github.com/tigera/api@v0.0.0-20240320170621-278e89a8c5fb/pkg/apis/projectcalico/v3/bgppeer.go

github.com/tigera/api@v0.0.0-20240320170621-278e89a8c5fb/pkg/apis/projectcalico/v3/bgppeer.go (about)

     1  // Copyright (c) 2017,2020-2021 Tigera, Inc. All rights reserved.
     2  
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package v3
    16  
    17  import (
    18  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    19  
    20  	k8sv1 "k8s.io/api/core/v1"
    21  
    22  	"github.com/tigera/api/pkg/lib/numorstring"
    23  )
    24  
    25  const (
    26  	KindBGPPeer     = "BGPPeer"
    27  	KindBGPPeerList = "BGPPeerList"
    28  )
    29  
    30  // +genclient:nonNamespaced
    31  // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
    32  
    33  // BGPPeerList is a list of BGPPeer resources.
    34  type BGPPeerList struct {
    35  	metav1.TypeMeta `json:",inline"`
    36  	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
    37  
    38  	Items []BGPPeer `json:"items" protobuf:"bytes,2,rep,name=items"`
    39  }
    40  
    41  // +genclient
    42  // +genclient:nonNamespaced
    43  // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
    44  
    45  type BGPPeer struct {
    46  	metav1.TypeMeta   `json:",inline"`
    47  	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
    48  
    49  	Spec BGPPeerSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
    50  }
    51  
    52  // BGPPeerSpec contains the specification for a BGPPeer resource.
    53  type BGPPeerSpec struct {
    54  	// The node name identifying the Calico node instance that is targeted by this peer.
    55  	// If this is not set, and no nodeSelector is specified, then this BGP peer selects all
    56  	// nodes in the cluster.
    57  	// +optional
    58  	Node string `json:"node,omitempty" validate:"omitempty,name"`
    59  
    60  	// Selector for the nodes that should have this peering.  When this is set, the Node
    61  	// field must be empty.
    62  	// +optional
    63  	NodeSelector string `json:"nodeSelector,omitempty" validate:"omitempty,selector"`
    64  
    65  	// The IP address of the peer followed by an optional port number to peer with.
    66  	// If port number is given, format should be `[<IPv6>]:port` or `<IPv4>:<port>` for IPv4.
    67  	// If optional port number is not set, and this peer IP and ASNumber belongs to a calico/node
    68  	// with ListenPort set in BGPConfiguration, then we use that port to peer.
    69  	// +optional
    70  	PeerIP string `json:"peerIP,omitempty" validate:"omitempty,IP:port"`
    71  
    72  	// The AS Number of the peer.
    73  	// +optional
    74  	ASNumber numorstring.ASNumber `json:"asNumber,omitempty"`
    75  
    76  	// Extensions is a mapping of keys to values that can be used in custom BGP templates
    77  	// +optional
    78  	Extensions map[string]string `json:"extensions,omitempty" validate:"omitempty"`
    79  
    80  	// Selector for the remote nodes to peer with.  When this is set, the PeerIP and
    81  	// ASNumber fields must be empty.  For each peering between the local node and
    82  	// selected remote nodes, we configure an IPv4 peering if both ends have
    83  	// NodeBGPSpec.IPv4Address specified, and an IPv6 peering if both ends have
    84  	// NodeBGPSpec.IPv6Address specified.  The remote AS number comes from the remote
    85  	// node's NodeBGPSpec.ASNumber, or the global default if that is not set.
    86  	// +optional
    87  	PeerSelector string `json:"peerSelector,omitempty" validate:"omitempty,selector"`
    88  
    89  	// Option to keep the original nexthop field when routes are sent to a BGP Peer.
    90  	// Setting "true" configures the selected BGP Peers node to use the "next hop keep;"
    91  	// instead of "next hop self;"(default) in the specific branch of the Node on "bird.cfg".
    92  	KeepOriginalNextHop bool `json:"keepOriginalNextHop,omitempty"`
    93  
    94  	// Optional BGP password for the peerings generated by this BGPPeer resource.
    95  	Password *BGPPassword `json:"password,omitempty" validate:"omitempty"`
    96  
    97  	// Specifies whether and how to configure a source address for the peerings generated by
    98  	// this BGPPeer resource.  Default value "UseNodeIP" means to configure the node IP as the
    99  	// source address.  "None" means not to configure a source address.
   100  	SourceAddress SourceAddress `json:"sourceAddress,omitempty" validate:"omitempty,sourceAddress"`
   101  
   102  	// Specifies whether and how to detect loss of connectivity on the peerings generated by
   103  	// this BGPPeer resource.  Default value "None" means nothing beyond BGP's own (slow) hold
   104  	// timer.  "BFDIfDirectlyConnected" means to use BFD when the peer is directly connected.
