From 8a153ed38e88293c470c7247e281576165b7c2d2 Mon Sep 17 00:00:00 2001 From: Andrii <28559404+anjkl@users.noreply.github.com> Date: Wed, 25 Nov 2020 15:34:39 +0200 Subject: [PATCH] Add serviceExternalIPs option for calico installation (#6928) --- docs/calico.md | 9 +++++++++ .../sample/group_vars/k8s-cluster/k8s-net-calico.yml | 5 +++++ roles/network_plugin/calico/defaults/main.yml | 3 +++ roles/network_plugin/calico/tasks/install.yml | 7 +++++++ 4 files changed, 24 insertions(+) diff --git a/docs/calico.md b/docs/calico.md index f48bda94118..f722a09328e 100644 --- a/docs/calico.md +++ b/docs/calico.md @@ -93,6 +93,15 @@ This can be enabled by setting the following variable as follow in group_vars (k calico_advertise_cluster_ips: true ``` +Since calico 3.10, Calico supports advertising Kubernetes service ExternalIPs over BGP in addition to cluster IPs advertising. +This can be enabled by setting the following variable in group_vars (k8s-cluster/k8s-net-calico.yml) + +```yml +calico_advertise_service_external_ips: +- x.x.x.x/24 +- y.y.y.y/32 +``` + ### Optional : Define global AS number Optional parameter `global_as_num` defines Calico global AS number (`/calico/bgp/v1/global/as_num` etcd key). diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml index 5badefd402e..8e70ccec19c 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml @@ -38,6 +38,11 @@ # Advertise Cluster IPs # calico_advertise_cluster_ips: true +# Advertise Service External IPs +# calico_advertise_service_external_ips: +# - x.x.x.x/24 +# - y.y.y.y/32 + # Choose data store type for calico: "etcd" or "kdd" (kubernetes datastore) # calico_datastore: "etcd" diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml index 1cf703cc170..b43f45c9d1b 100644 --- a/roles/network_plugin/calico/defaults/main.yml +++ b/roles/network_plugin/calico/defaults/main.yml @@ -22,6 +22,9 @@ global_as_num: "64512" # defaults. The value should be a number, not a string. # calico_mtu: 1500 +# Advertise Service External IPs +calico_advertise_service_external_ips: [] + # Limits for apps calico_node_memory_limit: 500M calico_node_cpu_limit: 300m diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml index 7721c591d0c..19d7100bd36 100644 --- a/roles/network_plugin/calico/tasks/install.yml +++ b/roles/network_plugin/calico/tasks/install.yml @@ -154,6 +154,12 @@ - inventory_hostname == groups['kube-master'][0] - 'calico_conf.stdout == "0"' +- name: Populate Service External IPs + set_fact: + _service_external_ips: "{{ _service_external_ips|default([]) + [ {'cidr': item} ] }}" + with_items: "{{ calico_advertise_service_external_ips }}" + run_once: yes + - name: "Determine nodeToNodeMesh needed state" set_fact: nodeToNodeMeshEnabled: "false" @@ -174,6 +180,7 @@ "spec": { "logSeverityScreen": "Info", "nodeToNodeMeshEnabled": {{ nodeToNodeMeshEnabled|default('true') }} , + "serviceExternalIPs": {{ _service_external_ips|default([]) }}, "asNumber": {{ global_as_num }} }} changed_when: false when: