kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat(calico): add support for numAllowedLocalASNumbers on bgppeers per node definition (#11570)

pull/11377/head
Erwan Miran 2024-09-28 11:06:01 +02:00 committed by GitHub
parent 24e1765ae2
commit 8c3b2851f6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/CNI/calico.md
View File

@ -89,9 +89,12 @@ node1 ansible_ssh_host=95.54.0.12 local_as=xxxxxx
Peers can be defined using the `peers` variable (see docs/calico_peer_example examples). Peers can be defined using the `peers` variable (see docs/calico_peer_example examples).
In order to define global peers, the `peers` variable can be defined in group_vars with the "scope" attribute of each global peer set to "global". In order to define global peers, the `peers` variable can be defined in group_vars with the "scope" attribute of each global peer set to "global".
In order to define peers on a per node basis, the `peers` variable must be defined in hostvars. In order to define peers on a per node basis, the `peers` variable must be defined in hostvars or group_vars with the "scope" attribute unset or set to "node".
NB: Ansible's `hash_behaviour` is by default set to "replace", thus defining both global and per node peers would end up with having only per node peers. If having both global and per node peers defined was meant to happen, global peers would have to be defined in hostvars for each host (as well as per node peers) NB: Ansible's `hash_behaviour` is by default set to "replace", thus defining both global and per node peers would end up with having only per node peers. If having both global and per node peers defined was meant to happen, global peers would have to be defined in hostvars for each host (as well as per node peers)
NB²: Peers definition at node scope can be customized with additional fields `filters`, `sourceAddress` and `numAllowedLocalASNumbers` (see <https://docs.tigera.io/calico/latest/reference/resources/bgppeer> for details)
Since calico 3.4, Calico supports advertising Kubernetes service cluster IPs over BGP, just as it advertises pod IPs. Since calico 3.4, Calico supports advertising Kubernetes service cluster IPs over BGP, just as it advertises pod IPs.
This can be enabled by setting the following variable as follow in group_vars (k8s_cluster/k8s-net-calico.yml) This can be enabled by setting the following variable as follow in group_vars (k8s_cluster/k8s-net-calico.yml)

4
docs/calico_peer_example/new-york.yml
View File

@ -2,9 +2,13 @@
# peers: # peers:
# - router_id: "10.99.0.34" # - router_id: "10.99.0.34"
# as: "65xxx" # as: "65xxx"
# filters: []
# numallowedlocalasnumbers: 0
# sourceaddress: "None" # sourceaddress: "None"
# - router_id: "10.99.0.35" # - router_id: "10.99.0.35"
# as: "65xxx" # as: "65xxx"
# filters: []
# numallowedlocalasnumbers: 0
# sourceaddress: "None" # sourceaddress: "None"
# loadbalancer_apiserver: # loadbalancer_apiserver:

4
docs/calico_peer_example/paris.yml
View File

@ -2,9 +2,13 @@
# peers: # peers:
# - router_id: "10.99.0.2" # - router_id: "10.99.0.2"
# as: "65xxx" # as: "65xxx"
# filters: []
# numallowedlocalasnumbers: 0
# sourceaddress: "None" # sourceaddress: "None"
# - router_id: "10.99.0.3" # - router_id: "10.99.0.3"
# as: "65xxx" # as: "65xxx"
# filters: []
# numallowedlocalasnumbers: 0
# sourceaddress: "None" # sourceaddress: "None"
# loadbalancer_apiserver: # loadbalancer_apiserver:

3
roles/network_plugin/calico/tasks/peer_with_router.yml
View File

@ -100,6 +100,9 @@
{% if calico_version is version('v3.26.0', '>=') and (item.filters | default([]) | length > 0) %} {% if calico_version is version('v3.26.0', '>=') and (item.filters | default([]) | length > 0) %}
"filters": {{ item.filters }}, "filters": {{ item.filters }},
{% endif %} {% endif %}
{% if calico_version is version('v3.23.0', '>=') and (item.numallowedlocalasnumbers | default(0) > 0) %}
"numAllowedLocalASNumbers": {{ item.numallowedlocalasnumbers }},
{% endif %}
"sourceAddress": "{{ item.sourceaddress | default('UseNodeIP') }}" "sourceAddress": "{{ item.sourceaddress | default('UseNodeIP') }}"
}} }}
register: output register: output