From 55bf0888ee6b808cb29b0924127f5d24e8755f30 Mon Sep 17 00:00:00 2001 From: Isaiah Raya Date: Thu, 8 May 2025 23:00:20 +0000 Subject: [PATCH 1/6] updates --- hack/aks/Makefile | 8 +++++--- hack/scripts/cil-script.sh | 13 +++++++++---- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/hack/aks/Makefile b/hack/aks/Makefile index 67282abe7d..75ee864845 100644 --- a/hack/aks/Makefile +++ b/hack/aks/Makefile @@ -23,6 +23,8 @@ VNET_PREFIX ?= 10.0.0.0/8 SUBNET_PREFIX ?= 10.10.0.0/16 POD_CIDR ?= 192.168.0.0/16 SVC_CIDR ?= 192.168.10.0/16 +NODE_SUBNET_PREFIX ?= 10.240.0.0/16 +POD_SUBNET_PREFIX ?= 10.241.0.0/16 # overrideable variables SUB ?= $(AZURE_SUBSCRIPTION) @@ -79,9 +81,9 @@ rg-down: ## Delete resource group $(AZCLI) group delete -g $(GROUP) --yes swift-net-up: ## Create vnet, nodenet and podnet subnets - $(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none - $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes 10.240.0.0/16 -o none - $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes 10.241.0.0/16 -o none + $(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes $(VNET_PREFIX) -o none + $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes $(NODE_SUBNET_PREFIX) -o none + $(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes $(POD_SUBNET_PREFIX) -o none vnetscale-swift-net-up: ## Create vnet, nodenet and podnet subnets for vnet scale $(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index 4a55939a13..9ebf063227 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -3,8 +3,8 @@ # sufix1 - unique single digit whole number 1-9. Cannot match sufix2 # sufix2 - unique single digit whole number 1-9. Cannot match sufix1 # SUB - GUID for subscription -# clusterType - overlay-byocni-nokubeproxy-up-mesh is primary atm, but leaving for testing later. -# Example command: clusterPrefix= sufix1=1 sufix2=2 SUB= clusterType=overlay-byocni-nokubeproxy-up-mesh ./cil-script.sh +# clusterType - swift-byocni-nokubeproxy-up is primary atm, but leaving for testing later. +# Example command: clusterPrefix= sufix1=1 sufix2=2 SUB= clusterType=swift-byocni-nokubeproxy-up ./cil-script.sh sufixes="${sufix1} ${sufix2}" install=helm @@ -15,8 +15,10 @@ for unique in $sufixes; do make -C ./hack/aks $clusterType \ AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ - POD_CIDR=192.${unique}0.0.0/16 SVC_CIDR=192.${unique}1.0.0/16 DNS_IP=192.${unique}1.0.10 \ - VNET_PREFIX=10.${unique}0.0.0/16 SUBNET_PREFIX=10.${unique}0.0.0/16 + KUBE_PROXY_JSON_PATH=./kube-proxy.json \ + VNET_PREFIX=10.${unique}0.0.0/16 \ + NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ + POD_SUBNET_PREFIX=10.${unique}.2.0/24 kubectl config use-context ${clusterPrefix}-${unique} @@ -68,4 +70,7 @@ cilium clustermesh status --context ${clusterPrefix}-${sufix2} --wait # # CA is passed between clusters in this step cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2} + +# For 3+ clusters +# cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2} --connection-mode mesh # These can be run in parallel in different bash shells From 01694c544095faae708769f7edf40408e9f67aa8 Mon Sep 17 00:00:00 2001 From: Isaiah Raya Date: Thu, 8 May 2025 23:08:34 +0000 Subject: [PATCH 2/6] fixed typo in VNET_PREFIX --- hack/scripts/cil-script.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index 9ebf063227..35e0334fc0 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -16,7 +16,7 @@ for unique in $sufixes; do AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ KUBE_PROXY_JSON_PATH=./kube-proxy.json \ - VNET_PREFIX=10.