From 4614b06e195b4050d502e840ea4f40b5110d3ee1 Mon Sep 17 00:00:00 2001
From: Rafael Laszlo <rlacko99@gmail.com>
Date: Fri, 19 Nov 2021 21:18:01 +0100
Subject: [PATCH] Add cilium config

---
 ansible/k8s/components/cilium/README.md       | 28 ++++++++++++
 .../k8s/components/cilium/bgp-configmap.yaml  | 16 +++++++
 .../cilium/example/example-nginx.yaml         | 43 +++++++++++++++++++
 ansible/k8s/components/cilium/values.yaml     | 11 +++++
 4 files changed, 98 insertions(+)
 create mode 100644 ansible/k8s/components/cilium/README.md
 create mode 100644 ansible/k8s/components/cilium/bgp-configmap.yaml
 create mode 100644 ansible/k8s/components/cilium/example/example-nginx.yaml
 create mode 100644 ansible/k8s/components/cilium/values.yaml

diff --git a/ansible/k8s/components/cilium/README.md b/ansible/k8s/components/cilium/README.md
new file mode 100644
index 0000000..1cdad60
--- /dev/null
+++ b/ansible/k8s/components/cilium/README.md
@@ -0,0 +1,28 @@
+# Cilium
+
+## BGP
+
+Cilium has an integration with Metallb. 
+https://docs.cilium.io/en/v1.10/gettingstarted/bgp/
+
+We just need to provide a configmap to it.
+`kubectl create -f bgp-configmap.yaml`
+
+## Chart
+
+```bash
+helm repo add cilium https://helm.cilium.io/
+helm repo update
+helm install cilium cilium/cilium \
+    --version 1.10.5 \
+    --namespace kube-system \
+    --values values.yaml
+```
+
+## Upgrade
+
+Review the changelog and if everything is fine just change the version tag and upgrade helm.
+
+## Test it
+
+There is an example deployment and loadbalancer in the `example` folder.
diff --git a/ansible/k8s/components/cilium/bgp-configmap.yaml b/ansible/k8s/components/cilium/bgp-configmap.yaml
new file mode 100644
index 0000000..d140b10
--- /dev/null
+++ b/ansible/k8s/components/cilium/bgp-configmap.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: bgp-config
+  namespace: kube-system
+data:
+  config.yaml: |
+    peers:
+    - peer-address: 192.168.99.254
+      peer-asn: 64512
+      my-asn: 64512
+    address-pools:
+      - name: default
+        protocol: bgp
+        addresses:
+          - 192.168.44.0/24
diff --git a/ansible/k8s/components/cilium/example/example-nginx.yaml b/ansible/k8s/components/cilium/example/example-nginx.yaml
new file mode 100644
index 0000000..0b60ff5
--- /dev/null
+++ b/ansible/k8s/components/cilium/example/example-nginx.yaml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: test-lb
+spec:
+  type: LoadBalancer
+  loadBalancerIP: 152.66.192.34
+  ports:
+  - port: 80
+    targetPort: 80
+    protocol: TCP
+    name: http
+  selector:
+    svc: test-lb
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+spec:
+  selector:
+    matchLabels:
+      svc: test-lb
+  template:
+    metadata:
+      labels:
+        svc: test-lb
+    spec:
+      containers:
+      - name: web
+        image: nginx
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 80
+        readinessProbe:
+          httpGet:
+            path: /
+            port: 80
+        resources: 
+          requests: {}
+          limits: 
+            cpu: '50m'
+            memory: '100M'
diff --git a/ansible/k8s/components/cilium/values.yaml b/ansible/k8s/components/cilium/values.yaml
new file mode 100644
index 0000000..18ce7e0
--- /dev/null
+++ b/ansible/k8s/components/cilium/values.yaml
@@ -0,0 +1,11 @@
+kubeProxyReplacement: strict
+k8sServiceHost: 127.0.0.1
+k8sServicePort: 6443
+# devices: Don't specify it because cilium will use eth0 and eth1
+bgp:
+  enabled: true
+  announce:
+    loadbalancerIP: true
+ipam:
+  mode: "kubernetes"
+
-- 
GitLab