From 535fcc5abe4dc1e2a10ef41cadf9d5e23baf126e Mon Sep 17 00:00:00 2001 From: Lars Ekman Date: Fri, 2 Nov 2018 06:30:02 +0100 Subject: [PATCH] Added "--router-id=" parameter. (#563) For ipv6 it is not possible to use the ip address as router-id and this parameter is required. --- docs/user-guide.md | 1 + pkg/controllers/routing/network_routes_controller.go | 12 +++++++++++- pkg/options/options.go | 2 ++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/docs/user-guide.md b/docs/user-guide.md index 023a8502f..346c2b1d3 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -61,6 +61,7 @@ Usage of kube-router: --peer-router-multihop-ttl uint8 Enable eBGP multihop supports -- sets multihop-ttl. (Relevant only if ttl >= 2) --peer-router-passwords strings Password for authenticating against the BGP peer defined with "--peer-router-ips". --peer-router-ports uints The remote port of the external BGP to which all nodes will peer. If not set, default BGP port (179) will be used. (default []) + --router-id string BGP router-id. Must be specified in a ipv6 only cluster. --routes-sync-period duration The delay between route updates and advertisements (e.g. '5s', '1m', '2h22m'). Must be greater than 0. (default 5m0s) --run-firewall Enables Network Policy -- sets up iptables to provide ingress firewall for pods. (default true) --run-router Enables Pod Networking -- Advertises and learns the routes to Pods via iBGP. (default true) diff --git a/pkg/controllers/routing/network_routes_controller.go b/pkg/controllers/routing/network_routes_controller.go index 387a4bd08..b4b027811 100644 --- a/pkg/controllers/routing/network_routes_controller.go +++ b/pkg/controllers/routing/network_routes_controller.go @@ -60,6 +60,7 @@ type NetworkRoutingController struct { nodeName string nodeSubnet net.IPNet nodeInterface string + routerId string isIpv6 bool activeNodes map[string]bool mu sync.Mutex @@ -676,7 +677,7 @@ func (nrc *NetworkRoutingController) startBgpServer() error { global := &config.Global{ Config: config.GlobalConfig{ As: nodeAsnNumber, - RouterId: nrc.nodeIP.String(), + RouterId: nrc.routerId, LocalAddressList: localAddressList, Port: int32(nrc.bgpPort), }, @@ -819,6 +820,15 @@ func NewNetworkRoutingController(clientset kubernetes.Interface, nrc.nodeIP = nodeIP nrc.isIpv6 = nodeIP.To4() == nil + if kubeRouterConfig.RouterId != "" { + nrc.routerId = kubeRouterConfig.RouterId + } else { + if nrc.isIpv6 { + return nil, errors.New("Router-id must be specified in ipv6 operation") + } + nrc.routerId = nrc.nodeIP.String() + } + // lets start with assumption we hace necessary IAM creds to access EC2 api nrc.ec2IamAuthorized = true diff --git a/pkg/options/options.go b/pkg/options/options.go index 3c5a2c3c6..34f3d0885 100644 --- a/pkg/options/options.go +++ b/pkg/options/options.go @@ -47,6 +47,7 @@ type KubeRouterConfig struct { PeerPasswords []string PeerPorts []uint PeerRouters []net.IP + RouterId string RoutesSyncPeriod time.Duration RunFirewall bool RunRouter bool @@ -121,6 +122,7 @@ func (s *KubeRouterConfig) AddFlags(fs *pflag.FlagSet) { "Enables the BGP Graceful Restart capability so that routes are preserved on unexpected restarts") fs.Uint16Var(&s.BGPPort, "bgp-port", DEFAULT_BGP_PORT, "The port open for incoming BGP connections and to use for connecting with other BGP peers.") + fs.StringVar(&s.RouterId, "router-id", "", "BGP router-id. Must be specified in a ipv6 only cluster.") fs.BoolVar(&s.EnableCNI, "enable-cni", true, "Enable CNI plugin. Disable if you want to use kube-router features alongside another CNI plugin.") fs.BoolVar(&s.EnableiBGP, "enable-ibgp", true,