Skip to content

Commit

Permalink
Add BGPPolicy controller
Browse files Browse the repository at this point in the history 
Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
  • Loading branch information
@hongliangl
hongliangl committed Jun 6, 2024
1 parent 2e48977 commit c9b727a
Show file tree
Hide file tree
Showing 41 changed files with 4,823 additions and 12 deletions.
8 changes: 8 additions & 0 deletions build/charts/antrea/conf/antrea-agent.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,9 @@ featureGates:
# Enable NodeLatencyMonitor to monitor the latency between Nodes.
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "NodeLatencyMonitor" "default" false) }}

# Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers.
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "BGPPolicy" "default" false) }}

# Name of the OpenVSwitch bridge antrea-agent will create and use.
# Make sure it doesn't conflict with your existing OpenVSwitch bridges.
ovsBridge: {{ .Values.ovs.bridgeName | quote }}
Expand Down Expand Up @@ -443,3 +446,8 @@ secondaryNetwork:
{{- end }}

{{- end }}

bgpPolicy:
# The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by
# concatenating its IP address and AS number, e.g., `192.168.1.1-65521`.
secretName: {{ .Values.bgpPolicy.secretName | quote }}
124 changes: 124 additions & 0 deletions build/charts/antrea/crds/bgppolicy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: bgppolicies.crd.antrea.io
spec:
group: crd.antrea.io
versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
required:
- spec
properties:
spec:
type: object
required:
- nodeSelector
- advertisements
- bgpPeers
properties:
nodeSelector:
type: object
properties:
matchExpressions:
items:
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
type: array
type: object
type: array
matchLabels:
x-kubernetes-preserve-unknown-fields: true
localASN:
type: integer
minimum: 64512
maximum: 65535
format: int32
default: 64512
listenPort:
type: integer
minimum: 1
maximum: 65535
format: int32
default: 179
advertisements:
type: object
properties:
service:
type: object
anyOf:
- required: [ clusterIPs ]
- required: [ externalIPs ]
- required: [ loadBalancerIPs ]
properties:
clusterIPs:
type: boolean
externalIPs:
type: boolean
loadBalancerIPs:
type: boolean
pod:
type: object
properties: {}
egress:
type: object
properties: {}
bgpPeers:
type: array
items:
type: object
required:
- address
- asn
properties:
address:
type: string
format: cidr
port:
type: integer
default: 179
format: int32
minimum: 1
maximum: 65535
asn:
type: integer
minimum: 1
maximum: 65535
format: int32
gracefulRestartTime:
type: integer
default: 120
format: int32
minimum: 1
maximum: 3600
additionalPrinterColumns:
- description: Local BGP AS number
jsonPath: .spec.localASN
name: Local ASN
type: integer
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
subresources:
status: {}
scope: Cluster
names:
plural: bgppolicies
singular: bgppolicy
kind: BGPPolicy
6 changes: 6 additions & 0 deletions build/charts/antrea/templates/agent/bgp-secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.bgpPolicy.secretName }}
namespace: {{ .Release.Namespace }}
type: Opaque
9 changes: 9 additions & 0 deletions build/charts/antrea/templates/agent/clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,3 +228,12 @@ rules:
- create
- patch
- update
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- {{ .Values.bgpPolicy.secretName }}
verbs:
- get
- watch
4 changes: 4 additions & 0 deletions build/charts/antrea/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,10 @@ secondaryNetwork:
# [{bridgeName: "br1", physicalInterfaces: ["eth1"]}]
ovsBridges: []

bgpPolicy:
# -- The name of the Secret storing the passwords of BGP peers.
secretName: "antrea-bgp-passwords"

agent:
# -- Port for the antrea-agent APIServer to serve on.
apiPort: 10350
Expand Down
127 changes: 127 additions & 0 deletions build/yamls/antrea-aks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,6 +300,133 @@ spec:
shortNames:
- aci

---
# Source: crds/bgppolicy.yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: bgppolicies.crd.antrea.io
spec:
group: crd.antrea.io
versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
required:
- spec
properties:
spec:
type: object
required:
- nodeSelector
- advertisements
- bgpPeers
properties:
nodeSelector:
type: object
properties:
matchExpressions:
items:
properties:
key:
type: string
operator:
enum:
- In
- NotIn
- Exists
- DoesNotExist
type: string
values:
items:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$"
type: array
type: object
type: array
matchLabels:
x-kubernetes-preserve-unknown-fields: true
localASN:
type: integer
minimum: 64512
maximum: 65535
format: int32
default: 64512
listenPort:
type: integer
minimum: 1
maximum: 65535
format: int32
default: 179
advertisements:
type: object
properties:
service:
type: object
anyOf:
- required: [ clusterIPs ]
- required: [ externalIPs ]
- required: [ loadBalancerIPs ]
properties:
clusterIPs:
type: boolean
externalIPs:
type: boolean
loadBalancerIPs:
type: boolean
pod:
type: object
properties: {}
egress:
type: object
properties: {}
bgpPeers:
type: array
items:
type: object
required:
- address
- asn
properties:
address:
type: string
format: cidr
port:
type: integer
default: 179
format: int32
minimum: 1
maximum: 65535
asn:
type: integer
minimum: 1
maximum: 65535
format: int32
gracefulRestartTime:
type: integer
default: 120
format: int32
minimum: 1
maximum: 3600
additionalPrinterColumns:
- description: Local BGP AS number
jsonPath: .spec.localASN
name: Local ASN
type: integer
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
subresources:
status: {}
scope: Cluster
names:
plural: bgppolicies
singular: bgppolicy
kind: BGPPolicy

---
# Source: crds/clustergroup.yaml
apiVersion: apiextensions.k8s.io/v1
Expand Down
Loading

0 comments on commit c9b727a

Please sign in to comment.