Calico外宣ip

global peer

全局peer将所有的node对接到外部的bgp infra路由,需要infra支持

apiVersion: projectcalico.org/v3
kind: BGPPeer
metadata:
  name: my-global-peer
spec:
  peerIP: 192.20.30.40
  asNumber: 64567

Configure a node to act as a route reflector

选择node作为路由反射,将减少集群的路由量,有少量的节点反射其它节点的路由信息;

add cluster id to node

calicoctl patch node my-node -p '{"spec": {"bgp": {"routeReflectorClusterID": "244.0.0.1"}}}'

add label to node

kubectl label node my-node route-reflector=true

config peer:
所有节点连接 reflector节点

kind: BGPPeer
apiVersion: projectcalico.org/v3
metadata:
  name: peer-with-route-reflectors
spec:
  nodeSelector: all()
  peerSelector: route-reflector == 'true'

globel as change

calicoctl patch bgpconfiguration default -p '{"spec": {"asNumber": "64513"}}'

node as change

calicoctl patch node node-1 -p '{"spec": {"bgp": {"asNumber": "64514"}}}'

Advertise Kubernetes service IP addresses

Advertise service cluster IP addresses

外部ip:

calicoctl patch BGPConfig default --patch '{"spec": {"serviceExternalIPs": [{"cidr": "123.125.81.66/32"}]}}'

禁用node mesh:

calicoctl patch bgpconfiguration default -p '{"spec": {"nodeToNodeMeshEnabled": false}}'

Advertise service external IP addresses

calicoctl patch BGPConfig default --patch \
    '{"spec": {"serviceExternalIPs": [{"cidr": "123.125.81.66/32"}]}}'

Exclude certain nodes from advertisement

kubectl label node vm-kube-04 node.kubernetes.io/exclude-from-external-load-balancers=true

你可能感兴趣的:(kubernetes,运维)