CFP: ClusterIP advertisement with BGP Control Plane

Signed-off-by: chaunceyjiang <chaunceyjiang@gmail.com>
cilium · Feb 26, 2024 · d102537 · d102537
1 parent 223a5e0
commit d102537
Show file tree

Hide file tree

Showing 6 changed files with 74 additions and 18 deletions.
diff --git a/pkg/bgpv1/manager/reconciler/lb_service.go → pkg/bgpv1/manager/reconciler/service.go b/pkg/bgpv1/manager/reconciler/lb_service.go → pkg/bgpv1/manager/reconciler/service.go
@@ -283,8 +283,8 @@ func (r *LBServiceReconciler) svcDesiredRoutes(newc *v2alpha1api.CiliumBGPVirtua
 		return nil, nil
 	}
 
-	// Ignore non-loadbalancer services.
-	if svc.Spec.Type != slim_corev1.ServiceTypeLoadBalancer {
+	// Ignore non-loadbalancer and non-clusterIP services.
+	if svc.Spec.Type != slim_corev1.ServiceTypeLoadBalancer && svc.Spec.Type != slim_corev1.ServiceTypeClusterIP {
 		return nil, nil
 	}
 
@@ -298,31 +298,45 @@ func (r *LBServiceReconciler) svcDesiredRoutes(newc *v2alpha1api.CiliumBGPVirtua
 	if !svcSelector.Matches(serviceLabelSet(svc)) {
 		return nil, nil
 	}
-
-	// Ignore service managed by an unsupported LB class.
-	if svc.Spec.LoadBalancerClass != nil && *svc.Spec.LoadBalancerClass != v2alpha1api.BGPLoadBalancerClass {
-		// The service is managed by a different LB class.
-		return nil, nil
-	}
-
 	// Ignore externalTrafficPolicy == Local && no local endpoints.
 	if svc.Spec.ExternalTrafficPolicy == slim_corev1.ServiceExternalTrafficPolicyLocal &&
 		!hasLocalEndpoints(svc, ls) {
 		return nil, nil
 	}
-
 	var desiredRoutes []netip.Prefix
-	for _, ingress := range svc.Status.LoadBalancer.Ingress {
-		if ingress.IP == "" {
-			continue
+	switch svc.Spec.Type {
+	case slim_corev1.ServiceTypeLoadBalancer:
+		// Ignore service managed by an unsupported LB class.
+		if svc.Spec.LoadBalancerClass != nil && *svc.Spec.LoadBalancerClass != v2alpha1api.BGPLoadBalancerClass {
+			// The service is managed by a different LB class.
+			return nil, nil
 		}
+		for _, ingress := range svc.Status.LoadBalancer.Ingress {
+			if ingress.IP == "" {
+				continue
+			}
 
-		addr, err := netip.ParseAddr(ingress.IP)
-		if err != nil {
-			continue
-		}
+			addr, err := netip.ParseAddr(ingress.IP)
+			if err != nil {
+				continue
+			}
 
-		desiredRoutes = append(desiredRoutes, netip.PrefixFrom(addr, addr.BitLen()))
+			desiredRoutes = append(desiredRoutes, netip.PrefixFrom(addr, addr.BitLen()))
+		}
+	case slim_corev1.ServiceTypeClusterIP:
+		if svc.Spec.ClusterIP == "" || len(svc.Spec.ClusterIPs) == 0 {
+			return nil, nil
+		}
+		for _, clusterIP := range svc.Spec.ClusterIPs {
+			if clusterIP == "" {
+				continue
+			}
+			addr, err := netip.ParseAddr(clusterIP)
+			if err != nil {
+				continue
+			}
+			desiredRoutes = append(desiredRoutes, netip.PrefixFrom(addr, addr.BitLen()))
+		}
 	}
 
 	return desiredRoutes, err

diff --git a/...pv1/manager/reconciler/lb_service_test.go → pkg/bgpv1/manager/reconciler/service_test.go b/...pv1/manager/reconciler/lb_service_test.go → pkg/bgpv1/manager/reconciler/service_test.go
diff --git a/pkg/k8s/apis/cilium.io/client/crds/v2alpha1/ciliumbgppeeringpolicies.yaml b/pkg/k8s/apis/cilium.io/client/crds/v2alpha1/ciliumbgppeeringpolicies.yaml
@@ -506,6 +506,20 @@ spec:
                             only "value". The requirements are ANDed.
                           type: object
                       type: object
+                    serviceAdvertisements:
+                      description: ServiceAdvertisements selects a group of BGP Advertisement(s)
+                        to advertise for the selected services.
+                      items:
+                        description: "BGPServiceAddressType defines type of service
+                          address to be advertised. \n Note list of supported service
+                          addresses is not exhaustive and can be extended in the future.
+                          Consumer of this API should be able to handle unknown values."
+                        enum:
+                        - LoadBalancerIP
+                        - ClusterIP
+                        - ExternalIP
+                        type: string
+                      type: array
                     serviceSelector:
                       description: "ServiceSelector selects a group of load balancer
                         services which this virtual router will announce. The loadBalancerClass

diff --git a/pkg/k8s/apis/cilium.io/v2alpha1/bgpp_types.go b/pkg/k8s/apis/cilium.io/v2alpha1/bgpp_types.go
@@ -326,6 +326,12 @@ type CiliumBGPVirtualRouter struct {
 	//
 	// +kubebuilder:validation:Optional
 	ServiceSelector *slimv1.LabelSelector `json:"serviceSelector,omitempty"`
+	// ServiceAdvertisements selects a group of BGP Advertisement(s) to advertise
+	// for the selected services.
+	//
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:default={LoadBalancerIP}
+	ServiceAdvertisements []BGPServiceAddressType `json:"serviceAdvertisements,omitempty"`
 	// Neighbors is a list of neighboring BGP peers for this virtual router
 	//
 	// +kubebuilder:validation:Required

diff --git a/pkg/k8s/apis/cilium.io/v2alpha1/zz_generated.deepcopy.go b/pkg/k8s/apis/cilium.io/v2alpha1/zz_generated.deepcopy.go
diff --git a/pkg/k8s/apis/cilium.io/v2alpha1/zz_generated.deepequal.go b/pkg/k8s/apis/cilium.io/v2alpha1/zz_generated.deepequal.go