calico

2025-08-02 15:18:37 +02:00
parent 92a020b05b
commit 89ca90e6b7
4 changed files with 67 additions and 51 deletions
--- a/calico-config/calico-peer.yaml
+++ b/calico-config/calico-peer.yaml
@@ -8,9 +8,9 @@ spec:
  nodeToNodeMeshEnabled: false
  asNumber: 65000
  serviceClusterIPs:
-    - cidr: "2001:470:72f0:f:1::/108" #server service net
+    #- cidr: "2001:470:72f0:f:1::/108" #server service net
    - cidr: "fd00:0:0:f:1::/108"      #server service net
-    - cidr: "2001:470:72f0:f:2::/108" #dmz service net
+    #- cidr: "2001:470:72f0:f:2::/108" #dmz service net
    - cidr: "fd00:0:0:f:2::/108"      #dmz service net
    - cidr: "10.0.91.0/24"            #server service net
    - cidr: "10.0.92.0/24"            #dmz service net
@@ -18,31 +18,47 @@ spec:
 apiVersion: projectcalico.org/v3
 kind: BGPPeer
 metadata:
-  name: "aux1-v6"
+  name: "firewall-v6"
 spec:
-  peerIP: "fd00:0:0:2::6" #aux1 - bgp router...
+  peerIP: "fd00:0:0:2::1" #aux1 - bgp router...
  asNumber: 65000
 ---
 apiVersion: projectcalico.org/v3
 kind: BGPPeer
 metadata:
-  name: "aux2-v6"
+  name: "firewall-v6"
 spec:
-  peerIP: "fd00:0:0:2::7" #aux2 - bgp router...
+  peerIP: "fd00:0:0:2::1" #aux2 - bgp router...
  asNumber: 65000
---
-apiVersion: projectcalico.org/v3
-kind: BGPPeer
-metadata:
-  name: "aux1-v4"
-spec:
-  peerIP: "10.0.2.6" #aux1 - bgp router...
-  asNumber: 65000
---
-apiVersion: projectcalico.org/v3
-kind: BGPPeer
-metadata:
-  name: "aux2-v4"
-spec:
-  peerIP: "10.0.2.7" #aux2 - bgp router...
-  asNumber: 65000
+#---
+#apiVersion: projectcalico.org/v3
+#kind: BGPPeer
+#metadata:
+#  name: "aux1-v6"
+#spec:
+#  peerIP: "fd00:0:0:2::6" #aux1 - bgp router...
+#  asNumber: 65000
+#---
+#apiVersion: projectcalico.org/v3
+#kind: BGPPeer
+#metadata:
+#  name: "aux2-v6"
+#spec:
+#  peerIP: "fd00:0:0:2::7" #aux2 - bgp router...
+#  asNumber: 65000
+#---
+#apiVersion: projectcalico.org/v3
+#kind: BGPPeer
+#metadata:
+#  name: "aux1-v4"
+#spec:
+#  peerIP: "10.0.2.6" #aux1 - bgp router...
+#  asNumber: 65000
+#---
+#apiVersion: projectcalico.org/v3
+#kind: BGPPeer
+#metadata:
+#  name: "aux2-v4"
+#spec:
+#  peerIP: "10.0.2.7" #aux2 - bgp router...
+#  asNumber: 65000
--- a/calico-config/calico.yaml
+++ b/calico-config/calico.yaml
@@ -11,7 +11,7 @@ spec:
      interface: en.*
    ipPools:
    - blockSize: 122
-      cidr: 2001:470:72f0:a::/64
+      cidr: fd00:0:0:a::/64
      encapsulation: VXLAN
      natOutgoing: Disabled
      nodeSelector: all()
--- a/calico-config/ippools.yaml
+++ b/calico-config/ippools.yaml
@@ -1,15 +1,15 @@
-apiVersion: projectcalico.org/v3
-kind: IPPool
-metadata:
-  name: ipv6-server-private # server net
-spec:
-  blockSize: 122
-  cidr: fd00:0:0:a::/64
-  ipipMode: Never
-  #natOutgoing: false
-  #disabled: false
-  nodeSelector: all()
-  vxlanMode: Always
+#apiVersion: projectcalico.org/v3
+#kind: IPPool
+#metadata:
+#  name: ipv6-server-private # server net
+#spec:
+#  blockSize: 122
+#  cidr: fd00:0:0:a::/64
+#  ipipMode: Never
+#  #natOutgoing: false
+#  #disabled: false
+#  nodeSelector: all()
+#  vxlanMode: Always
 ---
 apiVersion: projectcalico.org/v3
 kind: IPPool
@@ -24,15 +24,15 @@ spec:
  nodeSelector: all()
  vxlanMode: Always
 ---
-apiVersion: projectcalico.org/v3
-kind: IPPool
-metadata:
-  name: ipv6-dmz-public # dmz net
-spec:
-  blockSize: 122
-  cidr: 2001:470:72f0:b::/64
-  ipipMode: Never
-  #natOutgoing: false
-  #disabled: false
-  nodeSelector: all()
-  vxlanMode: Always
+#apiVersion: projectcalico.org/v3
+#kind: IPPool
+#metadata:
+#  name: ipv6-dmz-public # dmz net
+#spec:
+#  blockSize: 122
+#  cidr: 2001:470:72f0:b::/64
+#  ipipMode: Never
+#  #natOutgoing: false
+#  #disabled: false
+#  nodeSelector: all()
+#  vxlanMode: Always
--- a/terraform/control-plane1.bu
+++ b/terraform/control-plane1.bu
@@ -153,8 +153,8 @@ storage:
          kind: ClusterConfiguration
          controlPlaneEndpoint: "[fd00:0:0:2::100]:6443"
          networking:
-            podSubnet: "fd00:10:244::/56,10.244.0.0/16"
-            serviceSubnet: "fd00:10:96::/112,10.96.0.0/12"
+            podSubnet: "fd00:0:0:a::/64,10.0.10.0/24"
+            serviceSubnet: "fd00:0:0:f:1::/108,10.0.91.0/24"
            dnsDomain: "k8s.undercloud.local"
          controllerManager:
            extraArgs:
@@ -327,8 +327,8 @@ systemd:
        ExecStart=/opt/bin/kubectl wait deployment -n tigera-operator tigera-operator --for condition=Available=True --timeout=1200s
        ExecStart=/bin/sh -c 'echo "apply calico (calico-apiserver)..."'
        ExecStart=/opt/bin/kubectl apply -f http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/calico-config/calico.yaml
-        ExecStart=/bin/sh -c 'echo "witing 10m..."'
-        ExecStart=/bin/sleep 10m
+        ExecStart=/bin/sh -c 'echo "witing 1m..."'
+        ExecStart=/bin/sleep 1m
        ExecStart=/bin/sh -c 'echo "witing calico-apiserver... (20mini max)"'
        ExecStart=/opt/bin/kubectl wait deployment -n calico-apiserver calico-apiserver --for condition=Available=True --timeout=1200s
        ExecStart=/bin/sh -c 'echo "witing 120s..."'