From 57b48648ab4461a68b63b5186aa25e166afe8a34 Mon Sep 17 00:00:00 2001 From: Camillo Date: Wed, 2 Sep 2020 17:40:24 +1000 Subject: [PATCH 1/2] Support for Subnet Scope --- provision/acc_provision/acc_provision.py | 2 ++ provision/acc_provision/apic_provision.py | 10 ++++++++-- .../acc_provision/templates/provision-config.yaml | 5 +++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/provision/acc_provision/acc_provision.py b/provision/acc_provision/acc_provision.py index 29c819ea6..4e59246e0 100755 --- a/provision/acc_provision/acc_provision.py +++ b/provision/acc_provision/acc_provision.py @@ -182,7 +182,9 @@ def config_default(): }, "net_config": { "node_subnet": None, + "node_subnet_scope": ['public'], "pod_subnet": None, + "pod_subnet_scope": ['private'], "pod_subnet_chunk_size": 32, "extern_dynamic": None, "extern_static": None, diff --git a/provision/acc_provision/apic_provision.py b/provision/acc_provision/apic_provision.py index 5b00f5d75..ed8bd40cd 100644 --- a/provision/acc_provision/apic_provision.py +++ b/provision/acc_provision/apic_provision.py @@ -2789,7 +2789,9 @@ def kube_tn(self, flavor): kube_vrf = self.config["aci_config"]["vrf"]["name"] kube_l3out = self.config["aci_config"]["l3out"]["name"] node_subnet = self.config["net_config"]["node_subnet"] + node_subnet_scope = ",".join([str(x) for x in self.config["net_config"]["node_subnet_scope"]]) pod_subnet = self.config["net_config"]["pod_subnet"] + pod_subnet_scope = ",".join([str(x) for x in self.config["net_config"]["pod_subnet_scope"]]) kade = self.config["kube_config"].get("allow_kube_api_default_epg") or \ self.config["kube_config"].get("allow_pods_kube_api_access") eade = self.config["kube_config"].get("allow_pods_external_access") @@ -2975,13 +2977,17 @@ def kube_tn(self, flavor): [ ( "attributes", - collections.OrderedDict([("ip", node_subnet), ("scope", "public")]), + collections.OrderedDict([("ip", node_subnet), ("scope", node_subnet_scope)]), ) ] ) pod_subnet_obj = collections.OrderedDict( - [("attributes", collections.OrderedDict([("ip", pod_subnet)]))] + [ + ( + "attributes", collections.OrderedDict([("ip", pod_subnet), ("scope", pod_subnet_scope)]), + ) + ] ) if eade is True: pod_subnet_obj["attributes"]["scope"] = "public" diff --git a/provision/acc_provision/templates/provision-config.yaml b/provision/acc_provision/templates/provision-config.yaml index fa9c3f8ac..f1618594a 100644 --- a/provision/acc_provision/templates/provision-config.yaml +++ b/provision/acc_provision/templates/provision-config.yaml @@ -41,7 +41,12 @@ aci_config: # net_config: node_subnet: 10.1.0.1/16 # Subnet to use for nodes + node_subnet_scope: # Valid option are private, shared and public. Public and Private can't be configured at the same time. + - public # Default is public + - shared pod_subnet: 10.2.0.1/16 # Subnet to use for Kubernetes + pod_subnet_scope: # Valid option are private, shared and public. Public and Private can't be configured at the same time. + - private # Default is private # Pods/CloudFoundry containers #vip_subnet: 10.3.0.1/16 # Subnet to use for virtual IPs # (CloudFoundry only) From ae7590a8d6f79a74a8356da2341d97e8e8b33187 Mon Sep 17 00:00:00 2001 From: Camillo Date: Thu, 29 Oct 2020 14:35:50 +1100 Subject: [PATCH 2/2] subnet scope changes --- provision/acc_provision/templates/provision-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/provision/acc_provision/templates/provision-config.yaml b/provision/acc_provision/templates/provision-config.yaml index f1618594a..0683c6519 100644 --- a/provision/acc_provision/templates/provision-config.yaml +++ b/provision/acc_provision/templates/provision-config.yaml @@ -75,8 +75,8 @@ registry: # ovs_memory_limit: "20Gi" # override if needed, default is "1Gi" # reboot_opflex_with_ovs: "false" # override if needed, default is "true" -#istio_config: - # install_istio: False # default is True +istio_config: + install_istio: True # default is True # install_profile: "default" # override if needed, default is "demo" #drop_log_config: