From e4826df9b370d3b71ba9bced81f446e2a6414fb3 Mon Sep 17 00:00:00 2001
From: unchama <11990197+unchama@users.noreply.github.com>
Date: Wed, 6 Dec 2023 03:11:21 +0900
Subject: [PATCH] =?UTF-8?q?=E5=85=A8=E3=81=A6=E3=81=AEServiceIP=E3=81=A8Lo?=
 =?UTF-8?q?adBalancerIP=E3=82=92BGP=E3=81=A7=E5=BA=83=E5=A0=B1=E3=81=99?=
 =?UTF-8?q?=E3=82=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../app-of-other-apps/cilium.yaml             | 72 +++++++++++++++++++
 1 file changed, 72 insertions(+)

diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml
index 90398a2dd..88397a2b1 100644
--- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml
+++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/cilium.yaml
@@ -118,9 +118,22 @@ spec:
   virtualRouters:
   - localASN: 65184
     exportPodCIDR: true
+    # 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
+    # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
+    serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
     neighbors:
     - peerAddress: "192.168.3.254/32"
       peerASN: 65184
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
+    
 ---
 apiVersion: "cilium.io/v2alpha1"
 kind: CiliumBGPPeeringPolicy
@@ -133,10 +146,21 @@ spec:
   virtualRouters:
   - localASN: 65184
     exportPodCIDR: true
+    # 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
+    # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
     serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
     neighbors:
     - peerAddress: "192.168.3.254/32"
       peerASN: 65184
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
 ---
 apiVersion: "cilium.io/v2alpha1"
 kind: CiliumBGPPeeringPolicy
@@ -149,9 +173,21 @@ spec:
   virtualRouters:
   - localASN: 65184
     exportPodCIDR: true
+    # 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
+    # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
+    serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
     neighbors:
     - peerAddress: "192.168.3.254/32"
       peerASN: 65184
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
 ---
 apiVersion: "cilium.io/v2alpha1"
 kind: CiliumBGPPeeringPolicy
@@ -164,9 +200,21 @@ spec:
   virtualRouters:
   - localASN: 65184
     exportPodCIDR: true
+    # 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
+    # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
+    serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
     neighbors:
     - peerAddress: "192.168.3.254/32"
       peerASN: 65184
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
 ---
 apiVersion: "cilium.io/v2alpha1"
 kind: CiliumBGPPeeringPolicy
@@ -179,9 +227,21 @@ spec:
   virtualRouters:
   - localASN: 65184
     exportPodCIDR: true
+    # 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
+    # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
+    serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
     neighbors:
     - peerAddress: "192.168.3.254/32"
       peerASN: 65184
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
 ---
 apiVersion: "cilium.io/v2alpha1"
 kind: CiliumBGPPeeringPolicy
@@ -194,7 +254,19 @@ spec:
   virtualRouters:
   - localASN: 65184
     exportPodCIDR: true
+    # 全てのServiceIPとLoadBalancerIPを広報するためのおまじない的なserviceSelector
+    # https://docs.cilium.io/en/stable/network/bgp-control-plane/#service-announcements
+    serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
     neighbors:
     - peerAddress: "192.168.3.254/32"
       peerASN: 65184
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
 ---