Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Advertise Whitelisted Service External IP's #266

Merged
merged 35 commits into from Sep 20, 2019

Conversation

@tompntn
Copy link

tompntn commented Sep 3, 2019

This PR adds support for sending BGP advertisements for service External IP routes (projectcalico/calico#2770). In order to prevent users from advertising arbitrary IP's, we restrict the advertisements to the whitelist defined in the new ServiceExternalIPs field (projectcalico/libcalico-go#1123).

The v1 syncer is used to pass the whitelist from libcalico-go through to confd.

Copy link
Member

caseydavenport left a comment

@tompntn I've take a first look at this and left some comments - I still plan on doing a more detailed review but I didn't want to leave you hanging for too long :)

Let me know what you think about some of the suggestions. Thanks much!

pkg/backends/calico/client.go Outdated Show resolved Hide resolved
pkg/backends/calico/routes.go Show resolved Hide resolved
pkg/backends/calico/routes.go Outdated Show resolved Hide resolved
pkg/backends/calico/routes.go Show resolved Hide resolved
pkg/backends/calico/routes.go Outdated Show resolved Hide resolved
pkg/backends/calico/routes.go Outdated Show resolved Hide resolved
@caseydavenport caseydavenport added this to the Calico v3.10.0 milestone Sep 11, 2019
@tompntn tompntn force-pushed the tompntn:advertise_external_ips branch from 7bad1db to 2018db1 Sep 20, 2019
@caseydavenport caseydavenport merged commit 09e1cfd into projectcalico:master Sep 20, 2019
2 checks passed
2 checks passed
license/cla Contributor License Agreement is signed.
Details
semaphoreci The build passed on Semaphore.
Details
@tompntn tompntn deleted the tompntn:advertise_external_ips branch Sep 20, 2019
@lmm lmm added docs-completed and removed docs-pr-required labels Oct 17, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.