Skip to content

Commit

Permalink
cicd for kube-proxy replacement
Browse files Browse the repository at this point in the history
  • Loading branch information
TrekkieCoder committed Jan 7, 2024
1 parent a0f7b92 commit 1d58f74
Show file tree
Hide file tree
Showing 15 changed files with 528 additions and 0 deletions.
62 changes: 62 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/Vagrantfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :

workers = (ENV['WORKERS'] || "1").to_i
box_name = (ENV['VAGRANT_BOX'] || "sysnet4admin/Ubuntu-k8s")
box_version = "0.7.1"
Vagrant.configure("2") do |config|
config.vm.box = "#{box_name}"
config.vm.box_version = "#{box_version}"

if Vagrant.has_plugin?("vagrant-vbguest")
config.vbguest.auto_update = false
end

config.vm.define "host" do |host|
host.vm.hostname = 'host'
host.vm.network :private_network, ip: "192.168.90.8", :netmask => "255.255.255.0"
host.vm.provision :shell, :path => "host.sh"
host.vm.provider :virtualbox do |vbox|
vbox.memory = "4096"
vbox.cpus = "2"
vbox.default_nic_type = "virtio"
end
end

config.vm.define "loxilb" do |loxilb|
loxilb.vm.hostname = 'llb1'
loxilb.vm.network :private_network, ip: "192.168.80.9", :netmask => "255.255.255.0"
loxilb.vm.network :private_network, ip: "192.168.90.9", :netmask => "255.255.255.0"
loxilb.vm.provision :shell, :path => "loxilb.sh"
loxilb.vm.provider :virtualbox do |vbox|
vbox.memory = "6000"
vbox.cpus = "4"
vbox.default_nic_type = "virtio"
end
end

config.vm.define "master" do |master|
master.vm.hostname = 'master'
master.vm.network :private_network, ip: "192.168.80.10", :netmask => "255.255.255.0"
master.vm.provision :shell, :path => "master.sh"
master.vm.provider :virtualbox do |vbox|
vbox.memory = "4096"
vbox.cpus = "2"
vbox.default_nic_type = "virtio"
end
end

(1..workers).each do |node_number|
config.vm.define "worker#{node_number}" do |worker|
worker.vm.hostname = "worker#{node_number}"
ip = node_number + 100
worker.vm.network :private_network, ip: "192.168.80.#{ip}", :netmask => "255.255.255.0"
worker.vm.provision :shell, :path => "worker.sh"
worker.vm.provider :virtualbox do |vbox|
vbox.memory = "4096"
vbox.cpus = "2"
vbox.default_nic_type = "virtio"
end
end
end
end
5 changes: 5 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/config.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/bash
vagrant global-status | grep -i virtualbox | cut -f 1 -d ' ' | xargs -L 1 vagrant destroy -f
vagrant up
vagrant ssh host -c 'sudo ip route add 123.123.123.0/24 via 192.168.90.9'

5 changes: 5 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/host.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apt-get update
apt-get install -y software-properties-common
#curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
#add-apt-repository -y "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get install -y iperf iperf3
32 changes: 32 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/iperf-service.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
apiVersion: v1
kind: Service
metadata:
name: iperf-service
annotations:
loxilb.io/lbmode: "onearm"
spec:
externalTrafficPolicy: Local
loadBalancerClass: loxilb.io/loxilb
selector:
what: perf-test
ports:
- port: 55001
targetPort: 5001
type: LoadBalancer
---
apiVersion: v1
kind: Pod
metadata:
name: iperf1
labels:
what: perf-test
spec:
containers:
- name: iperf
image: eyes852/ubuntu-iperf-test:0.5
command:
- iperf
- "-s"
ports:
- containerPort: 5001

129 changes: 129 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/kube-loxilb.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-loxilb
namespace: kube-system
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kube-loxilb
rules:
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- watch
- list
- patch
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- list
- patch
- apiGroups:
- ""
resources:
- endpoints
- services
- services/status
verbs:
- get
- watch
- list
- patch
- update
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- watch
- list
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kube-loxilb
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-loxilb
subjects:
- kind: ServiceAccount
name: kube-loxilb
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-loxilb
namespace: kube-system
labels:
app: loxilb
spec:
replicas: 1
selector:
matchLabels:
app: loxilb
template:
metadata:
labels:
app: loxilb
spec:
hostNetwork: true
tolerations:
- effect: NoSchedule
operator: Exists
# Mark the pod as a critical add-on for rescheduling.
- key: CriticalAddonsOnly
operator: Exists
- effect: NoExecute
operator: Exists
priorityClassName: system-node-critical
serviceAccountName: kube-loxilb
terminationGracePeriodSeconds: 0
containers:
- name: kube-loxilb
image: ghcr.io/loxilb-io/kube-loxilb:latest
imagePullPolicy: Always
command:
- /bin/kube-loxilb
args:
- --loxiURL=http://192.168.80.9:11111
- --externalCIDR=123.123.123.1/24
#- --monitor
#- --setBGP
#- --setLBMode=1
#- --config=/opt/loxilb/agent/kube-loxilb.conf
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: true
capabilities:
add: ["NET_ADMIN", "NET_RAW"]
13 changes: 13 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/loxilb.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
export LOXILB_IP=$(ip a |grep global | grep -v '10.0.2.15' | grep -v '192.168.80' | awk '{print $2}' | cut -f1 -d '/')

