赞
踩
# set policy set policy route-map setmet rule 2 action 'permit' set policy route-map setmet rule 2 set as-path prepend '2 2 2' # vyos bgp as 63401 set protocols bgp system-as 63401 # node1 set protocols bgp neighbor 192.168.1.200 remote-as 63400 set protocols bgp neighbor 192.168.1.200 address-family ipv4-unicast route-map import 'setmet' set protocols bgp neighbor 192.168.1.200 address-family ipv4-unicast soft-reconfiguration 'inbound' # node2 set protocols bgp neighbor 192.168.1.201 remote-as 63400 set protocols bgp neighbor 192.168.1.201 address-family ipv4-unicast route-map import 'setmet' set protocols bgp neighbor 192.168.1.201 address-family ipv4-unicast soft-reconfiguration 'inbound' # node3 set protocols bgp neighbor 192.168.1.202 remote-as 63400 set protocols bgp neighbor 192.168.1.202 address-family ipv4-unicast route-map import 'setmet' set protocols bgp neighbor 192.168.1.202 address-family ipv4-unicast soft-reconfiguration 'inbound' # node4 set protocols bgp neighbor 192.168.1.203 remote-as 63400 set protocols bgp neighbor 192.168.1.203 address-family ipv4-unicast route-map import 'setmet' set protocols bgp neighbor 192.168.1.203 address-family ipv4-unicast soft-reconfiguration 'inbound' #通告路由 set protocols bgp address-family ipv4-unicast network 10.1.1.0/24 # 执行配置 commit #保存配置 save
bgp-config.yaml
#官网url:https://docs.tigera.io/calico/latest/reference/resources/bgpconfig #修改的点nodeToNodeMeshEnabled: false #cidr: 172.218.4.0/26修改为本集群的pod网络 #删除nodeMeshMaxRestartTime: 120s-nodeToNodeMeshEnabled为false时,需删除该配置 apiVersion: projectcalico.org/v3 kind: BGPConfiguration metadata: name: default spec: logSeverityScreen: Info nodeToNodeMeshEnabled: false asNumber: 63400 serviceClusterIPs: - cidr: 10.96.0.0/12 serviceExternalIPs: - cidr: 104.244.42.129/32 - cidr: 172.217.3.0/24 listenPort: 178 bindMode: NodeIP communities: - name: bgp-large-community value: 63400:300:100 prefixAdvertisements: - cidr: 10.244.0.0/16 communities: - bgp-large-community - 63400:120
bgp-peer.yaml
#注意!!!!node: vyos该配置需要删除,否则无法成功
apiVersion: projectcalico.org/v3
kind: BGPPeer
metadata:
name: vyos
spec:
#node: vyos
peerIP: 192.168.1.252
asNumber: 63401
keepOriginalNextHop: true
生效配置:
kubectl create -f bgp-config.yaml
kubectl create -f bgp-peer.yaml
[root@node1 vyos]# calicoctl node status Calico process is running. IPv4 BGP status +---------------+-----------+-------+----------+-------------+ | PEER ADDRESS | PEER TYPE | STATE | SINCE | INFO | +---------------+-----------+-------+----------+-------------+ | 192.168.1.252 | global | up | 01:09:49 | Established | +---------------+-----------+-------+----------+-------------+ IPv6 BGP status No IPv6 peers found. #查看路由信息 [root@node1 vyos]# ip route default via 192.168.1.1 dev eth0 10.1.1.0/24 via 192.168.1.252 dev eth0 proto bird 10.244.3.64/26 via 192.168.1.203 dev eth0 proto 80 onlink 10.244.104.0/26 via 192.168.1.201 dev eth0 proto 80 onlink 10.244.135.0/26 via 192.168.1.202 dev eth0 proto 80 onlink blackhole 10.244.166.128/26 proto 80 10.244.166.129 dev cali876ff7c404c scope link 10.244.166.130 dev cali8887c615354 scope link 10.244.166.131 dev calib745e0583d4 scope link 169.254.0.0/16 dev eth0 scope link metric 1002 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.200 [root@node1 vyos]# [root@node1 vyos]# [root@node1 vyos]# ping 10.1.1.1 PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data. 64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.389 ms
#删除两个资源文件即可 kubectl delete -f bgp-peer.yaml kubectl delete -f bgp-config-new.yaml [root@node1 vyos]# calicoctl node status Calico process is running. IPv4 BGP status +---------------+-------------------+-------+----------+-------------+ | PEER ADDRESS | PEER TYPE | STATE | SINCE | INFO | +---------------+-------------------+-------+----------+-------------+ | 192.168.1.201 | node-to-node mesh | up | 06:56:35 | Established | | 192.168.1.202 | node-to-node mesh | up | 06:56:35 | Established | | 192.168.1.203 | node-to-node mesh | up | 06:56:35 | Established | +---------------+-------------------+-------+----------+-------------+ IPv6 BGP status No IPv6 peers found.
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。