github.com/cilium/cilium@v1.16.2/Documentation/contributing/development/bgp_cplane.rst

github.com/cilium/cilium@v1.16.2/Documentation/contributing/development/bgp_cplane.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      https://docs.cilium.io
     6  
     7  
     8  .. _bgp_cplane_contributing:
     9  
    10  =================
    11  BGP Control Plane
    12  =================
    13  
    14  This section is specific to :ref:`bgp_control_plane` contributions.
    15  
    16  Development Environment
    17  =======================
    18  
    19  BGP Control Plane requires a BGP peer for testing. This section describes a `ContainerLab`_ and `Kind`_-based development environment. The following diagram shows the topology:
    20  
    21  .. _ContainerLab: https://containerlab.dev/
    22  .. _Kind: https://kind.sigs.k8s.io/
    23  
    24  .. image:: _static/bgp-lab.drawio.png
    25      :align: center
    26  
    27  The following describes the role of each node:
    28  
    29  * ``router0`` is an `FRRouting (FRR)`_ router. It is pre-configured with minimal peering settings with server0 and server1.
    30  * ``server0`` and ``server1`` are ``nicolaka/netshoot`` containers that each share a network namespace with their own Kind node.
    31  * ``server2`` is a non-Cilium ``nicolaka/netshoot`` node useful for testing traffic connectivity from outside of the k8s cluster.
    32  
    33  .. _FRRouting (FRR): https://frrouting.org/
    34  
    35  Prerequisites
    36  -------------
    37  
    38  * ContainerLab v0.45.1 or later
    39  * Kind v0.20.0 or later
    40  * Your container runtime networks must not use ``10.0.0.0/8`` and ``fd00::/16``
    41  
    42  Deploy Lab
    43  ----------
    44  
    45  .. code-block:: shell-session
    46  
    47     $ make kind-bgp-v4
    48  
    49  .. note::
    50          The prior example sets up an IPv4 single-stack environment. You can change the ``v4`` part to ``v6`` or ``dual`` to set up an IPv6 single-stack or dual-stack environment respectively. The same goes for the following examples.
    51  
    52  Install Cilium on the Lab
    53  -------------------------
    54  
    55  Install Cilium on the lab with your favorite way. The following example assumes you are modifying the source and want to build your own image. The minimal mandatory Helm values are provided in ``contrib/containerlab/bgp-cplane-dev-v4/values.yaml``. If needed, you can add Helm values to deploy BGP Control Plane with a different Cilium configuration.
    56  
    57  .. code-block:: shell-session
    58  
    59     $ KIND_CLUSTER_NAME=bgp-cplane-dev-v4 make kind-image
    60     $ cilium install --chart-directory install/kubernetes/cilium -f contrib/containerlab/bgp-cplane-dev-v4/values.yaml --set image.override="localhost:5000/cilium/cilium-dev:local" --set image.pullPolicy=Never --set operator.image.override="localhost:5000/cilium/operator-generic:local" --set operator.image.pullPolicy=Never
    61  
    62  Peering with Router
    63  -------------------
    64  
    65  Peer Cilium nodes with FRR by applying a CiliumBGPPeeringPolicy:
    66  
    67  .. code-block:: shell-session
    68  
    69     $ make kind-bgp-v4-apply-policy
    70  
    71  .. note::
    72          At this point, there are only minimal peering settings on the policy and no advertisement configuration present. You need to edit policies, for example, with ``kubectl edit bgpp`` to realize your desired settings. If you need to change the router side, you can edit FRRouting settings with ``docker exec -it clab-bgp-cplane-dev-v4-router0 vtysh``.
    73  
    74  Validating Peering Status
    75  -------------------------
    76  
    77  You can validate the peering status with the following command. Confirm that
    78  the session state is established and Received and Advertised counters are zero.
    79  
    80  .. code-block:: shell-session
    81  
    82     $ cilium bgp peers
    83     Node                              Local AS   Peer AS   Peer Address   Session State   Uptime   Family         Received   Advertised
    84     bgp-cplane-dev-v4-control-plane   65001      65000     10.0.1.1       established     1s       ipv4/unicast   0          0
    85                                                                                                    ipv6/unicast   0          0
    86     bgp-cplane-dev-v4-worker          65002      65000     10.0.2.1       established     2s       ipv4/unicast   0          0
    87                                                                                                    ipv6/unicast   0          0
    88  
    89  Validating Connectivity to Cilium Nodes from Non-Cilium Node
    90  ------------------------------------------------------------
    91  
    92  The below example validates connectivity from server2 to server0 (10.0.1.2) and server1 (10.0.2.2). You should see the packets go through router0 (10.0.3.1).
    93  
    94  .. code-block:: shell-session
    95  
    96     $ docker exec -it clab-bgp-cplane-dev-v4-server2 mtr 10.0.1.2 -r
    97     Start: 2023-10-04T02:24:58+0000
    98     HOST: server2                     Loss%   Snt   Last   Avg  Best  Wrst StDev
    99       1.|-- 10.0.3.1                   0.0%    10    0.0   0.1   0.0   0.1   0.0
   100       2.|-- 10.0.1.2                   0.0%    10    0.2   0.1   0.1   0.3   0.1
   101  
   102     $ docker exec -it clab-bgp-cplane-dev-v4-server2 mtr 10.0.2.2 -r
   103     Start: 2023-10-04T02:25:58+0000
   104     HOST: server2                     Loss%   Snt   Last   Avg  Best  Wrst StDev
   105       1.|-- 10.0.3.1                   0.0%    10    0.1   0.1   0.0   0.1   0.0
   106       2.|-- 10.0.2.2                   0.0%    10    0.1   0.1   0.0   0.2   0.0
   107  
   108  Destroy Lab
   109  -----------
   110  
   111  .. code-block:: shell-session
   112  
   113     $ make kind-bgp-v4-down