apt-get update
apt-get install -y software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository -y "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get install -y docker-ce
docker run -u root --cap-add SYS_ADMIN --restart unless-stopped --privileged -dit -v /dev/log:/dev/log --net=host --name loxilb ghcr.io/loxilb-io/loxilb:latest
echo alias loxicmd=\"sudo docker exec -it loxilb loxicmd\" >> ~/.bashrc
echo alias loxilb=\"sudo docker exec -it loxilb \" >> ~/.bashrc

echo $LOXILB_IP > /vagrant/loxilb-ip
59 changes: 59 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/loxilb.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: loxilb-lb
namespace: kube-system
spec:
selector:
matchLabels:
app: loxilb-app
template:
metadata:
name: loxilb-lb
labels:
app: loxilb-app
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
tolerations:
- key: "node-role.kubernetes.io/master"
operator: Exists
- key: "node-role.kubernetes.io/control-plane"
operator: Exists
containers:
- name: loxilb-app
image: "ghcr.io/loxilb-io/loxilb:latest"
imagePullPolicy: Always
command: [ "/root/loxilb-io/loxilb/loxilb", "--bgp", "--egr-hooks", "--blacklist=veth.|flannel.|cali.|tunl.|vxlan[.]calico", "--ipvs-compat" ]
ports:
- containerPort: 11111
- containerPort: 179
- containerPort: 50051
securityContext:
privileged: true
capabilities:
add:
- SYS_ADMIN
---
apiVersion: v1
kind: Service
metadata:
name: loxilb-lb-service
namespace: kube-system
spec:
clusterIP: None
selector:
app: loxilb-app
ports:
- name: loxilb-app
port: 11111
targetPort: 11111
protocol: TCP
- name: loxilb-app-bgp
port: 179
targetPort: 179
protocol: TCP
- name: loxilb-app-gobgp
port: 50051
targetPort: 50051
protocol: TCP
12 changes: 12 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/master.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
export MASTER_IP=$(ip a |grep global | grep -v '10.0.2.15' | grep '192.168.80' | awk '{print $2}' | cut -f1 -d '/')

curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable traefik --disable servicelb --disable-cloud-controller --kube-proxy-arg proxy-mode=ipvs \
--node-ip=${MASTER_IP} --node-external-ip=${MASTER_IP} \
--bind-address=${MASTER_IP}" sh -

echo $MASTER_IP > /vagrant/master-ip
sudo cp /var/lib/rancher/k3s/server/node-token /vagrant/node-token
sudo cp /etc/rancher/k3s/k3s.yaml /vagrant/k3s.yaml
sudo sed -i -e "s/127.0.0.1/${MASTER_IP}/g" /vagrant/k3s.yaml
sudo kubectl apply -f /vagrant/kube-loxilb.yml
/vagrant/wait_ready.sh
28 changes: 28 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/nginx.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
apiVersion: v1
kind: Service
metadata:
name: nginx-lb1
annotations:
loxilb.io/lbmode: "onearm"
spec:
externalTrafficPolicy: Local
loadBalancerClass: loxilb.io/loxilb
selector:
what: nginx-test
ports:
- port: 55002
targetPort: 80
type: LoadBalancer
---
apiVersion: v1
kind: Pod
metadata:
name: nginx-test
labels:
what: nginx-test
spec:
containers:
- name: nginx-test
image: ghcr.io/loxilb-io/nginx:stable
ports:
- containerPort: 80
5 changes: 5 additions & 0 deletions cicd/k3s-flannel-cluster-ipvs-compat/rmconfig.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/bash
vagrant destroy -f worker1
vagrant destroy -f master
vagrant destroy -f loxilb
vagrant destroy -f host
Loading

0 comments on commit 1d58f74

Please sign in to comment.