   105  	FailureDetectionMode FailureDetectionMode `json:"failureDetectionMode,omitempty" validate:"omitempty,failureDetectionMode"`
   106  
   107  	// Specifies restart behaviour to configure on the peerings generated by this BGPPeer
   108  	// resource.  Default value "GracefulRestart" means traditional graceful restart.
   109  	// "LongLivedGracefulRestart" means LLGR according to draft-uttaro-idr-bgp-persistence-05.
   110  	RestartMode RestartMode `json:"restartMode,omitempty" validate:"omitempty,restartMode"`
   111  
   112  	// Time to allow for software restart.  When specified, this is configured as the graceful
   113  	// restart timeout when RestartMode is "GracefulRestart", and as the LLGR stale time when
   114  	// RestartMode is "LongLivedGracefulRestart".  When not specified, the BIRD defaults are
   115  	// used, which are 120s for "GracefulRestart" and 3600s for "LongLivedGracefulRestart".
   116  	MaxRestartTime *metav1.Duration `json:"maxRestartTime,omitempty"`
   117  
   118  	// Specifies the BIRD "gateway" mode, i.e. method for computing the immediate next hop for
   119  	// each received route, for peerings generated by this BGPPeer resource.  Default value
   120  	// "Recursive" means "gateway recursive".  "DirectIfDirectlyConnected" means to configure
   121  	// "gateway direct" when the peer is directly connected.
   122  	BIRDGatewayMode BIRDGatewayMode `json:"birdGatewayMode,omitempty" validate:"omitempty,birdGatewayMode"`
   123  
   124  	// Maximum number of local AS numbers that are allowed in the AS path for received routes.
   125  	// This removes BGP loop prevention and should only be used if absolutely necessary.
   126  	// +optional
   127  	NumAllowedLocalASNumbers *int32 `json:"numAllowedLocalASNumbers,omitempty"`
   128  
   129  	// TTLSecurity enables the generalized TTL security mechanism (GTSM) which protects against spoofed packets by
   130  	// ignoring received packets with a smaller than expected TTL value. The provided value is the number of hops
   131  	// (edges) between the peers.
   132  	// +optional
   133  	TTLSecurity *uint8 `json:"ttlSecurity,omitempty"`
   134  
   135  	// The ordered set of BGPFilters applied on this BGP peer.
   136  	// +optional
   137  	Filters []string `json:"filters,omitempty" validate:"omitempty,dive,name"`
   138  
   139  	// Name of the external network to which this peer belongs.
   140  	// +optional
   141  	ExternalNetwork string `json:"externalNetwork,omitempty" validate:"omitempty,name"`
   142  
   143  	// Add an exact, i.e. /32, static route toward peer IP in order to prevent route flapping.
   144  	// ReachableBy contains the address of the gateway which peer can be reached by.
   145  	// +optional
   146  	ReachableBy string `json:"reachableBy,omitempty" validate:"omitempty,reachableBy"`
   147  }
   148  
   149  type SourceAddress string
   150  
   151  const (
   152  	SourceAddressUseNodeIP SourceAddress = "UseNodeIP"
   153  	SourceAddressNone      SourceAddress = "None"
   154  )
   155  
   156  type FailureDetectionMode string
   157  
   158  const (
   159  	FailureDetectionModeNone                   FailureDetectionMode = "None"
   160  	FailureDetectionModeBFDIfDirectlyConnected FailureDetectionMode = "BFDIfDirectlyConnected"
   161  )
   162  
   163  type RestartMode string
   164  
   165  const (
   166  	RestartModeGracefulRestart          RestartMode = "GracefulRestart"
   167  	RestartModeLongLivedGracefulRestart RestartMode = "LongLivedGracefulRestart"
   168  )
   169  
   170  type BIRDGatewayMode string
   171  
   172  const (
   173  	BIRDGatewayModeRecursive                 BIRDGatewayMode = "Recursive"
   174  	BIRDGatewayModeDirectIfDirectlyConnected BIRDGatewayMode = "DirectIfDirectlyConnected"
   175  )
   176  
   177  // BGPPassword contains ways to specify a BGP password.
   178  type BGPPassword struct {
   179  	// Selects a key of a secret in the node pod's namespace.
   180  	SecretKeyRef *k8sv1.SecretKeySelector `json:"secretKeyRef,omitempty"`
   181  }
   182  
   183  // NewBGPPeer creates a new (zeroed) BGPPeer struct with the TypeMetadata initialised to the current
   184  // version.
   185  func NewBGPPeer() *BGPPeer {
   186  	return &BGPPeer{
   187  		TypeMeta: metav1.TypeMeta{
   188  			Kind:       KindBGPPeer,
   189  			APIVersion: GroupVersionCurrent,
   190  		},
   191  	}
   192  }