Skip to content

lion7/bridge-cni

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

bridge-cni

A very simple tool to generate a CNI config that uses the bridge CNI plugin with the PodCIDR assigned by Kubernetes. Because each Pod is essentially added to a simple bridge, each Pod should have a directly reachable IP address for it to have internet access. There is no NAT involved at all! This can be achieved by using a public IPv4 subnet or a GUA IPv6 subnet.

It is usually deployed as a DaemonSet and generates the file /etc/cni/net.d/bridge-cni.conflist with something like this:

{
  "cniVersion": "1.0.0",
  "name": "cbr0",
  "plugins": [
    {
      "type": "bridge",
      "ipam": {
        "type": "host-local",
        "subnet": "2001:db8::c:0/120"
      },
      "dns": {},
      "isDefaultGateway": true
    }
  ]
}

Usage

Kubeadm

apiVersion: kubeadm.k8s.io/v1beta4
kind: ClusterConfiguration
kubernetesVersion: v1.31.0
controllerManager:
  extraArgs:
    "node-cidr-mask-size": "120"
networking:
  podSubnet: 2001:db8::c:0/112
  serviceSubnet: 2001:db8::b:0/112

Apply the following YAML after cluster initialization:

kubectl apply -f https://raw.githubusercontent.com/lion7/bridge-cni/refs/heads/main/deploy/bridge-cni.yaml

Note: make sure to set the node CIDR mask size to something smaller than the prefix size you use for pods.

Talos Linux

Initialize the cluster using an appropriate CIDR for the pods and services. Note that this example assumes KubePrism is enabled (as per the default).

cluster:
  controllerManager:
    extraArgs:
      node-cidr-mask-size: 120
  network:
    cni:
      name: custom
      urls:
        - https://raw.githubusercontent.com/lion7/bridge-cni/main/deploy/bridge-cni.yaml
    podSubnets:
      - 2001:db8::c:0/112
    serviceSubnets:
      - 2001:db8::b:0/112

Apply the following YAML after cluster initialization:

kubectl apply -f https://raw.githubusercontent.com/lion7/bridge-cni/refs/heads/main/deploy/bridge-cni-talos-kubeprism.yaml

Note: make sure to set the node CIDR mask size to something smaller than the prefix size that you use for pods.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Languages