文章目录

vyos模拟路由器部署参考URL

vyos虚拟机部署链接

vyos网络配置

# set policy
set policy route-map setmet rule 2 action 'permit'
set policy route-map setmet rule 2 set as-path prepend '2 2 2'

# vyos bgp as 63401
set protocols bgp system-as 63401

# node1
set protocols bgp neighbor 192.168.1.200 remote-as 63400
set protocols bgp neighbor 192.168.1.200 address-family ipv4-unicast route-map import 'setmet'
set protocols bgp neighbor 192.168.1.200 address-family ipv4-unicast soft-reconfiguration 'inbound'

# node2
set protocols bgp neighbor 192.168.1.201 remote-as 63400
set protocols bgp neighbor 192.168.1.201 address-family ipv4-unicast route-map import 'setmet'
set protocols bgp neighbor 192.168.1.201 address-family ipv4-unicast soft-reconfiguration 'inbound'

# node3
set protocols bgp neighbor 192.168.1.202 remote-as 63400
set protocols bgp neighbor 192.168.1.202 address-family ipv4-unicast route-map import 'setmet'
set protocols bgp neighbor 192.168.1.202 address-family ipv4-unicast soft-reconfiguration 'inbound'

# node4
set protocols bgp neighbor 192.168.1.203 remote-as 63400
set protocols bgp neighbor 192.168.1.203 address-family ipv4-unicast route-map import 'setmet'
set protocols bgp neighbor 192.168.1.203 address-family ipv4-unicast soft-reconfiguration 'inbound'

#通告路由
set protocols bgp address-family ipv4-unicast network 10.1.1.0/24

# 执行配置
commit
#保存配置
save

k8s集群配置bgp资源

bgp-config.yaml

#官网url:https://docs.tigera.io/calico/latest/reference/resources/bgpconfig
#修改的点nodeToNodeMeshEnabled: false
#cidr: 172.218.4.0/26修改为本集群的pod网络
#删除nodeMeshMaxRestartTime: 120s-nodeToNodeMeshEnabled为false时,需删除该配置
apiVersion: projectcalico.org/v3
kind: BGPConfiguration
metadata:
  name: default
spec:
  logSeverityScreen: Info
  nodeToNodeMeshEnabled: false
  asNumber: 63400
  serviceClusterIPs:
    - cidr: 10.96.0.0/12
  serviceExternalIPs:
    - cidr: 104.244.42.129/32
    - cidr: 172.217.3.0/24
  listenPort: 178
  bindMode: NodeIP
  communities:
    - name: bgp-large-community
      value: 63400:300:100
  prefixAdvertisements:
    - cidr: 10.244.0.0/16
      communities:
        - bgp-large-community
        - 63400:120

bgp-peer.yaml

#注意!!!!node: vyos该配置需要删除,否则无法成功
apiVersion: projectcalico.org/v3
kind: BGPPeer
metadata:
  name: vyos
spec:
  #node: vyos
  peerIP: 192.168.1.252
  asNumber: 63401
  keepOriginalNextHop: true

生效配置:
kubectl create -f bgp-config.yaml
kubectl create -f bgp-peer.yaml

查看状态

[root@node1 vyos]# calicoctl node status
Calico process is running.

IPv4 BGP status
+---------------+-----------+-------+----------+-------------+
| PEER ADDRESS  | PEER TYPE | STATE |  SINCE   |    INFO     |
+---------------+-----------+-------+----------+-------------+
| 192.168.1.252 | global    | up    | 01:09:49 | Established |
+---------------+-----------+-------+----------+-------------+

IPv6 BGP status
No IPv6 peers found.


#查看路由信息
[root@node1 vyos]# ip route
default via 192.168.1.1 dev eth0 
10.1.1.0/24 via 192.168.1.252 dev eth0 proto bird 
10.244.3.64/26 via 192.168.1.203 dev eth0 proto 80 onlink 
10.244.104.0/26 via 192.168.1.201 dev eth0 proto 80 onlink 
10.244.135.0/26 via 192.168.1.202 dev eth0 proto 80 onlink 
blackhole 10.244.166.128/26 proto 80 
10.244.166.129 dev cali876ff7c404c scope link 
10.244.166.130 dev cali8887c615354 scope link 
10.244.166.131 dev calib745e0583d4 scope link 
169.254.0.0/16 dev eth0 scope link metric 1002 
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.200 
[root@node1 vyos]# 
[root@node1 vyos]# 
[root@node1 vyos]# ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.389 ms

切换回node-to-node 连接模式

#删除两个资源文件即可
kubectl delete -f bgp-peer.yaml
kubectl delete -f bgp-config-new.yaml 

[root@node1 vyos]# calicoctl node status
Calico process is running.

IPv4 BGP status
+---------------+-------------------+-------+----------+-------------+
| PEER ADDRESS  |     PEER TYPE     | STATE |  SINCE   |    INFO     |
+---------------+-------------------+-------+----------+-------------+
| 192.168.1.201 | node-to-node mesh | up    | 06:56:35 | Established |
| 192.168.1.202 | node-to-node mesh | up    | 06:56:35 | Established |
| 192.168.1.203 | node-to-node mesh | up    | 06:56:35 | Established |
+---------------+-------------------+-------+----------+-------------+

IPv6 BGP status
No IPv6 peers found.
# kubernetes # 容器 # 云原生
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes