diff --git a/build/charts/antrea/conf/antrea-agent.conf b/build/charts/antrea/conf/antrea-agent.conf index 11ee1f54b0e..a606444e048 100644 --- a/build/charts/antrea/conf/antrea-agent.conf +++ b/build/charts/antrea/conf/antrea-agent.conf @@ -88,6 +88,9 @@ featureGates: # Enable L7FlowExporter on Pods and Namespaces to export the application layer flows such as HTTP flows. {{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "L7FlowExporter" "default" false) }} +# Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers. +{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "BGPPolicy" "default" false) }} + # Name of the OpenVSwitch bridge antrea-agent will create and use. # Make sure it doesn't conflict with your existing OpenVSwitch bridges. ovsBridge: {{ .Values.ovs.bridgeName | quote }} @@ -440,3 +443,8 @@ secondaryNetwork: {{- end }} {{- end }} + +bgpPolicy: + # The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by + # concatenating its IP address and AS number, e.g., `192.168.1.1-65521`. + secretName: {{ .Values.bgpPolicy.secretName | quote }} diff --git a/build/charts/antrea/crds/bgppolicy.yaml b/build/charts/antrea/crds/bgppolicy.yaml new file mode 100644 index 00000000000..14d7e3ac21f --- /dev/null +++ b/build/charts/antrea/crds/bgppolicy.yaml @@ -0,0 +1,133 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp diff --git a/build/charts/antrea/templates/agent/bgp-secret.yaml b/build/charts/antrea/templates/agent/bgp-secret.yaml new file mode 100644 index 00000000000..828ddf3f96e --- /dev/null +++ b/build/charts/antrea/templates/agent/bgp-secret.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.bgpPolicy.secretName }} + namespace: {{ .Release.Namespace }} +type: Opaque diff --git a/build/charts/antrea/templates/agent/clusterrole.yaml b/build/charts/antrea/templates/agent/clusterrole.yaml index 05ca58c1ab6..bbe776234c5 100644 --- a/build/charts/antrea/templates/agent/clusterrole.yaml +++ b/build/charts/antrea/templates/agent/clusterrole.yaml @@ -227,3 +227,12 @@ rules: - create - patch - update + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - {{ .Values.bgpPolicy.secretName }} + verbs: + - get + - watch diff --git a/build/charts/antrea/values.yaml b/build/charts/antrea/values.yaml index 09dd32a957d..6c1c1fc0fa9 100644 --- a/build/charts/antrea/values.yaml +++ b/build/charts/antrea/values.yaml @@ -207,6 +207,10 @@ secondaryNetwork: # [{bridgeName: "br1", physicalInterfaces: ["eth1"]}] ovsBridges: [] +bgpPolicy: + # -- The name of the Secret storing the passwords of BGP peers. + secretName: "antrea-bgp-passwords" + agent: # -- Port for the antrea-agent APIServer to serve on. apiPort: 10350 diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index f4bc9bb2162..61af480b35f 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -300,6 +300,142 @@ spec: shortNames: - aci +--- +# Source: crds/bgppolicy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp + --- # Source: crds/clustergroup.yaml apiVersion: apiextensions.k8s.io/v1 @@ -5394,6 +5530,14 @@ metadata: labels: app: antrea --- +# Source: antrea/templates/agent/bgp-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: antrea-bgp-passwords + namespace: kube-system +type: Opaque +--- # Source: antrea/templates/agent/secret.yaml apiVersion: v1 kind: Secret @@ -5514,6 +5658,9 @@ data: # Enable L7FlowExporter on Pods and Namespaces to export the application layer flows such as HTTP flows. # L7FlowExporter: false + # Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers. + # BGPPolicy: false + # Name of the OpenVSwitch bridge antrea-agent will create and use. # Make sure it doesn't conflict with your existing OpenVSwitch bridges. ovsBridge: "br-int" @@ -5822,6 +5969,11 @@ data: maxAge: 28 # Compress enables gzip compression on rotated files. compress: true + + bgpPolicy: + # The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by + # concatenating its IP address and AS number, e.g., `192.168.1.1-65521`. + secretName: "antrea-bgp-passwords" antrea-cni.conflist: | { "cniVersion":"0.3.0", @@ -6202,6 +6354,15 @@ rules: - create - patch - update + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - antrea-bgp-passwords + verbs: + - get + - watch --- # Source: antrea/templates/antctl/clusterrole.yaml kind: ClusterRole @@ -6810,7 +6971,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 30843b57762c91dfcffb560917191e3bc7e662c06552759bac2a173bc060b82c + checksum/config: 74ddfec8614bd39885fdd52a27201ae8f1dbe3eccacae3f3e8be2a4ca1685cf1 labels: app: antrea component: antrea-agent @@ -7048,7 +7209,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 30843b57762c91dfcffb560917191e3bc7e662c06552759bac2a173bc060b82c + checksum/config: 74ddfec8614bd39885fdd52a27201ae8f1dbe3eccacae3f3e8be2a4ca1685cf1 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea-crds.yml b/build/yamls/antrea-crds.yml index e0497dcf8b2..a11ab119924 100644 --- a/build/yamls/antrea-crds.yml +++ b/build/yamls/antrea-crds.yml @@ -299,6 +299,140 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: name: clustergroups.crd.antrea.io labels: diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index bec701d3056..31b721b7532 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -300,6 +300,142 @@ spec: shortNames: - aci +--- +# Source: crds/bgppolicy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp + --- # Source: crds/clustergroup.yaml apiVersion: apiextensions.k8s.io/v1 @@ -5394,6 +5530,14 @@ metadata: labels: app: antrea --- +# Source: antrea/templates/agent/bgp-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: antrea-bgp-passwords + namespace: kube-system +type: Opaque +--- # Source: antrea/templates/agent/secret.yaml apiVersion: v1 kind: Secret @@ -5514,6 +5658,9 @@ data: # Enable L7FlowExporter on Pods and Namespaces to export the application layer flows such as HTTP flows. # L7FlowExporter: false + # Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers. + # BGPPolicy: false + # Name of the OpenVSwitch bridge antrea-agent will create and use. # Make sure it doesn't conflict with your existing OpenVSwitch bridges. ovsBridge: "br-int" @@ -5822,6 +5969,11 @@ data: maxAge: 28 # Compress enables gzip compression on rotated files. compress: true + + bgpPolicy: + # The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by + # concatenating its IP address and AS number, e.g., `192.168.1.1-65521`. + secretName: "antrea-bgp-passwords" antrea-cni.conflist: | { "cniVersion":"0.3.0", @@ -6202,6 +6354,15 @@ rules: - create - patch - update + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - antrea-bgp-passwords + verbs: + - get + - watch --- # Source: antrea/templates/antctl/clusterrole.yaml kind: ClusterRole @@ -6810,7 +6971,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 30843b57762c91dfcffb560917191e3bc7e662c06552759bac2a173bc060b82c + checksum/config: 74ddfec8614bd39885fdd52a27201ae8f1dbe3eccacae3f3e8be2a4ca1685cf1 labels: app: antrea component: antrea-agent @@ -7049,7 +7210,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 30843b57762c91dfcffb560917191e3bc7e662c06552759bac2a173bc060b82c + checksum/config: 74ddfec8614bd39885fdd52a27201ae8f1dbe3eccacae3f3e8be2a4ca1685cf1 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index a4ae810f7b0..8d5fe7e8bae 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -300,6 +300,142 @@ spec: shortNames: - aci +--- +# Source: crds/bgppolicy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp + --- # Source: crds/clustergroup.yaml apiVersion: apiextensions.k8s.io/v1 @@ -5394,6 +5530,14 @@ metadata: labels: app: antrea --- +# Source: antrea/templates/agent/bgp-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: antrea-bgp-passwords + namespace: kube-system +type: Opaque +--- # Source: antrea/templates/agent/secret.yaml apiVersion: v1 kind: Secret @@ -5514,6 +5658,9 @@ data: # Enable L7FlowExporter on Pods and Namespaces to export the application layer flows such as HTTP flows. # L7FlowExporter: false + # Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers. + # BGPPolicy: false + # Name of the OpenVSwitch bridge antrea-agent will create and use. # Make sure it doesn't conflict with your existing OpenVSwitch bridges. ovsBridge: "br-int" @@ -5822,6 +5969,11 @@ data: maxAge: 28 # Compress enables gzip compression on rotated files. compress: true + + bgpPolicy: + # The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by + # concatenating its IP address and AS number, e.g., `192.168.1.1-65521`. + secretName: "antrea-bgp-passwords" antrea-cni.conflist: | { "cniVersion":"0.3.0", @@ -6202,6 +6354,15 @@ rules: - create - patch - update + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - antrea-bgp-passwords + verbs: + - get + - watch --- # Source: antrea/templates/antctl/clusterrole.yaml kind: ClusterRole @@ -6810,7 +6971,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: d5cdb5356795c44a69c66fad1b4d67f7c00cdcbe837f3b3b50260e4d9dfd1e7e + checksum/config: 13110861160dc9181e107e1b76d3a81a1404ae1c6b9574141db51f685f2b2407 labels: app: antrea component: antrea-agent @@ -7046,7 +7207,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: d5cdb5356795c44a69c66fad1b4d67f7c00cdcbe837f3b3b50260e4d9dfd1e7e + checksum/config: 13110861160dc9181e107e1b76d3a81a1404ae1c6b9574141db51f685f2b2407 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index 393cb59da0a..517f4da5112 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -300,6 +300,142 @@ spec: shortNames: - aci +--- +# Source: crds/bgppolicy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp + --- # Source: crds/clustergroup.yaml apiVersion: apiextensions.k8s.io/v1 @@ -5394,6 +5530,14 @@ metadata: labels: app: antrea --- +# Source: antrea/templates/agent/bgp-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: antrea-bgp-passwords + namespace: kube-system +type: Opaque +--- # Source: antrea/templates/agent/ipsec-secret.yaml apiVersion: v1 kind: Secret @@ -5527,6 +5671,9 @@ data: # Enable L7FlowExporter on Pods and Namespaces to export the application layer flows such as HTTP flows. # L7FlowExporter: false + # Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers. + # BGPPolicy: false + # Name of the OpenVSwitch bridge antrea-agent will create and use. # Make sure it doesn't conflict with your existing OpenVSwitch bridges. ovsBridge: "br-int" @@ -5835,6 +5982,11 @@ data: maxAge: 28 # Compress enables gzip compression on rotated files. compress: true + + bgpPolicy: + # The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by + # concatenating its IP address and AS number, e.g., `192.168.1.1-65521`. + secretName: "antrea-bgp-passwords" antrea-cni.conflist: | { "cniVersion":"0.3.0", @@ -6215,6 +6367,15 @@ rules: - create - patch - update + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - antrea-bgp-passwords + verbs: + - get + - watch --- # Source: antrea/templates/antctl/clusterrole.yaml kind: ClusterRole @@ -6823,7 +6984,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 50f2864cf09e4732327b963130bd59a9fc06c560784b161c94e813c000367615 + checksum/config: c047960aebcb252bde4d9f5acc1aafbf01ec5fa1018b7d460ed17c9ef29411e4 checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4 labels: app: antrea @@ -7105,7 +7266,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 50f2864cf09e4732327b963130bd59a9fc06c560784b161c94e813c000367615 + checksum/config: c047960aebcb252bde4d9f5acc1aafbf01ec5fa1018b7d460ed17c9ef29411e4 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index 2451670ca39..d4aa7214a01 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -300,6 +300,142 @@ spec: shortNames: - aci +--- +# Source: crds/bgppolicy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: bgppolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - nodeSelector + - localASN + - advertisements + - bgpPeers + properties: + nodeSelector: + type: object + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + localASN: + type: integer + minimum: 64512 + maximum: 65535 + format: int32 + listenPort: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + default: 179 + advertisements: + type: object + anyOf: + - required: [service] + - required: [pod] + - required: [egress] + properties: + service: + type: object + anyOf: + - required: [ clusterIPs ] + - required: [ externalIPs ] + - required: [ loadBalancerIPs ] + properties: + clusterIPs: + type: boolean + default: false + externalIPs: + type: boolean + default: false + loadBalancerIPs: + type: boolean + default: false + pod: + type: object + properties: {} + egress: + type: object + properties: {} + bgpPeers: + type: array + items: + type: object + required: + - address + - asn + properties: + address: + type: string + format: cidr + port: + type: integer + default: 179 + format: int32 + minimum: 1 + maximum: 65535 + asn: + type: integer + minimum: 1 + maximum: 65535 + format: int32 + gracefulRestartTime: + type: integer + default: 120 + format: int32 + minimum: 1 + maximum: 3600 + additionalPrinterColumns: + - description: Local BGP ASN. + jsonPath: .spec.localASN + name: Local ASN + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + subresources: + status: {} + scope: Cluster + names: + plural: bgppolicies + singular: bgppolicy + kind: BGPPolicy + shortNames: + - bp + --- # Source: crds/clustergroup.yaml apiVersion: apiextensions.k8s.io/v1 @@ -5394,6 +5530,14 @@ metadata: labels: app: antrea --- +# Source: antrea/templates/agent/bgp-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: antrea-bgp-passwords + namespace: kube-system +type: Opaque +--- # Source: antrea/templates/agent/secret.yaml apiVersion: v1 kind: Secret @@ -5514,6 +5658,9 @@ data: # Enable L7FlowExporter on Pods and Namespaces to export the application layer flows such as HTTP flows. # L7FlowExporter: false + # Allow users to advertise Service IPs, Pod IPs, and Egress IPs to external BGP peers. + # BGPPolicy: false + # Name of the OpenVSwitch bridge antrea-agent will create and use. # Make sure it doesn't conflict with your existing OpenVSwitch bridges. ovsBridge: "br-int" @@ -5822,6 +5969,11 @@ data: maxAge: 28 # Compress enables gzip compression on rotated files. compress: true + + bgpPolicy: + # The name of the Secret storing passwords of the BGP peers. For each BGP peer, the Secret key is generated by + # concatenating its IP address and AS number, e.g., `192.168.1.1-65521`. + secretName: "antrea-bgp-passwords" antrea-cni.conflist: | { "cniVersion":"0.3.0", @@ -6202,6 +6354,15 @@ rules: - create - patch - update + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - antrea-bgp-passwords + verbs: + - get + - watch --- # Source: antrea/templates/antctl/clusterrole.yaml kind: ClusterRole @@ -6810,7 +6971,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: ac3c14eed7ca0dc28bf2d659cd2c4e4a39d55278fb9a8759c30ea12eff89e518 + checksum/config: 69df287c1edc338821292adbb586d3b187abca666c4efa0a7c54e71b8c213c15 labels: app: antrea component: antrea-agent @@ -7046,7 +7207,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: ac3c14eed7ca0dc28bf2d659cd2c4e4a39d55278fb9a8759c30ea12eff89e518 + checksum/config: 69df287c1edc338821292adbb586d3b187abca666c4efa0a7c54e71b8c213c15 labels: app: antrea component: antrea-controller diff --git a/pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go index f80a99a2c64..cd0e7211f3d 100644 --- a/pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ //go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2023 Antrea Authors +// Copyright 2024 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/apis/crd/v1alpha2/register.go b/pkg/apis/crd/v1alpha2/register.go index 56e0777d2f7..e3ba94c6a66 100644 --- a/pkg/apis/crd/v1alpha2/register.go +++ b/pkg/apis/crd/v1alpha2/register.go @@ -54,6 +54,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &IPPoolList{}, &TrafficControl{}, &TrafficControlList{}, + &BGPPolicy{}, + &BGPPolicyList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) diff --git a/pkg/apis/crd/v1alpha2/types.go b/pkg/apis/crd/v1alpha2/types.go index ad67d8004bd..4a274dbb9a7 100644 --- a/pkg/apis/crd/v1alpha2/types.go +++ b/pkg/apis/crd/v1alpha2/types.go @@ -455,3 +455,95 @@ type TrafficControlList struct { Items []TrafficControl `json:"items"` } + +// +genclient +// +genclient:nonNamespaced +// +genclient:noStatus +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// BGPPolicy defines BGP configuration applied to Nodes. +type BGPPolicy struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec BGPPolicySpec `json:"spec"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type BGPPolicyList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []BGPPolicy `json:"items"` +} + +// BGPPolicySpec defines the specification for a BGP policy. +type BGPPolicySpec struct { + // NodeSelector is utilized to select Nodes to which the policy is applied. It's important to note that only one + // BGPPolicy will be effective and enforced per Node, and others serve as alternatives. + NodeSelector *metav1.LabelSelector `json:"nodeSelector"` + + // LocalASN is the AS number used by the BGP protocol. + LocalASN int32 `json:"localASN"` + + // ListenPort is the port on which the BGP protocol listens. + ListenPort *int32 `json:"listenPort,omitempty"` + + // Advertisements selects IPs or CIDRs to be advertised to external BGP peers. + Advertisements Advertisements `json:"advertisements"` + + // BGPPeers are the list of external BGP peers. + BGPPeers []BGPPeer `json:"bgpPeers"` +} + +type Advertisements struct { + Service *ServiceAdvertisement `json:"service,omitempty"` + + Pod *PodAdvertisement `json:"pod,omitempty"` + + Egress *EgressAdvertisement `json:"egress,omitempty"` +} + +type ServiceAdvertisement struct { + // Determine whether to advertise ClusterIPs. + ClusterIPs bool `json:"clusterIPs,omitempty"` + + // Determine whether to advertise ExternalIPs. + ExternalIPs bool `json:"externalIPs,omitempty"` + + // Determine whether to advertise LoadBalancerIPs. + LoadBalancerIPs bool `json:"loadBalancerIPs,omitempty"` + + // Empty now, selectors to be added later, which are used to select specific Services. + // Selectors []Selector `json:"selectors,omitempty"` +} + +type PodAdvertisement struct { + // Empty now, selectors to be added later, which are used to select specific Pods. + // Selectors []Selector `json:"selectors,omitempty"` +} + +type EgressAdvertisement struct { + // Empty now, selectors to be added later, which are used to select specific Egresses. + // Selectors []Selector `json:"selectors,omitempty"` +} + +type BGPPeer struct { + // The IP address on which the external BGP peer listens. + Address string `json:"address"` + + // The port number on which the external BGP peer listens. The default value is 179, the well-known port of BGP + // protocol. + Port *int32 `json:"port,omitempty"` + + // The AS number of the external BGP peer. + ASN int32 `json:"asn"` + + // GracefulRestartTime specifies how long the external BGP peer would wait for the BGP session to re-establish after + // a restart before deleting stale routes. The range of the value is from 1 to 3600 seconds, and the default value + // is 120 seconds. + GracefulRestartTime *int32 `json:"gracefulRestartTime,omitempty"` +} diff --git a/pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go index faacef4a4f1..d4510ab460f 100644 --- a/pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go @@ -24,6 +24,37 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Advertisements) DeepCopyInto(out *Advertisements) { + *out = *in + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(ServiceAdvertisement) + **out = **in + } + if in.Pod != nil { + in, out := &in.Pod, &out.Pod + *out = new(PodAdvertisement) + **out = **in + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = new(EgressAdvertisement) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Advertisements. +func (in *Advertisements) DeepCopy() *Advertisements { + if in == nil { + return nil + } + out := new(Advertisements) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AppliedTo) DeepCopyInto(out *AppliedTo) { *out = *in @@ -55,6 +86,126 @@ func (in *AppliedTo) DeepCopy() *AppliedTo { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPPeer) DeepCopyInto(out *BGPPeer) { + *out = *in + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int32) + **out = **in + } + if in.GracefulRestartTime != nil { + in, out := &in.GracefulRestartTime, &out.GracefulRestartTime + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPPeer. +func (in *BGPPeer) DeepCopy() *BGPPeer { + if in == nil { + return nil + } + out := new(BGPPeer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPPolicy) DeepCopyInto(out *BGPPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPPolicy. +func (in *BGPPolicy) DeepCopy() *BGPPolicy { + if in == nil { + return nil + } + out := new(BGPPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *BGPPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPPolicyList) DeepCopyInto(out *BGPPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]BGPPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPPolicyList. +func (in *BGPPolicyList) DeepCopy() *BGPPolicyList { + if in == nil { + return nil + } + out := new(BGPPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *BGPPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPPolicySpec) DeepCopyInto(out *BGPPolicySpec) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = new(v1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.ListenPort != nil { + in, out := &in.ListenPort, &out.ListenPort + *out = new(int32) + **out = **in + } + in.Advertisements.DeepCopyInto(&out.Advertisements) + if in.BGPPeers != nil { + in, out := &in.BGPPeers, &out.BGPPeers + *out = make([]BGPPeer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPPolicySpec. +func (in *BGPPolicySpec) DeepCopy() *BGPPolicySpec { + if in == nil { + return nil + } + out := new(BGPPolicySpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ERSPANTunnel) DeepCopyInto(out *ERSPANTunnel) { *out = *in @@ -119,6 +270,22 @@ func (in *Egress) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressAdvertisement) DeepCopyInto(out *EgressAdvertisement) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressAdvertisement. +func (in *EgressAdvertisement) DeepCopy() *EgressAdvertisement { + if in == nil { + return nil + } + out := new(EgressAdvertisement) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EgressCondition) DeepCopyInto(out *EgressCondition) { *out = *in @@ -671,6 +838,22 @@ func (in *OVSInternalPort) DeepCopy() *OVSInternalPort { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PodAdvertisement) DeepCopyInto(out *PodAdvertisement) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodAdvertisement. +func (in *PodAdvertisement) DeepCopy() *PodAdvertisement { + if in == nil { + return nil + } + out := new(PodAdvertisement) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PodOwner) DeepCopyInto(out *PodOwner) { *out = *in @@ -687,6 +870,22 @@ func (in *PodOwner) DeepCopy() *PodOwner { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceAdvertisement) DeepCopyInto(out *ServiceAdvertisement) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAdvertisement. +func (in *ServiceAdvertisement) DeepCopy() *ServiceAdvertisement { + if in == nil { + return nil + } + out := new(ServiceAdvertisement) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *StatefulSetOwner) DeepCopyInto(out *StatefulSetOwner) { *out = *in diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/bgppolicy.