${unique}0.0.0/16 \ + VNET_PREFIX=10.${unique}.0.0/16 \ NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ POD_SUBNET_PREFIX=10.${unique}.2.0/24 From a8c4cf966a0534c17a6af814359dd7d876b77d62 Mon Sep 17 00:00:00 2001 From: Isaiah Raya Date: Fri, 9 May 2025 18:55:57 +0000 Subject: [PATCH 3/6] updated ipam.operator.clusterPoolIPv4PodCIDRList to be equal to vnet cidr range and set node count to 1 --- hack/scripts/cil-script.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index 35e0334fc0..c6f3f24337 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -16,6 +16,7 @@ for unique in $sufixes; do AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ KUBE_PROXY_JSON_PATH=./kube-proxy.json \ + NODE_COUNT=1 \ VNET_PREFIX=10.${unique}.0.0/16 \ NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ POD_SUBNET_PREFIX=10.${unique}.2.0/24 @@ -28,7 +29,7 @@ for unique in $sufixes; do --set cluster.name=${clusterPrefix}-${unique} \ --set azure.resourceGroup=${clusterPrefix}-${unique}-rg \ --set cluster.id=${unique} \ - --set ipam.operator.clusterPoolIPv4PodCIDRList='{192.'${unique}'0.0.0/16}' \ + --set ipam.operator.clusterPoolIPv4PodCIDRList='{10.'${unique}'.2.0/24}' \ --set hubble.enabled=false \ --set envoy.enabled=false fi From d760c087f53036757c1e811bec9a3127ee6f7ec2 Mon Sep 17 00:00:00 2001 From: Isaiah Raya Date: Fri, 9 May 2025 22:07:02 +0000 Subject: [PATCH 4/6] removed node count --- hack/scripts/cil-script.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index c6f3f24337..e7f3b60445 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -16,7 +16,6 @@ for unique in $sufixes; do AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ KUBE_PROXY_JSON_PATH=./kube-proxy.json \ - NODE_COUNT=1 \ VNET_PREFIX=10.${unique}.0.0/16 \ NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ POD_SUBNET_PREFIX=10.${unique}.2.0/24 From 0e3dd5668f515cc7a86fa545312cfa76e46f4526 Mon Sep 17 00:00:00 2001 From: krunaljain Date: Fri, 9 May 2025 15:15:24 -0700 Subject: [PATCH 5/6] Update node count and bump to the latest active version --- hack/scripts/cil-script.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index c6f3f24337..8fc476496d 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -16,7 +16,7 @@ for unique in $sufixes; do AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ KUBE_PROXY_JSON_PATH=./kube-proxy.json \ - NODE_COUNT=1 \ + NODE_COUNT=2 \ VNET_PREFIX=10.${unique}.0.0/16 \ NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ POD_SUBNET_PREFIX=10.${unique}.2.0/24 @@ -25,7 +25,7 @@ for unique in $sufixes; do if [ $install == "helm" ]; then helm upgrade --install -n kube-system cilium cilium/cilium \ - --version v1.16.1 \ + --version v1.17.3 \ --set cluster.name=${clusterPrefix}-${unique} \ --set azure.resourceGroup=${clusterPrefix}-${unique}-rg \ --set cluster.id=${unique} \ From d8e41849eac235dbf087b827c8f3fd3593ffae73 Mon Sep 17 00:00:00 2001 From: krunaljain Date: Fri, 9 May 2025 15:16:31 -0700 Subject: [PATCH 6/6] Undo node count change --- hack/scripts/cil-script.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/hack/scripts/cil-script.sh b/hack/scripts/cil-script.sh index 8fc476496d..7bd738d647 100755 --- a/hack/scripts/cil-script.sh +++ b/hack/scripts/cil-script.sh @@ -16,7 +16,6 @@ for unique in $sufixes; do AZCLI=az REGION=westus2 SUB=$SUB \ CLUSTER=${clusterPrefix}-${unique} \ KUBE_PROXY_JSON_PATH=./kube-proxy.json \ - NODE_COUNT=2 \ VNET_PREFIX=10.${unique}.0.0/16 \ NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \ POD_SUBNET_PREFIX=10.${unique}.2.0/24