github.com/datadog/cilium@v1.6.12/Documentation/concepts/ipam/hostscope.rst

github.com/datadog/cilium@v1.6.12/Documentation/concepts/ipam/hostscope.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      http://docs.cilium.io
     6  
     7  ####################
     8  Host Scope (default)
     9  ####################
    10  
    11  The host-scope IPAM mode delegates the address allocation to each individual
    12  node in the cluster. Each cluster node is assigned an allocation CIDR out of
    13  which the node can allocate IPs without further coordination with any other
    14  nodes.
    15  
    16  This means that no state needs to be synchronized between cluster nodes to
    17  allocate IP addresses and to determine whether an IP address belongs to an
    18  *endpoint* of the cluster and whether that *endpoint* resides on the local
    19  cluster node.
    20  
    21  .. note:: If you are using Kubernetes, the allocation of the node address prefix
    22            can be simply delegated to Kubernetes by specifying
    23            ``--allocate-node-cidrs`` flag to ``kube-controller-manager``. Cilium
    24            will automatically use the IPv4 node CIDR allocated by Kubernetes.
    25  
    26  The following values are used by default if the cluster prefix is left
    27  unspecified. These are meant for testing and need to be adjusted according to
    28  the needs of your environment.
    29  
    30  +-------+----------------+--------------------------------------------------+
    31  | Type  | Cluster        | Node Prefix                                      |
    32  +-------+----------------+--------------------------------------------------+
    33  | IPv4  | ``10.0.0.0/8`` | ``10.X.0.0/16`` where ``X`` is derived using the |
    34  |       |                | last 8 bits of the first IPv4 address in the list|
    35  |       |                | of global scope addresses on the cluster node.   |
    36  +-------+----------------+--------------------------------------------------+
    37  | IPv6  | ``f00d::/48``  | ``f00d:0:0:0:<ipv4-address>::/96`` where the     |
    38  |       |                | IPv4 address is the first address in the list of |
    39  |       |                | global scope addresses on the cluster node.      |
    40  |       |                |                                                  |
    41  |       |                | Note: Only 16 bits out of the ``/96`` node       |
    42  |       |                | prefix are currently used when allocating        |
    43  |       |                | container addresses. This allows to use the      |
    44  |       |                | remaining 16 bits to store arbitrary connection  |
    45  |       |                | state when sending packets between nodes. A      |
    46  |       |                | typical use case for the state is direct server  |
    47  |       |                | return.                                          |
    48  +-------+----------------+--------------------------------------------------+
    49  
    50  The size of the IPv4 cluster prefix can be changed with the
    51  ``--ipv4-cluster-cidr-mask-size`` option. The size of the IPv6 cluster prefix
    52  is currently fixed sized at ``/48``. The node allocation prefixes can be
    53  specified manually with the option ``--ipv4-range`` respectively
    54  ``--ipv6-range``.