github.com/cilium/cilium@v1.16.2/test/k8s/manifests/frr.yaml.tmpl (about) 1 apiVersion: v1 2 kind: Pod 3 metadata: 4 name: frr 5 namespace: kube-system 6 labels: 7 app: frr 8 spec: 9 nodeName: {{ .OutsideNodeName }} 10 hostNetwork: true 11 initContainers: 12 - name: init 13 image: cgr.dev/chainguard/busybox:latest 14 securityContext: 15 privileged: true 16 command: 17 - "/bin/sh" 18 - "-c" 19 - | 20 #!/usr/bin/env bash 21 22 set -o errexit 23 set -o pipefail 24 set -o nounset 25 26 mkdir -p /etc/frr 27 cat << EOF > /etc/frr/zebra.conf 28 # ! -*- zebra -*- 29 # ! 30 # ! zebra sample configuration file 31 # ! 32 hostname Router 33 password zebra 34 enable password zebra 35 EOF 36 37 cat << EOF > /etc/frr/daemons 38 # This file tells the frr package which daemons to start. 39 # 40 # Sample configurations for these daemons can be found in 41 # /usr/share/doc/frr/examples/. 42 # 43 # ATTENTION: 44 # 45 # When activating a daemon for the first time, a config file, even if it is 46 # empty, has to be present *and* be owned by the user and group "frr", else 47 # the daemon will not be started by /etc/init.d/frr. The permissions should 48 # be u=rw,g=r,o=. 49 # When using "vtysh" such a config file is also needed. It should be owned by 50 # group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too. 51 # 52 # The watchfrr and zebra daemons are always started. 53 # 54 bgpd=yes 55 ospfd=no 56 ospf6d=no 57 ripd=no 58 ripngd=no 59 isisd=no 60 pimd=no 61 ldpd=no 62 nhrpd=no 63 eigrpd=no 64 babeld=no 65 sharpd=no 66 pbrd=no 67 bfdd=no 68 fabricd=no 69 vrrpd=no 70 # 71 # If this option is set the /etc/init.d/frr script automatically loads 72 # the config via "vtysh -b" when the servers are started. 73 # Check /etc/pam.d/frr if you intend to use "vtysh"! 74 # 75 vtysh_enable=yes 76 zebra_options=" -A 127.0.0.1 -s 90000000" 77 bgpd_options=" -A 127.0.0.1" 78 ospfd_options=" -A 127.0.0.1" 79 ospf6d_options=" -A ::1" 80 ripd_options=" -A 127.0.0.1" 81 ripngd_options=" -A ::1" 82 isisd_options=" -A 127.0.0.1" 83 pimd_options=" -A 127.0.0.1" 84 ldpd_options=" -A 127.0.0.1" 85 nhrpd_options=" -A 127.0.0.1" 86 eigrpd_options=" -A 127.0.0.1" 87 babeld_options=" -A 127.0.0.1" 88 sharpd_options=" -A 127.0.0.1" 89 pbrd_options=" -A 127.0.0.1" 90 staticd_options="-A 127.0.0.1" 91 bfdd_options=" -A 127.0.0.1" 92 fabricd_options="-A 127.0.0.1" 93 vrrpd_options=" -A 127.0.0.1" 94 EOF 95 96 tee /etc/frr/bgpd.conf <<EOF 97 hostname bgpd 98 password zebra 99 router bgp 64512 100 {{- range .Nodes }} 101 neighbor {{ . }} remote-as 64512 102 neighbor {{ . }} next-hop-self 103 {{- end }} 104 105 log stdout debugging 106 EOF 107 volumeMounts: 108 - mountPath: /etc/frr 109 name: conf-dir 110 containers: 111 - name: frr 112 securityContext: 113 privileged: true 114 image: docker.io/frrouting/frr:v7.5.1 115 imagePullPolicy: IfNotPresent 116 volumeMounts: 117 - mountPath: /etc/frr 118 name: conf-dir 119 tolerations: # tolerate all taints 120 - key: "" 121 operator: "Exists" 122 volumes: 123 - name: conf-dir 124 emptyDir: 125 medium: "Memory"