add generation of router id based on hash of primary IP

When enabled, generate the router id by hashing the primary IP. With this no explicit router id has to be provided on IPv6-only clusters. Signed-off-by: Erik Larsson <who+github@cnackers.org>
cloudnativelabs · Oct 7, 2023 · 76ffcbd · 76ffcbd
1 parent 57c9b08
commit 76ffcbd
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 4 deletions.
diff --git a/docs/user-guide.md b/docs/user-guide.md
@@ -87,7 +87,7 @@ Usage of kube-router:
       --peer-router-passwords strings                 Password for authenticating against the BGP peer defined with "--peer-router-ips".
       --peer-router-passwords-file string             Path to file containing password for authenticating against the BGP peer defined with "--peer-router-ips". --peer-router-passwords will be preferred if both are set.
       --peer-router-ports uints                       The remote port of the external BGP to which all nodes will peer. If not set, default BGP port (179) will be used. (default [])
-      --router-id string                              BGP router-id. Must be specified in a ipv6 only cluster.
+      --router-id string                              BGP router-id. Must be specified in a ipv6 only cluster, "generate" can be specified to generate the router id.
       --routes-sync-period duration                   The delay between route updates and advertisements (e.g. '5s', '1m', '2h22m'). Must be greater than 0. (default 5m0s)
       --run-firewall                                  Enables Network Policy -- sets up iptables to provide ingress firewall for pods. (default true)
       --run-router                                    Enables Pod Networking -- Advertises and learns the routes to Pods via iBGP. (default true)

diff --git a/pkg/controllers/routing/network_routes_controller.go b/pkg/controllers/routing/network_routes_controller.go
@@ -2,8 +2,10 @@ package routing
 
 import (
 	"context"
+	"encoding/binary"
 	"errors"
 	"fmt"
+	"hash/fnv"
 	"net"
 	"os"
 	"os/exec"
@@ -1367,9 +1369,17 @@ func NewNetworkRoutingController(clientset kubernetes.Interface,
 	}
 	nrc.isIPv6Capable = len(nrc.nodeIPv6Addrs) > 0
 
-	if kubeRouterConfig.RouterID != "" {
+	switch {
+	case kubeRouterConfig.RouterID == "generate":
+		h := fnv.New32a()
+		h.Write(nrc.primaryIP)
+		hs := h.Sum32()
+		gip := make(net.IP, 4)
+		binary.BigEndian.PutUint32(gip, hs)
+		nrc.routerID = gip.String()
+	case kubeRouterConfig.RouterID != "":
 		nrc.routerID = kubeRouterConfig.RouterID
-	} else {
+	default:
 		if nrc.primaryIP.To4() == nil {
 			return nil, errors.New("router-id must be specified when primary node IP is an IPv6 address")
 		}

diff --git a/pkg/options/options.go b/pkg/options/options.go
@@ -203,7 +203,7 @@ func (s *KubeRouterConfig) AddFlags(fs *pflag.FlagSet) {
 		"The remote port of the external BGP to which all nodes will peer. If not set, default BGP "+
 			"port ("+strconv.Itoa(DefaultBgpPort)+") will be used.")
 	fs.StringVar(&s.RouterID, "router-id", "", "BGP router-id. Must be specified in a ipv6 only "+
-		"cluster.")
+		"cluster, \"generate\" can be specified to generate the router id.")
 	fs.DurationVar(&s.RoutesSyncPeriod, "routes-sync-period", s.RoutesSyncPeriod,
 		"The delay between route updates and advertisements (e.g. '5s', '1m', '2h22m'). Must be greater than 0.")
 	fs.BoolVar(&s.RunFirewall, "run-firewall", true,