-
Notifications
You must be signed in to change notification settings - Fork 464
/
options.go
executable file
·132 lines (127 loc) · 6.87 KB
/
options.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
package options
import (
"net"
"time"
"github.com/spf13/pflag"
)
type KubeRouterConfig struct {
AdvertiseClusterIp bool
AdvertiseExternalIp bool
AdvertiseNodePodCidr bool
AdvertiseLoadBalancerIp bool
BGPGracefulRestart bool
CleanupConfig bool
ClusterAsn uint
ClusterCIDR string
EnableCNI bool
EnableiBGP bool
EnableOverlay bool
EnablePodEgress bool
EnablePprof bool
FullMeshMode bool
GlobalHairpinMode bool
HealthPort uint16
HelpRequested bool
HostnameOverride string
IPTablesSyncPeriod time.Duration
IpvsSyncPeriod time.Duration
Kubeconfig string
MasqueradeAll bool
Master string
MetricsEnabled bool
MetricsPath string
MetricsPort uint16
NodePortBindOnAllIp bool
PeerASNs []uint
PeerMultihopTtl uint8
PeerPasswords []string
PeerRouters []net.IP
RoutesSyncPeriod time.Duration
RunFirewall bool
RunRouter bool
RunServiceProxy bool
Version bool
VLevel string
// FullMeshPassword string
}
func NewKubeRouterConfig() *KubeRouterConfig {
return &KubeRouterConfig{
IpvsSyncPeriod: 5 * time.Minute,
IPTablesSyncPeriod: 5 * time.Minute,
RoutesSyncPeriod: 5 * time.Minute,
EnableOverlay: true,
}
}
func (s *KubeRouterConfig) AddFlags(fs *pflag.FlagSet) {
fs.BoolVarP(&s.HelpRequested, "help", "h", false,
"Print usage information.")
fs.BoolVarP(&s.Version, "version", "V", false,
"Print version information.")
fs.BoolVar(&s.RunServiceProxy, "run-service-proxy", true,
"Enables Service Proxy -- sets up IPVS for Kubernetes Services.")
fs.BoolVar(&s.RunFirewall, "run-firewall", true,
"Enables Network Policy -- sets up iptables to provide ingress firewall for pods.")
fs.BoolVar(&s.RunRouter, "run-router", true,
"Enables Pod Networking -- Advertises and learns the routes to Pods via iBGP.")
fs.StringVar(&s.Master, "master", s.Master,
"The address of the Kubernetes API server (overrides any value in kubeconfig).")
fs.StringVar(&s.Kubeconfig, "kubeconfig", s.Kubeconfig,
"Path to kubeconfig file with authorization information (the master location is set by the master flag).")
fs.BoolVar(&s.CleanupConfig, "cleanup-config", false,
"Cleanup iptables rules, ipvs, ipset configuration and exit.")
fs.BoolVar(&s.MasqueradeAll, "masquerade-all", false,
"SNAT all traffic to cluster IP/node port.")
fs.StringVar(&s.ClusterCIDR, "cluster-cidr", s.ClusterCIDR,
"CIDR range of pods in the cluster. It is used to identify traffic originating from and destinated to pods.")
fs.BoolVar(&s.EnablePodEgress, "enable-pod-egress", true,
"SNAT traffic from Pods to destinations outside the cluster.")
fs.DurationVar(&s.IPTablesSyncPeriod, "iptables-sync-period", s.IPTablesSyncPeriod,
"The delay between iptables rule synchronizations (e.g. '5s', '1m'). Must be greater than 0.")
fs.DurationVar(&s.IpvsSyncPeriod, "ipvs-sync-period", s.IpvsSyncPeriod,
"The delay between ipvs config synchronizations (e.g. '5s', '1m', '2h22m'). Must be greater than 0.")
fs.DurationVar(&s.RoutesSyncPeriod, "routes-sync-period", s.RoutesSyncPeriod,
"The delay between route updates and advertisements (e.g. '5s', '1m', '2h22m'). Must be greater than 0.")
