cilium byo clustermesh script

hack/aks/Makefile

@@ -23,6 +23,8 @@ VNET_PREFIX 	?= 10.0.0.0/8
 SUBNET_PREFIX 	?= 10.10.0.0/16
 POD_CIDR		?= 192.168.0.0/16
 SVC_CIDR		?= 192.168.10.0/16
+NODE_SUBNET_PREFIX ?= 10.240.0.0/16
+POD_SUBNET_PREFIX ?= 10.241.0.0/16
 
 # overrideable variables
 SUB        ?= $(AZURE_SUBSCRIPTION)
@@ -79,9 +81,9 @@ rg-down: ## Delete resource group
 	$(AZCLI) group delete -g $(GROUP) --yes
 
 swift-net-up: ## Create vnet, nodenet and podnet subnets
-	$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none
-	$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes 10.240.0.0/16 -o none
-	$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes 10.241.0.0/16 -o none
+	$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes $(VNET_PREFIX) -o none
+	$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes $(NODE_SUBNET_PREFIX) -o none
+	$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name podnet --address-prefixes $(POD_SUBNET_PREFIX) -o none
 
 vnetscale-swift-net-up: ## Create vnet, nodenet and podnet subnets for vnet scale
 	$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none

hack/scripts/cil-script.sh

@@ -3,8 +3,8 @@
 # sufix1 - unique single digit whole number 1-9. Cannot match sufix2
 # sufix2 - unique single digit whole number 1-9. Cannot match sufix1
 # SUB - GUID for subscription
-# clusterType - overlay-byocni-nokubeproxy-up-mesh is primary atm, but leaving for testing later.
-# Example command: clusterPrefix=<alais> sufix1=1 sufix2=2 SUB=<GUID> clusterType=overlay-byocni-nokubeproxy-up-mesh ./cil-script.sh
+# clusterType - swift-byocni-nokubeproxy-up is primary atm, but leaving for testing later.
+# Example command: clusterPrefix=<alais> sufix1=1 sufix2=2 SUB=<GUID> clusterType=swift-byocni-nokubeproxy-up ./cil-script.sh
 
 sufixes="${sufix1} ${sufix2}"
 install=helm
@@ -15,18 +15,20 @@ for unique in $sufixes; do
     make -C ./hack/aks $clusterType \
         AZCLI=az REGION=westus2 SUB=$SUB \
         CLUSTER=${clusterPrefix}-${unique} \
-        POD_CIDR=192.${unique}0.0.0/16 SVC_CIDR=192.${unique}1.0.0/16 DNS_IP=192.${unique}1.0.10 \
-        VNET_PREFIX=10.${unique}0.0.0/16 SUBNET_PREFIX=10.${unique}0.0.0/16
+        KUBE_PROXY_JSON_PATH=./kube-proxy.json \
+        VNET_PREFIX=10.${unique}.0.0/16 \
+        NODE_SUBNET_PREFIX=10.${unique}.1.0/24 \
+        POD_SUBNET_PREFIX=10.${unique}.2.0/24
 
     kubectl config use-context ${clusterPrefix}-${unique}
 
     if [ $install == "helm" ]; then
         helm upgrade --install -n kube-system cilium cilium/cilium \
-        --version v1.16.1 \
+        --version v1.17.3 \
         --set cluster.name=${clusterPrefix}-${unique} \
         --set azure.resourceGroup=${clusterPrefix}-${unique}-rg \
         --set cluster.id=${unique} \
-        --set ipam.operator.clusterPoolIPv4PodCIDRList='{192.'${unique}'0.0.0/16}' \
+        --set ipam.operator.clusterPoolIPv4PodCIDRList='{10.'${unique}'.2.0/24}' \
         --set hubble.enabled=false \
         --set envoy.enabled=false
     fi
@@ -68,4 +70,7 @@ cilium clustermesh status --context ${clusterPrefix}-${sufix2} --wait
 
 # # CA is passed between clusters in this step
 cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2}
+
+# For 3+ clusters
+# cilium clustermesh connect --context ${clusterPrefix}-${sufix1} --destination-context ${clusterPrefix}-${sufix2}  --connection-mode mesh
 # These can be run in parallel in different bash shells