138 lines
3.8 KiB
Text
138 lines
3.8 KiB
Text
# Generated by confd
|
|
router id {{getenv "IP"}};
|
|
|
|
# Watch interface up/down events.
|
|
protocol device {
|
|
scan time 2; # Scan interfaces every 2 seconds
|
|
}
|
|
|
|
# Template for all BGP clients
|
|
template bgp bgp_template {
|
|
debug off;
|
|
description "Connection to BGP peer";
|
|
multihop;
|
|
import all; # Import all routes, since we don't know what the upstream
|
|
# topology is and therefore have to trust the ToR/RR.
|
|
export all; # Export all.
|
|
source address {{getenv "IP"}}; # The local address we use for the TCP connection
|
|
graceful restart; # See comment in kernel section about graceful restart.
|
|
}
|
|
|
|
{{$our_rr_key := printf "/rr_v4/%s" (getenv "IP")}}
|
|
{{if ls $our_rr_key}}{{$our_rr_data := json (getv $our_rr_key)}}
|
|
|
|
|
|
{{if ls "/ospf_to_hosts"}}
|
|
|
|
# import direct interfaces
|
|
protocol direct {
|
|
debug { states };
|
|
interface -"cali*", -"docker*", "*";
|
|
}
|
|
|
|
# Synchronize them with the kernel
|
|
protocol kernel kern1 {
|
|
export all;
|
|
}
|
|
|
|
|
|
# OSPF Export filters
|
|
filter export_OSPF {
|
|
if ( net ~ 172.27.64.0/18 ) then {
|
|
print "export: net accepted:", net;
|
|
accept;
|
|
}
|
|
print "export: net rejected:", net;
|
|
reject;
|
|
}
|
|
|
|
filter import_OSPF {
|
|
print "import: net rejected:", net;
|
|
reject;
|
|
}
|
|
|
|
protocol ospf pods_ospf {
|
|
debug all;
|
|
export filter export_OSPF;
|
|
import filter import_OSPF;
|
|
area 0.0.0.0 {
|
|
interface "eth*" {
|
|
hello 10;
|
|
retransmit 5;
|
|
cost 10;
|
|
transmit delay 1;
|
|
dead count 4;
|
|
wait 40;
|
|
type ptp;
|
|
strict ptp yes;
|
|
authentication none;
|
|
priority 0;
|
|
neighbors {
|
|
{{range gets "/ospf_to_hosts/*"}}{{$ohost := json .Value}}{{$ohost.IP}}{{if $ohost.eligible}} eligible{{end}};{{ end }}
|
|
};
|
|
};
|
|
};
|
|
}
|
|
|
|
{{ end }}
|
|
|
|
|
|
|
|
|
|
# ------------- RR-to-RR full mesh -------------
|
|
{{if ls "/rr_v4"}}
|
|
{{range gets "/rr_v4/*"}}{{$data := json .Value}}{{$rr_ip := $data.ip}}
|
|
{{$nums := split $rr_ip "."}}{{$id := join $nums "_"}}
|
|
# For RR {{$rr_ip}}
|
|
{{if eq $rr_ip (getenv "IP") }}# Skipping ourselves
|
|
{{else if ne "" $rr_ip}}protocol bgp Mesh_{{$id}} from bgp_template {
|
|
local as {{getv "/global/as_num"}};
|
|
neighbor {{$rr_ip}} as {{getv "/global/as_num"}};
|
|
}{{end}}{{end}}
|
|
{{end}}
|
|
|
|
|
|
# ------------- RR as a global peer -------------
|
|
{{if ls "/global/peer_v4"}}
|
|
{{range gets "/global/peer_v4/*"}}{{$data := json .Value}}
|
|
{{if eq $data.ip (getenv "IP")}}
|
|
# This RR is a global peer with *all* calico nodes.
|
|
{{range $cnode := lsdir "/host"}}
|
|
{{$cnode_as_key := printf "/host/%s/as_num" $cnode}}
|
|
{{$cnode_ip_key := printf "/host/%s/ip_addr_v4" $cnode}}{{$cnode_ip := getv $cnode_ip_key}}
|
|
{{$nums := split $cnode_ip "."}}{{$id := join $nums "_"}}
|
|
# Peering with Calico node {{$cnode}}
|
|
protocol bgp Global_{{$id}} from bgp_template {
|
|
local as {{$data.as_num}};
|
|
neighbor {{$cnode_ip}} as {{if exists $cnode_as_key}}{{getv $cnode_as_key}}{{else}}{{getv "/global/as_num"}}{{end}};
|
|
rr client;
|
|
{{if $our_rr_data.cluster_id}}rr cluster id {{$our_rr_data.cluster_id}};{{end}}
|
|
}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
|
|
# ------------- RR as a node-specific peer -------------
|
|
{{range $cnode := lsdir "/host"}}
|
|
{{$node_peers_key := printf "/host/%s/peer_v4" $cnode}}
|
|
{{if ls $node_peers_key}}
|
|
{{range $peer := gets (printf "%s/*" $node_peers_key)}}{{$data := json $peer.Value}}
|
|
{{if eq $data.ip (getenv "IP")}}
|
|
{{$cnode_as_key := printf "/host/%s/as_num" $cnode}}
|
|
{{$cnode_ip_key := printf "/host/%s/ip_addr_v4" $cnode}}{{$cnode_ip := getv $cnode_ip_key}}
|
|
{{$nums := split $cnode_ip "."}}{{$id := join $nums "_"}}
|
|
# RR configured as a specific peer for calico node {{$peer.Key}}
|
|
protocol bgp Node_{{$id}} from bgp_template {
|
|
local as {{$data.as_num}};
|
|
neighbor {{$cnode_ip}} as {{if exists $cnode_as_key}}{{getv $cnode_as_key}}{{else}}{{getv "/global/as_num"}}{{end}};
|
|
rr client;
|
|
{{if $our_rr_data.cluster_id}}rr cluster id {{$our_rr_data.cluster_id}};{{end}}
|
|
}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{end}}
|