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/bgppolicy.go new file mode 100644 index 00000000000..51d1cb62bc6 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/bgppolicy.go @@ -0,0 +1,166 @@ +// Copyright 2024 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + "time" + + v1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" + scheme "antrea.io/antrea/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// BGPPoliciesGetter has a method to return a BGPPolicyInterface. +// A group's client should implement this interface. +type BGPPoliciesGetter interface { + BGPPolicies() BGPPolicyInterface +} + +// BGPPolicyInterface has methods to work with BGPPolicy resources. +type BGPPolicyInterface interface { + Create(ctx context.Context, bGPPolicy *v1alpha2.BGPPolicy, opts v1.CreateOptions) (*v1alpha2.BGPPolicy, error) + Update(ctx context.Context, bGPPolicy *v1alpha2.BGPPolicy, opts v1.UpdateOptions) (*v1alpha2.BGPPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.BGPPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.BGPPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.BGPPolicy, err error) + BGPPolicyExpansion +} + +// bGPPolicies implements BGPPolicyInterface +type bGPPolicies struct { + client rest.Interface +} + +// newBGPPolicies returns a BGPPolicies +func newBGPPolicies(c *CrdV1alpha2Client) *bGPPolicies { + return &bGPPolicies{ + client: c.RESTClient(), + } +} + +// Get takes name of the bGPPolicy, and returns the corresponding bGPPolicy object, and an error if there is any. +func (c *bGPPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.BGPPolicy, err error) { + result = &v1alpha2.BGPPolicy{} + err = c.client.Get(). + Resource("bgppolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of BGPPolicies that match those selectors. +func (c *bGPPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.BGPPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha2.BGPPolicyList{} + err = c.client.Get(). + Resource("bgppolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested bGPPolicies. +func (c *bGPPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("bgppolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a bGPPolicy and creates it. Returns the server's representation of the bGPPolicy, and an error, if there is any. +func (c *bGPPolicies) Create(ctx context.Context, bGPPolicy *v1alpha2.BGPPolicy, opts v1.CreateOptions) (result *v1alpha2.BGPPolicy, err error) { + result = &v1alpha2.BGPPolicy{} + err = c.client.Post(). + Resource("bgppolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(bGPPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a bGPPolicy and updates it. Returns the server's representation of the bGPPolicy, and an error, if there is any. +func (c *bGPPolicies) Update(ctx context.Context, bGPPolicy *v1alpha2.BGPPolicy, opts v1.UpdateOptions) (result *v1alpha2.BGPPolicy, err error) { + result = &v1alpha2.BGPPolicy{} + err = c.client.Put(). + Resource("bgppolicies"). + Name(bGPPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(bGPPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the bGPPolicy and deletes it. Returns an error if one occurs. +func (c *bGPPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("bgppolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *bGPPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("bgppolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched bGPPolicy. +func (c *bGPPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.BGPPolicy, err error) { + result = &v1alpha2.BGPPolicy{} + err = c.client.Patch(pt). + Resource("bgppolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go index a688d2d2816..3cf506120c8 100644 --- a/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go @@ -26,6 +26,7 @@ import ( type CrdV1alpha2Interface interface { RESTClient() rest.Interface + BGPPoliciesGetter EgressesGetter ExternalEntitiesGetter ExternalIPPoolsGetter @@ -38,6 +39,10 @@ type CrdV1alpha2Client struct { restClient rest.Interface } +func (c *CrdV1alpha2Client) BGPPolicies() BGPPolicyInterface { + return newBGPPolicies(c) +} + func (c *CrdV1alpha2Client) Egresses() EgressInterface { return newEgresses(c) } diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_bgppolicy.