - labels: - advertise: service -spec: - advertisements: - - advertisementType: "Service" - service: - addresses: - - ClusterIP - - LoadBalancerIP diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy.yaml index 3d1ca56c9..29e1dd605 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/cilium-networking/bgp-peering-policy.yaml @@ -14,7 +14,7 @@ spec: # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements serviceSelector: matchExpressions: - - {key: somekey, operator: NotIn, values: ['never-used-value']} + - {key: somekey, operator: NotIn, values: ['never-used-value']} neighbors: - peerAddress: "192.168.3.254/32" peerASN: 65184 @@ -28,7 +28,6 @@ spec: gracefulRestart: enabled: true restartTimeSeconds: 120 - --- apiVersion: "cilium.io/v2alpha1" kind: CiliumBGPPeeringPolicy @@ -45,7 +44,7 @@ spec: # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements serviceSelector: matchExpressions: - - {key: somekey, operator: NotIn, values: ['never-used-value']} + - {key: somekey, operator: NotIn, values: ['never-used-value']} neighbors: - peerAddress: "192.168.3.254/32" peerASN: 65184 @@ -75,7 +74,7 @@ spec: # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements serviceSelector: matchExpressions: - - {key: somekey, operator: NotIn, values: ['never-used-value']} + - {key: somekey, operator: NotIn, values: ['never-used-value']} neighbors: - peerAddress: "192.168.3.254/32" peerASN: 65184 @@ -105,7 +104,7 @@ spec: # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements serviceSelector: matchExpressions: - - {key: somekey, operator: NotIn, values: ['never-used-value']} + - {key: somekey, operator: NotIn, values: ['never-used-value']} neighbors: - peerAddress: "192.168.3.254/32" peerASN: 65184 @@ -135,7 +134,7 @@ spec: # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements serviceSelector: matchExpressions: - - {key: somekey, operator: NotIn, values: ['never-used-value']} + - {key: somekey, operator: NotIn, values: ['never-used-value']} neighbors: - peerAddress: "192.168.3.254/32" peerASN: 65184 @@ -165,7 +164,7 @@ spec: # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements serviceSelector: matchExpressions: - - {key: somekey, operator: NotIn, values: ['never-used-value']} + - {key: somekey, operator: NotIn, values: ['never-used-value']} neighbors: - peerAddress: "192.168.3.254/32" peerASN: 65184