Meridio: Multiple attractor with same VLAN ID using multus
Multus with CNI plugins >= v1.3.0
Meridio support for multiple network-attachments (Nordix/Meridio#421 )
NetworkAttachmentDefinition cat <<EOF | kubectl apply -f -
---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
name: macvlan-eth0
namespace: default
spec:
config: '{
"cniVersion":"0.4.0",
"type":"macvlan",
"name":"macvlan-eth0",
"master": "eth0",
"mode": "bridge",
"linkInContainer": false
}'
EOF
cat <<EOF | kubectl apply -f -
---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
name: vlan-100
namespace: default
spec:
config: '{
"cniVersion":"0.4.0",
"type":"vlan",
"name":"vlan-100",
"master": "macvlan",
"vlanId": 100,
"linkInContainer": true,
"ipam": {
"log_file": "/tmp/whereabouts.log",
"type": "whereabouts",
"ipRanges": [
{
"range": "169.254.100.0/24",
"exclude": [
"169.254.100.150/32"
]
}, {
"range": "100:100::/64",
"exclude": [
"100:100::150/128"
]
}
]
}
}'
EOF
cat <<EOF | kubectl apply -f -
---
apiVersion: meridio.nordix.org/v1
kind: Trench
metadata:
name: trench-a
namespace: red
spec:
ip-family: dualstack
---
apiVersion: meridio.nordix.org/v1
kind: Attractor
metadata:
name: attractor-a-1
namespace: red
labels:
trench: trench-a
spec:
replicas: 2
composites:
- conduit-a-1
gateways:
- gateway-v4-a-1
- gateway-v6-a-1
vips:
- vip-a-1-v4
- vip-a-1-v6
interface:
name: ext-vlan0
type: network-attachment
network-attachments:
- name: macvlan-eth0
namespace: default
interface: "macvlan"
- name: vlan-100
namespace: default
---
apiVersion: meridio.nordix.org/v1
kind: Gateway
metadata:
name: gateway-v4-a-1
namespace: red
labels:
trench: trench-a
spec:
address: 169.254.100.150
bgp:
local-asn: 8103
remote-asn: 4248829953
hold-time: 24s
local-port: 10179
remote-port: 10179
bfd:
switch: true
min-tx: 300ms
min-rx: 300ms
multiplier: 5
---
apiVersion: meridio.nordix.org/v1
kind: Gateway
metadata:
name: gateway-v6-a-1
namespace: red
labels:
trench: trench-a
spec:
address: 100:100::150
bgp:
local-asn: 8103
remote-asn: 4248829953
hold-time: 24s
local-port: 10179
remote-port: 10179
bfd:
switch: true
min-tx: 300ms
min-rx: 300ms
multiplier: 5
---
apiVersion: meridio.nordix.org/v1
kind: Vip
metadata:
name: vip-a-1-v4
namespace: red
labels:
trench: trench-a
spec:
address: "20.0.0.1/32"
---
apiVersion: meridio.nordix.org/v1
kind: Vip
metadata:
name: vip-a-1-v6
namespace: red
labels:
trench: trench-a
spec:
address: "2000::1/128"
---
apiVersion: meridio.nordix.org/v1
kind: Conduit
metadata:
name: conduit-a-1
namespace: red
labels:
trench: trench-a
spec:
type: stateless-lb
---
apiVersion: meridio.nordix.org/v1
kind: Stream
metadata:
name: stream-a-i
namespace: red
labels:
trench: trench-a
spec:
conduit: conduit-a-1
---
apiVersion: meridio.nordix.org/v1
kind: Flow
metadata:
name: flow-a-z-tcp
namespace: red
labels:
trench: trench-a
spec:
stream: stream-a-i
priority: 1
vips:
- vip-a-1-v4
- vip-a-1-v6
source-subnets:
- 0.0.0.0/0
- 0:0:0:0:0:0:0:0/0
source-ports:
- any
destination-ports:
- "4000"
protocols:
- tcp
---
apiVersion: meridio.nordix.org/v1
kind: Attractor
metadata:
name: attractor-a-2
namespace: red
labels:
trench: trench-a
spec:
replicas: 2
composites:
- conduit-a-2
gateways:
- gateway-v4-a-2
- gateway-v6-a-2
vips:
- vip-a-3-v4
- vip-a-3-v6
interface:
name: ext-vlan0
type: network-attachment
network-attachments:
- name: macvlan-eth0
namespace: default
interface: "macvlan"
- name: vlan-100
namespace: default
---
apiVersion: meridio.nordix.org/v1
kind: Gateway
metadata:
name: gateway-v4-a-2
namespace: red
labels:
trench: trench-a
spec:
address: 169.254.100.150
bgp:
local-asn: 8103
remote-asn: 4248829953
hold-time: 24s
local-port: 10179
remote-port: 10179
bfd:
switch: true
min-tx: 300ms
min-rx: 300ms
multiplier: 5
---
apiVersion: meridio.nordix.org/v1
kind: Gateway
metadata:
name: gateway-v6-a-2
namespace: red
labels:
trench: trench-a
spec:
address: 100:100::150
bgp:
local-asn: 8103
remote-asn: 4248829953
hold-time: 24s
local-port: 10179
remote-port: 10179
bfd:
switch: true
min-tx: 300ms
min-rx: 300ms
multiplier: 5
---
apiVersion: meridio.nordix.org/v1
kind: Vip
metadata:
name: vip-a-3-v4
namespace: red
labels:
trench: trench-a
spec:
address: "40.0.0.1/32"
---
apiVersion: meridio.nordix.org/v1
kind: Vip
metadata:
name: vip-a-3-v6
namespace: red
labels:
trench: trench-a
spec:
address: "4000::1/128"
---
apiVersion: meridio.nordix.org/v1
kind: Conduit
metadata:
name: conduit-a-2
namespace: red
labels:
trench: trench-a
spec:
type: stateless-lb
---
apiVersion: meridio.nordix.org/v1
kind: Stream
metadata:
name: stream-a-iv
namespace: red
labels:
trench: trench-a
spec:
conduit: conduit-a-2
---
apiVersion: meridio.nordix.org/v1
kind: Flow
metadata:
name: flow-a-w-tcp
namespace: red
labels:
trench: trench-a
spec:
stream: stream-a-iv
priority: 1
vips:
- vip-a-3-v4
- vip-a-3-v6
source-subnets:
- 0.0.0.0/0
- 0:0:0:0:0:0:0:0/0
source-ports:
- any
destination-ports:
- "4000"
protocols:
- tcp
EOF