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_bgppolicy.go new file mode 100644 index 00000000000..37cdec71e7b --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_bgppolicy.go @@ -0,0 +1,119 @@ +// Copyright 2024 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeBGPPolicies implements BGPPolicyInterface +type FakeBGPPolicies struct { + Fake *FakeCrdV1alpha2 +} + +var bgppoliciesResource = v1alpha2.SchemeGroupVersion.WithResource("bgppolicies") + +var bgppoliciesKind = v1alpha2.SchemeGroupVersion.WithKind("BGPPolicy") + +// Get takes name of the bGPPolicy, and returns the corresponding bGPPolicy object, and an error if there is any. +func (c *FakeBGPPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.BGPPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(bgppoliciesResource, name), &v1alpha2.BGPPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.BGPPolicy), err +} + +// List takes label and field selectors, and returns the list of BGPPolicies that match those selectors. +func (c *FakeBGPPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.BGPPolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(bgppoliciesResource, bgppoliciesKind, opts), &v1alpha2.BGPPolicyList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha2.BGPPolicyList{ListMeta: obj.(*v1alpha2.BGPPolicyList).ListMeta} + for _, item := range obj.(*v1alpha2.BGPPolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested bGPPolicies. +func (c *FakeBGPPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(bgppoliciesResource, opts)) +} + +// Create takes the representation of a bGPPolicy and creates it. Returns the server's representation of the bGPPolicy, and an error, if there is any. +func (c *FakeBGPPolicies) Create(ctx context.Context, bGPPolicy *v1alpha2.BGPPolicy, opts v1.CreateOptions) (result *v1alpha2.BGPPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(bgppoliciesResource, bGPPolicy), &v1alpha2.BGPPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.BGPPolicy), err +} + +// Update takes the representation of a bGPPolicy and updates it. Returns the server's representation of the bGPPolicy, and an error, if there is any. +func (c *FakeBGPPolicies) Update(ctx context.Context, bGPPolicy *v1alpha2.BGPPolicy, opts v1.UpdateOptions) (result *v1alpha2.BGPPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(bgppoliciesResource, bGPPolicy), &v1alpha2.BGPPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.BGPPolicy), err +} + +// Delete takes name of the bGPPolicy and deletes it. Returns an error if one occurs. +func (c *FakeBGPPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(bgppoliciesResource, name, opts), &v1alpha2.BGPPolicy{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeBGPPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(bgppoliciesResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha2.BGPPolicyList{}) + return err +} + +// Patch applies the patch and returns the patched bGPPolicy. +func (c *FakeBGPPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.BGPPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(bgppoliciesResource, name, pt, data, subresources...), &v1alpha2.BGPPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.BGPPolicy), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go index 37c4d039032..6166079815d 100644 --- a/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go @@ -26,6 +26,10 @@ type FakeCrdV1alpha2 struct { *testing.Fake } +func (c *FakeCrdV1alpha2) BGPPolicies() v1alpha2.BGPPolicyInterface { + return &FakeBGPPolicies{c} +} + func (c *FakeCrdV1alpha2) Egresses() v1alpha2.EgressInterface { return &FakeEgresses{c} } diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go index fab8277a83c..ea8a367a3c1 100644 --- a/pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go @@ -16,6 +16,8 @@ package v1alpha2 +type BGPPolicyExpansion interface{} + type EgressExpansion interface{} type ExternalEntityExpansion interface{} diff --git a/pkg/client/informers/externalversions/crd/v1alpha2/bgppolicy.go b/pkg/client/informers/externalversions/crd/v1alpha2/bgppolicy.go new file mode 100644 index 00000000000..ab95d97e722 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha2/bgppolicy.go @@ -0,0 +1,87 @@ +// Copyright 2024 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + time "time" + + crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" + versioned "antrea.io/antrea/pkg/client/clientset/versioned" + internalinterfaces "antrea.io/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha2 "antrea.io/antrea/pkg/client/listers/crd/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// BGPPolicyInformer provides access to a shared informer and lister for +// BGPPolicies. +type BGPPolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha2.BGPPolicyLister +} + +type bGPPolicyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewBGPPolicyInformer constructs a new informer for BGPPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewBGPPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredBGPPolicyInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredBGPPolicyInformer constructs a new informer for BGPPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredBGPPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha2().BGPPolicies().