apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
namespace: metallb-system
name: doc-example-peer
spec:
peerAddress: 10.0.0.1
peerASN: 64501
myASN: 64500
routerID: 10.10.10.10
As a cluster administrator, you can add, modify, and delete Border Gateway Protocol (BGP) peers.
The MetalLB Operator uses the BGP peer custom resources to identify which peers that MetalLB speaker
pods contact to start BGP sessions.
The peers receive the route advertisements for the load-balancer IP addresses that MetalLB assigns to services.
The fields for the BGP peer custom resource are described in the following table.
Field | Type | Description |
---|---|---|
|
|
Specifies the name for the BGP peer custom resource. |
|
|
Specifies the namespace for the BGP peer custom resource. |
|
|
Specifies the Autonomous System number for the local end of the BGP session.
Specify the same value in all BGP peer custom resources that you add.
The range is |
|
|
Specifies the Autonomous System number for the remote end of the BGP session.
The range is |
|
|
Specifies the IP address of the peer to contact for establishing the BGP session. |
|
|
Optional: Specifies the IP address to use when establishing the BGP session. The value must be an IPv4 address. |
|
|
Optional: Specifies the network port of the peer to contact for establishing the BGP session.
The range is |
|
|
Optional: Specifies the duration for the hold time to propose to the BGP peer.
The minimum value is 3 seconds ( |
|
|
Optional: Specifies the maximum interval between sending keep-alive messages to the BGP peer.
If you specify this field, you must also specify a value for the |
|
|
Optional: Specifies the router ID to advertise to the BGP peer. If you specify this field, you must specify the same value in every BGP peer custom resource that you add. |
|
|
Optional: Specifies the MD5 password to send to the peer for routers that enforce TCP MD5 authenticated BGP sessions. |
|
|
Optional: Specifies name of the authentication secret for the BGP Peer. The secret must live in the |
|
|
Optional: Specifies the name of a BFD profile. |
|
|
Optional: Specifies a selector, using match expressions and match labels, to control which nodes can connect to the BGP peer. |
|
|
Optional: Specifies that the BGP peer is multiple network hops away.
If the BGP peer is not directly connected to the same network, the speaker cannot establish a BGP session unless this field is set to |
The |
As a cluster administrator, you can add a BGP peer custom resource to exchange routing information with network routers and advertise the IP addresses for services.
Install the OpenShift CLI (oc
).
Log in as a user with cluster-admin
privileges.
Configure MetalLB with a BGP advertisement.
Create a file, such as bgppeer.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
namespace: metallb-system
name: doc-example-peer
spec:
peerAddress: 10.0.0.1
peerASN: 64501
myASN: 64500
routerID: 10.10.10.10
Apply the configuration for the BGP peer:
$ oc apply -f bgppeer.yaml
This procedure illustrates how to:
Configure a set of address pools (pool1
and pool2
).
Configure a set of BGP peers (peer1
and peer2
).
Configure BGP advertisement to assign pool1
to peer1
and pool2
to peer2
.
Install the OpenShift CLI (oc
).
Log in as a user with cluster-admin
privileges.
Create address pool pool1
.
Create a file, such as ipaddresspool1.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
namespace: metallb-system
name: pool1
spec:
addresses:
- 4.4.4.100-4.4.4.200
- 2001:100:4::200-2001:100:4::400
Apply the configuration for the IP address pool pool1
:
$ oc apply -f ipaddresspool1.yaml
Create address pool pool2
.
Create a file, such as ipaddresspool2.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
namespace: metallb-system
name: pool2
spec:
addresses:
- 5.5.5.100-5.5.5.200
- 2001:100:5::200-2001:100:5::400
Apply the configuration for the IP address pool pool2
:
$ oc apply -f ipaddresspool2.yaml
Create BGP peer1
.
Create a file, such as bgppeer1.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
namespace: metallb-system
name: peer1
spec:
peerAddress: 10.0.0.1
peerASN: 64501
myASN: 64500
routerID: 10.10.10.10
Apply the configuration for the BGP peer:
$ oc apply -f bgppeer1.yaml
Create BGP peer2
.
Create a file, such as bgppeer2.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
namespace: metallb-system
name: peer2
spec:
peerAddress: 10.0.0.2
peerASN: 64501
myASN: 64500
routerID: 10.10.10.10
Apply the configuration for the BGP peer2:
$ oc apply -f bgppeer2.yaml
Create BGP advertisement 1.
Create a file, such as bgpadvertisement1.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: bgpadvertisement-1
namespace: metallb-system
spec:
ipAddressPools:
- pool1
peers:
- peer1
communities:
- 65535:65282
aggregationLength: 32
aggregationLengthV6: 128
localPref: 100
Apply the configuration:
$ oc apply -f bgpadvertisement1.yaml
Create BGP advertisement 2.
Create a file, such as bgpadvertisement2.yaml
, with content like the following example:
apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: bgpadvertisement-2
namespace: metallb-system
spec:
ipAddressPools:
- pool2
peers:
- peer2
communities:
- 65535:65282
aggregationLength: 32
aggregationLengthV6: 128
localPref: 100
Apply the configuration:
$ oc apply -f bgpadvertisement2.yaml
You can specify the node selectors field to control which nodes can connect to a BGP peer.
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: doc-example-nodesel
namespace: metallb-system
spec:
peerAddress: 10.0.20.1
peerASN: 64501
myASN: 64500
nodeSelectors:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values: [compute-1.example.com, compute-2.example.com]
You can specify a BFD profile to associate with BGP peers. BFD compliments BGP by providing more rapid detection of communication failures between peers than BGP alone.
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: doc-example-peer-bfd
namespace: metallb-system
spec:
peerAddress: 10.0.20.1
peerASN: 64501
myASN: 64500
holdTime: "10s"
bfdProfile: doc-example-bfd-profile-full
Deleting the bidirectional forwarding detection (BFD) profile and removing the |
To support dual-stack networking, add one BGP peer custom resource for IPv4 and one BGP peer custom resource for IPv6.
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: doc-example-dual-stack-ipv4
namespace: metallb-system
spec:
peerAddress: 10.0.20.1
peerASN: 64500
myASN: 64500
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: doc-example-dual-stack-ipv6
namespace: metallb-system
spec:
peerAddress: 2620:52:0:88::104
peerASN: 64500
myASN: 64500