diff --git a/hack/aks/Makefile b/hack/aks/Makefile index 67282abe7d..75ee864845 100644 --- a/hack/aks/Makefile +++ b/hack/aks/Makefile @@ -23,6 +23,8 @@ VNET_PREFIX ?= 10.0.0.0/8 SUBNET_PREFIX ?= 10.10.0.0/16 POD_CIDR ?= 192.168.0.0/16 SVC_CIDR ?= 192.168.10.0/16 +NODE_SUBNET_PREFIX ?= 10.240.0.0/16 +POD_SUBNET_PREFIX ?= 10.241.0.0/16 # overrideable variables SUB ?= $(AZURE_SUBSCRIPTION) @@ -79,9 +81,9 @@ rg-down: ## Delete resource group $(AZCLI) group delete -g $(GROUP) --yes swift-net-up: ## Create vnet, nodenet and podnet subnets - $(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none - $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes 10.240.0.0/16 -o none - $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes 10.241.0.0/16 -o none + $(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes $(VNET_PREFIX) -o none + $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes $(NODE_SUBNET_PREFIX) -o none + $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes $(POD_SUBNET_PREFIX) -o none vnetscale-swift-net-up: ## Create vnet, nodenet and podnet subnets for vnet scale $(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index 4a55939a13..7bd738d647 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -3,8 +3,8 @@ # sufix1 - unique single digit whole number 1-9. Cannot match sufix2 # sufix2 - unique single digit whole number 1-9. Cannot match sufix1 # SUB - GUID for subscription -# clusterType - overlay-byocni-nokubeproxy-up-mesh is primary atm, but leaving for testing later. -# Example command: clusterPrefix= sufix1=1 sufix2=2 SUB= clusterType=overlay-byocni-nokubeproxy-up-mesh ./cil-script.sh +# clusterType - swift-byocni-nokubeproxy-up is primary atm, but leaving for testing later. +# Example command: clusterPrefix= sufix1=1 sufix2=2 SUB= clusterType=swift-byocni-nokubeproxy-up ./cil-script.sh sufixes="${sufix1} ${sufix2}" install=helm @@ -15,18 +15,20 @@ for unique in $sufixes; do make -C ./hack/aks $clusterType \ AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ - POD_CIDR=192.${unique}0.0.0/16 SVC_CIDR=192.${unique}1.0.0/16 DNS_IP=192.${unique}1.0.10 \ - VNET_PREFIX=10.${unique}0.0.0/16 SUBNET_PREFIX=10.${unique}0.0.0/16 + KUBE_PROXY_JSON_PATH=./kube-proxy.json \ + VNET_PREFIX=10.${unique}.0.0/16 \ + NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ + POD_SUBNET_PREFIX=10.${unique}.2.0/24 kubectl config use-context ${clusterPrefix}-${unique} if [ $install == "helm" ]; then helm upgrade --install -n kube-system cilium cilium/cilium \ - --version v1.16.1 \ + --version v1.17.3 \ --set cluster.name=${clusterPrefix}-${unique} \ --set azure.resourceGroup=${clusterPrefix}-${unique}-rg \ --set cluster.id=${unique} \ - --set ipam.operator.clusterPoolIPv4PodCIDRList='{192.'${unique}'0.0.0/16}' \ + --set ipam.operator.clusterPoolIPv4PodCIDRList='{10.'${unique}'.2.0/24}' \ --set hubble.enabled=false \ --set envoy.enabled=false fi @@ -68,4 +70,7 @@ cilium clustermesh status --context ${clusterPrefix}-${sufix2} --wait # # CA is passed between clusters in this step cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2} + +# For 3+ clusters +# cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2} --connection-mode mesh # These can be run in parallel in different bash shells