github.com/cilium/cilium@v1.16.2/Documentation/network/concepts/ipam/kubernetes.rst (about) 1 .. only:: not (epub or latex or html) 2 3 WARNING: You are looking at unreleased Cilium documentation. 4 Please use the official rendered version released here: 5 https://docs.cilium.io 6 7 .. _k8s_hostscope: 8 9 ##################### 10 Kubernetes Host Scope 11 ##################### 12 13 The Kubernetes host-scope IPAM mode is enabled with ``ipam: kubernetes`` and 14 delegates the address allocation to each individual node in the cluster. IPs 15 are allocated out of the ``PodCIDR`` range associated to each node by 16 Kubernetes. 17 18 .. image:: k8s_hostscope.png 19 :align: center 20 21 In this mode, the Cilium agent will wait on startup until the ``PodCIDR`` range 22 is made available via the Kubernetes ``v1.Node`` object for all enabled address 23 families via one of the following methods: 24 25 **via v1.Node resource field** 26 27 ==================== ============================================================ 28 Field Description 29 ==================== ============================================================ 30 ``spec.podCIDRs`` IPv4 and/or IPv6 PodCIDR range 31 ``spec.podCIDR`` IPv4 or IPv6 PodCIDR range 32 ==================== ============================================================ 33 34 .. note:: It is important to run the ``kube-controller-manager`` with the flag 35 ``--allocate-node-cidrs`` flag to indicate to Kubernetes that PodCIDR 36 ranges should be allocated. 37 38 **via v1.Node annotation** 39 40 ====================================== ========================================================== 41 Annotation Description 42 ====================================== ========================================================== 43 ``network.cilium.io/ipv4-pod-cidr`` IPv4 PodCIDR range 44 ``network.cilium.io/ipv6-pod-cidr`` IPv6 PodCIDR range 45 ``network.cilium.io/ipv4-cilium-host`` IPv4 address of the cilium host interface 46 ``network.cilium.io/ipv6-cilium-host`` IPv6 address of the cilium host interface 47 ``network.cilium.io/ipv4-health-ip`` IPv4 address of the cilium-health endpoint 48 ``network.cilium.io/ipv6-health-ip`` IPv6 address of the cilium-health endpoint 49 ``network.cilium.io/ipv4-Ingress-ip`` IPv4 address of the cilium-ingress endpoint 50 ``network.cilium.io/ipv6-Ingress-ip`` IPv6 address of the cilium-ingress endpoint 51 ====================================== ========================================================== 52 53 .. note:: The annotation-based mechanism is primarily useful in combination with 54 older Kubernetes versions which do not support ``spec.podCIDRs`` yet 55 but support for both IPv4 and IPv6 is enabled. 56 57 .. _hostscope_configuration: 58 59 ************* 60 Configuration 61 ************* 62 63 The following ConfigMap options exist to configure Kubernetes hostscope: 64 65 * ``ipam: kubernetes``: Enables Kubernetes IPAM mode. Enabling this option will 66 automatically enable ``k8s-require-ipv4-pod-cidr`` if ``enable-ipv4`` is 67 ``true`` and ``k8s-require-ipv6-pod-cidr`` if ``enable-ipv6`` is ``true``. 68 * ``k8s-require-ipv4-pod-cidr: true``: instructs the Cilium agent to wait until 69 an IPv4 PodCIDR is made available via the Kubernetes node resource. 70 * ``k8s-require-ipv6-pod-cidr: true``: instructs the Cilium agent to wait until 71 an IPv6 PodCIDR is made available via the Kubernetes node resource. 72 73 With helm the previous options can be defined as: 74 75 * ``ipam: kubernetes``: ``--set ipam.mode=kubernetes``. 76 * ``k8s-require-ipv4-pod-cidr: true``: ``--set k8s.requireIPv4PodCIDR=true``, 77 which only works with ``--set ipam.mode=kubernetes`` 78 * ``k8s-require-ipv6-pod-cidr: true``: ``--set k8s.requireIPv6PodCIDR=true``, 79 which only works with ``--set ipam.mode=kubernetes``