fs.BoolVar(&s.AdvertiseClusterIp, "advertise-cluster-ip", false,
"Add Cluster IP of the service to the RIB so that it gets advertises to the BGP peers.")
fs.BoolVar(&s.AdvertiseExternalIp, "advertise-external-ip", false,
"Add External IP of service to the RIB so that it gets advertised to the BGP peers.")
fs.BoolVar(&s.AdvertiseLoadBalancerIp, "advertise-loadbalancer-ip", false,
"Add LoadbBalancer IP of service status as set by the LB provider to the RIB so that it gets advertised to the BGP peers.")
fs.BoolVar(&s.AdvertiseNodePodCidr, "advertise-pod-cidr", true,
"Add Node's POD cidr to the RIB so that it gets advertised to the BGP peers.")
fs.IPSliceVar(&s.PeerRouters, "peer-router-ips", s.PeerRouters,
"The ip address of the external router to which all nodes will peer and advertise the cluster ip and pod cidr's.")
fs.UintVar(&s.ClusterAsn, "cluster-asn", s.ClusterAsn,
"ASN number under which cluster nodes will run iBGP.")
fs.UintSliceVar(&s.PeerASNs, "peer-router-asns", s.PeerASNs,
"ASN numbers of the BGP peer to which cluster nodes will advertise cluster ip and node's pod cidr.")
fs.Uint8Var(&s.PeerMultihopTtl, "peer-router-multihop-ttl", s.PeerMultihopTtl,
"Enable eBGP multihop supports -- sets multihop-ttl. (Relevant only if ttl >= 2)")
fs.BoolVar(&s.FullMeshMode, "nodes-full-mesh", true,
"Each node in the cluster will setup BGP peering with rest of the nodes.")
fs.BoolVar(&s.BGPGracefulRestart, "bgp-graceful-restart", false,
"Enables the BGP Graceful Restart capability so that routes are preserved on unexpected restarts")
fs.BoolVar(&s.EnableCNI, "enable-cni", true,
"Enable CNI plugin. Disable if you want to use kube-router features alongside another CNI plugin.")
fs.BoolVar(&s.EnableiBGP, "enable-ibgp", true,
"Enables peering with nodes with the same ASN, if disabled will only peer with external BGP peers")
fs.StringVar(&s.HostnameOverride, "hostname-override", s.HostnameOverride,
"Overrides the NodeName of the node. Set this if kube-router is unable to determine your NodeName automatically.")
fs.BoolVar(&s.GlobalHairpinMode, "hairpin-mode", false,
"Add iptable rules for every Service Endpoint to support hairpin traffic.")
fs.BoolVar(&s.NodePortBindOnAllIp, "nodeport-bindon-all-ip", false,
"For service of NodePort type create IPVS service that listens on all IP's of the node.")
fs.BoolVar(&s.EnableOverlay, "enable-overlay", true,
"When enable-overlay set to true, IP-in-IP tunneling is used for pod-to-pod networking across nodes in different subnets. "+
"When set to false no tunneling is used and routing infrastrcture is expected to route traffic for pod-to-pod networking across nodes in different subnets")
fs.StringSliceVar(&s.PeerPasswords, "peer-router-passwords", s.PeerPasswords,
"Password for authenticating against the BGP peer defined with \"--peer-router-ips\".")
fs.BoolVar(&s.EnablePprof, "enable-pprof", false,
"Enables pprof for debugging performance and memory leak issues.")
fs.Uint16Var(&s.MetricsPort, "metrics-port", 0, "Prometheus metrics port, (Default 0, Disabled)")
fs.StringVar(&s.MetricsPath, "metrics-path", "/metrics", "Prometheus metrics path")
// fs.StringVar(&s.FullMeshPassword, "nodes-full-mesh-password", s.FullMeshPassword,
// "Password that cluster-node BGP servers will use to authenticate one another when \"--nodes-full-mesh\" is set.")
fs.StringVarP(&s.VLevel, "v", "v", "0", "log level for V logs")
fs.Uint16Var(&s.HealthPort, "health-port", 20244, "Health check port, 0 = Disabled")
}