Skip to content

clustermesh script #3644

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

clustermesh script #3644

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions hack/aks/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,11 @@ overlay-net-up: ## Create vnet, nodenet subnets
$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none
$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefix 10.10.0.0/16 -o none

cilium-net-up: ## Create vnet, nodenet and podnet subnets
$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes $(VNET_PREFIX) -o none
$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes $(NODE_SUBNET_PREFIX) -o none
$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes $(POD_SUBNET_PREFIX) -o none

##@ AKS Clusters

byocni-up: swift-byocni-up ## Alias to swift-byocni-up
Expand Down Expand Up @@ -258,6 +263,26 @@ swift-byocni-nokubeproxy-up: rg-up ipv4 swift-net-up ## Bring up a SWIFT BYO CNI
--yes
@$(MAKE) set-kubeconf

cilium-clustermesh-byocni-nokubeproxy-up: rg-up cilium-net-up ## Bring up a Cilium BYO CNI cluster without kube-proxy
$(AZCLI) aks create -n $(CLUSTER) -g $(GROUP) -l $(REGION) \
--auto-upgrade-channel $(AUTOUPGRADE) \
--node-os-upgrade-channel $(NODEUPGRADE) \
--kubernetes-version $(K8S_VER) \
--node-count $(NODE_COUNT) \
--node-vm-size $(VM_SIZE) \
--load-balancer-sku basic \
--network-plugin none \
--pod-cidr $(POD_CIDR) \
--service-cidr $(SVC_CIDR) \
--dns-service-ip $(DNS_IP) \
--vnet-subnet-id /subscriptions/$(SUB)/resourceGroups/$(GROUP)/providers/Microsoft.Network/virtualNetworks/$(VNET)/subnets/nodenet \
--pod-subnet-id /subscriptions/$(SUB)/resourceGroups/$(GROUP)/providers/Microsoft.Network/virtualNetworks/$(VNET)/subnets/podnet \
--no-ssh-key \
--os-sku $(OS_SKU) \
--kube-proxy-config ./kube-proxy.json \
--yes
@$(MAKE) set-kubeconf

swift-cilium-up: rg-up ipv4 swift-net-up ## Bring up a SWIFT Cilium cluster
$(AZCLI) aks create -n $(CLUSTER) -g $(GROUP) -l $(REGION) \
--auto-upgrade-channel $(AUTOUPGRADE) \
Expand Down
74 changes: 74 additions & 0 deletions hack/scripts/enable-cilium-cluster-mesh.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
#!/bin/bash
# Requires
# sufix1 - unique single digit whole number 1-9. Cannot match sufix2
# sufix2 - unique single digit whole number 1-9. Cannot match sufix1
# SUB - GUID for subscription
# clusterType - cilium-clustermesh-byocni-nokubeproxy-up is primary atm, but leaving for testing later.
# Example command: clusterPrefix=isaiahraya sufix1=1 sufix2=2 SUB=d9eabe18-12f6-4421-934a-d7e2327585f5 clusterType=cilium-clustermesh-byocni-nokubeproxy-up ./enable-cilium-cluster-mesh.sh

sufixes="${sufix1} ${sufix2}"
install=helm
echo "sufixes ${sufixes}"

cd ../..
for unique in $sufixes; do
make -C ./hack/aks $clusterType \
AZCLI=az REGION=westus2 SUB=$SUB \
CLUSTER=${clusterPrefix}-${unique} \
POD_CIDR=192.${unique}0.0.0/16 SVC_CIDR=192.${unique}1.0.0/16 DNS_IP=192.${unique}1.0.10 \
VNET_PREFIX=10.${unique}0.0.0/16 NODE_SUBNET_PREFIX=10.${unique}0.0.0/17 POD_SUBNET_PREFIX=10.${unique}0.128.0/17

kubectl config use-context ${clusterPrefix}-${unique}

if [ $install == "helm" ]; then
helm upgrade --install -n kube-system cilium cilium/cilium \
--version v1.16.1 \
--set cluster.name=${clusterPrefix}-${unique} \
--set azure.resourceGroup=${clusterPrefix}-${unique}-rg \
--set cluster.id=${unique} \
--set ipam.operator.clusterPoolIPv4PodCIDRList='{192.'${unique}'0.0.0/16}' \
--set hubble.enabled=false \
--set envoy.enabled=false
fi
done

cd hack/scripts

VNET_ID1=$(az network vnet show \
--resource-group "${clusterPrefix}-${sufix1}-rg" \
--name "${clusterPrefix}-${sufix1}-vnet" \
--query id -o tsv)

VNET_ID2=$(az network vnet show \
--resource-group "${clusterPrefix}-${sufix2}-rg" \
--name "${clusterPrefix}-${sufix2}-vnet" \
--query id -o tsv)

az network vnet peering create \
-g "${clusterPrefix}-${sufix1}-rg" \
--name "peering-${clusterPrefix}-${sufix1}-to-${clusterPrefix}-${sufix2}" \
--vnet-name "${clusterPrefix}-${sufix1}-vnet" \
--remote-vnet "${VNET_ID2}" \
--allow-vnet-access

az network vnet peering create \
-g "${clusterPrefix}-${sufix2}-rg" \
--name "peering-${clusterPrefix}-${sufix2}-to-${clusterPrefix}-${sufix1}" \
--vnet-name "${clusterPrefix}-${sufix2}-vnet" \
--remote-vnet "${VNET_ID1}" \
--allow-vnet-access


cilium clustermesh enable --context ${clusterPrefix}-${sufix1} --enable-kvstoremesh=true
cilium clustermesh enable --context ${clusterPrefix}-${sufix2} --enable-kvstoremesh=true


cilium clustermesh status --context ${clusterPrefix}-${sufix1} --wait
cilium clustermesh status --context ${clusterPrefix}-${sufix2} --wait

# # CA is passed between clusters in this step
cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2}

# For 3+ clusters
# cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2} --connection-mode mesh
# These can be run in parallel in different bash shells
Loading