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha2().BGPPolicies().Watch(context.TODO(), options) + }, + }, + &crdv1alpha2.BGPPolicy{}, + resyncPeriod, + indexers, + ) +} + +func (f *bGPPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredBGPPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *bGPPolicyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1alpha2.BGPPolicy{}, f.defaultInformer) +} + +func (f *bGPPolicyInformer) Lister() v1alpha2.BGPPolicyLister { + return v1alpha2.NewBGPPolicyLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1alpha2/interface.go b/pkg/client/informers/externalversions/crd/v1alpha2/interface.go index 9422cd985f1..24bf81f29c6 100644 --- a/pkg/client/informers/externalversions/crd/v1alpha2/interface.go +++ b/pkg/client/informers/externalversions/crd/v1alpha2/interface.go @@ -22,6 +22,8 @@ import ( // Interface provides access to all the informers in this group version. type Interface interface { + // BGPPolicies returns a BGPPolicyInformer. + BGPPolicies() BGPPolicyInformer // Egresses returns a EgressInformer. Egresses() EgressInformer // ExternalEntities returns a ExternalEntityInformer. @@ -45,6 +47,11 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} } +// BGPPolicies returns a BGPPolicyInformer. +func (v *version) BGPPolicies() BGPPolicyInformer { + return &bGPPolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + // Egresses returns a EgressInformer. func (v *version) Egresses() EgressInformer { return &egressInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} diff --git a/pkg/client/informers/externalversions/generic.go b/pkg/client/informers/externalversions/generic.go index e3f7e903ce7..981af48c7e3 100644 --- a/pkg/client/informers/externalversions/generic.go +++ b/pkg/client/informers/externalversions/generic.go @@ -68,6 +68,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().Traceflows().Informer()}, nil // Group=crd.antrea.io, Version=v1alpha2 + case v1alpha2.SchemeGroupVersion.WithResource("bgppolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha2().BGPPolicies().Informer()}, nil case v1alpha2.SchemeGroupVersion.WithResource("egresses"): return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha2().Egresses().Informer()}, nil case v1alpha2.SchemeGroupVersion.WithResource("externalentities"): diff --git a/pkg/client/listers/crd/v1alpha2/bgppolicy.go b/pkg/client/listers/crd/v1alpha2/bgppolicy.go new file mode 100644 index 00000000000..d09ffead94a --- /dev/null +++ b/pkg/client/listers/crd/v1alpha2/bgppolicy.go @@ -0,0 +1,66 @@ +// Copyright 2024 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + v1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// BGPPolicyLister helps list BGPPolicies. +// All objects returned here must be treated as read-only. +type BGPPolicyLister interface { + // List lists all BGPPolicies in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha2.BGPPolicy, err error) + // Get retrieves the BGPPolicy from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha2.BGPPolicy, error) + BGPPolicyListerExpansion +} + +// bGPPolicyLister implements the BGPPolicyLister interface. +type bGPPolicyLister struct { + indexer cache.Indexer +} + +// NewBGPPolicyLister returns a new BGPPolicyLister. +func NewBGPPolicyLister(indexer cache.Indexer) BGPPolicyLister { + return &bGPPolicyLister{indexer: indexer} +} + +// List lists all BGPPolicies in the indexer. +func (s *bGPPolicyLister) List(selector labels.Selector) (ret []*v1alpha2.BGPPolicy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha2.BGPPolicy)) + }) + return ret, err +} + +// Get retrieves the BGPPolicy from the index for a given name. +func (s *bGPPolicyLister) Get(name string) (*v1alpha2.BGPPolicy, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha2.Resource("bgppolicy"), name) + } + return obj.(*v1alpha2.BGPPolicy), nil +} diff --git a/pkg/client/listers/crd/v1alpha2/expansion_generated.go b/pkg/client/listers/crd/v1alpha2/expansion_generated.go index be752c2fa33..1e47724c675 100644 --- a/pkg/client/listers/crd/v1alpha2/expansion_generated.go +++ b/pkg/client/listers/crd/v1alpha2/expansion_generated.go @@ -16,6 +16,10 @@ package v1alpha2 +// BGPPolicyListerExpansion allows custom methods to be added to +// BGPPolicyLister. +type BGPPolicyListerExpansion interface{} + // EgressListerExpansion allows custom methods to be added to // EgressLister. type EgressListerExpansion interface{}