diff --git a/Documentation/README.md b/Documentation/README.md index 01587870..42cbe9ed 100644 --- a/Documentation/README.md +++ b/Documentation/README.md @@ -180,7 +180,7 @@ and run kube-proxy with the configuration you have. Communication from a Pod that is behind a Service to its own ClusterIP:Port is not supported by default. However, It can be enabled per-service by adding the -`io.kube-router.net.service.hairpin=` annotation, or for all Services in a cluster by +`kube-router.io/service.hairpin=` annotation, or for all Services in a cluster by passing the flag `--hairpin-mode=true` to kube-router. Additionally, the `hairpin_mode` sysctl option must be set to `1` for all veth @@ -209,7 +209,7 @@ Service ClusterIP if it is logging the source IP. To enable hairpin traffic for Service `my-service`: ``` -kubectl annotate service my-service "io.kube-router.net.service.hairpin=" +kubectl annotate service my-service "kube-router.io/service.hairpin=" ``` diff --git a/Documentation/bgp.md b/Documentation/bgp.md index 6f8351e3..436025ec 100644 --- a/Documentation/bgp.md +++ b/Documentation/bgp.md @@ -23,13 +23,13 @@ per node models. Nodes in the cluster does not form full node-to-node mesh. Users has to explicitly select this mode by specifying `--nodes-full-mesh=false` when launching kube-router. In this mode kube-router expects each node is configured with an ASN number from the node's API object annoations. Kube-router -will use the node's `io.kube-router.net.node.asn` annotation value as the ASN +will use the node's `kube-router.io/node.asn` annotation value as the ASN number for the node. Users can annotate node objects with the following command: ``` -kubectl annotate node "io.kube-router.net.node.asn=64512" +kubectl annotate node "kube-router.io/node.asn=64512" ``` Only nodes with in same ASN form full mesh. Two nodes with different ASNs never @@ -55,21 +55,21 @@ For example: Alternativley, each node can be configured with one or more node specific BGP peers. Information regarding node specific BGP peer is read from node API object annotations: -- `io.kube-router.net.peer.ips` -- `io.kube-router.net.peer.asns` +- `kube-router.io/peer.ips` +- `kube-router.io/peer.asns` For e.g users can annotate node object with below commands ``` -kubectl annotate node "io.kube-router.net.peer.ips=192.168.1.99,192.168.1.100" -kubectl annotate node "io.kube-router.net.peer.asns=65000,65000" +kubectl annotate node "kube-router.io/peer.ips=192.168.1.99,192.168.1.100" +kubectl annotate node "kube-router.io/peer.asns=65000,65000" ``` ### BGP Peer Password Authentication The examples above have assumed there is no password authentication with BGP peer routers. If you need to use a password for peering, you can use the -`--peer-router-passwords` CLI flag or the `io.kube-router.net.peer.passwords` node +`--peer-router-passwords` CLI flag or the `kube-router.io/peer.passwords` node annotation. #### Base64 Encoding Passwords @@ -97,7 +97,7 @@ Note the comma indicating the end of the first password. Now here's the same example but configured as node annotations: ``` -kubectl annotate node "io.kube-router.net.peer.ips=192.168.1.99,192.168.1.100" -kubectl annotate node "io.kube-router.net.peer.asns=65000,65000" -kubectl annotate node "io.kube-router.net.peer.passwords=U2VjdXJlUGFzc3dvcmQK," +kubectl annotate node "kube-router.io/peer.ips=192.168.1.99,192.168.1.100" +kubectl annotate node "kube-router.io/peer.asns=65000,65000" +kubectl annotate node "kube-router.io/peer.passwords=U2VjdXJlUGFzc3dvcmQK," ``` diff --git a/Documentation/upgrading.md b/Documentation/upgrading.md index ec5f02c4..53dac99e 100644 --- a/Documentation/upgrading.md +++ b/Documentation/upgrading.md @@ -95,13 +95,13 @@ CLI flag additions: Annotation key changes: - OLD: `kube-router.io/hairpin-mode=` -> NEW: - `io.kube-router.net.service.hairpin=` -- OLD: `net.kuberouter.nodeasn=` -> NEW: `io.kube-router.net.node.asn=` -- OLD: `net.kuberouter.node.bgppeer.address=` -> NEW: `io.kube-router.net.peer.ips` -- OLD: `net.kuberouter.node.bgppeer.asn` -> NEW: `io.kube-router.net.peer.asns` + `kube-router.io/service.hairpin=` +- OLD: `net.kuberouter.nodeasn=` -> NEW: `kube-router.io/node.asn=` +- OLD: `net.kuberouter.node.bgppeer.address=` -> NEW: `kube-router.io/peer.ips` +- OLD: `net.kuberouter.node.bgppeer.asn` -> NEW: `kube-router.io/peer.asns` Annotation key additions: -- NEW: `io.kube-router.net.peer.passwords` +- NEW: `kube-router.io/peer.passwords` #### v0.0.17 Upgrade Procedure @@ -129,7 +129,7 @@ Annotations: kube-router.io/hairpin-mode= You will then want to make a new annotation with the new key: ```sh -kubectl annotate service hairpin-service "io.kube-router.net.service.hairpin=" +kubectl annotate service hairpin-service "kube-router.io/service.hairpin=" ``` Once all new annotations are created, proceed with the diff --git a/app/controllers/network_routes_controller.go b/app/controllers/network_routes_controller.go index 11e049b0..848588a0 100644 --- a/app/controllers/network_routes_controller.go +++ b/app/controllers/network_routes_controller.go @@ -779,7 +779,7 @@ func (nrc *NetworkRoutingController) syncPeers() { // if node full mesh is not requested then just peer with nodes with same ASN // (run iBGP among same ASN peers) if !nrc.bgpFullMeshMode { - nodeasn, ok := node.ObjectMeta.Annotations["io.kube-router.net.node.asn"] + nodeasn, ok := node.ObjectMeta.Annotations["kube-router.io/node.asn"] if !ok { glog.Infof("Not peering with the Node %s as ASN number of the node is unknown.", nodeIP.String()) @@ -982,7 +982,7 @@ func (nrc *NetworkRoutingController) startBgpServer() error { if nrc.bgpFullMeshMode { nodeAsnNumber = nrc.defaultNodeAsnNumber } else { - nodeasn, ok := node.ObjectMeta.Annotations["io.kube-router.net.node.asn"] + nodeasn, ok := node.ObjectMeta.Annotations["kube-router.io/node.asn"] if !ok { return errors.New("Could not find ASN number for the node. " + "Node needs to be annotated with ASN number details to start BGP server.") @@ -1030,7 +1030,7 @@ func (nrc *NetworkRoutingController) startBgpServer() error { // else attempt to get peers from node specific BGP annotations. if len(nrc.globalPeerRouters) == 0 { // Get Global Peer Router ASN configs - nodeBgpPeerAsnsAnnotation, ok := node.ObjectMeta.Annotations["io.kube-router.net.peer.asns"] + nodeBgpPeerAsnsAnnotation, ok := node.ObjectMeta.Annotations["kube-router.io/peer.asns"] if !ok { glog.Infof("Could not find BGP peer info for the node in the node annotations so skipping configuring peer.") return nil @@ -1044,7 +1044,7 @@ func (nrc *NetworkRoutingController) startBgpServer() error { } // Get Global Peer Router IP Address configs - nodeBgpPeersAnnotation, ok := node.ObjectMeta.Annotations["io.kube-router.net.peer.ips"] + nodeBgpPeersAnnotation, ok := node.ObjectMeta.Annotations["kube-router.io/peer.ips"] if !ok { glog.Infof("Could not find BGP peer info for the node in the node annotations so skipping configuring peer.") return nil @@ -1058,7 +1058,7 @@ func (nrc *NetworkRoutingController) startBgpServer() error { // Get Global Peer Router Password configs peerPasswords := []string{} - nodeBGPPasswordsAnnotation, ok := node.ObjectMeta.Annotations["io.kube-router.net.peer.passwords"] + nodeBGPPasswordsAnnotation, ok := node.ObjectMeta.Annotations["kube-router.io/peer.passwords"] if !ok { glog.Infof("Could not find BGP peer password info in the node's annotations. Assuming no passwords.") } else { diff --git a/app/controllers/network_services_controller.go b/app/controllers/network_services_controller.go index 40a5015e..99fced75 100644 --- a/app/controllers/network_services_controller.go +++ b/app/controllers/network_services_controller.go @@ -426,7 +426,7 @@ func buildServicesInfo() serviceInfoMap { } svcInfo.sessionAffinity = (svc.Spec.SessionAffinity == "ClientIP") - _, svcInfo.hairpin = svc.ObjectMeta.Annotations["io.kube-router.net.service.hairpin"] + _, svcInfo.hairpin = svc.ObjectMeta.Annotations["kube-router.io/service.hairpin"] svcId := generateServiceId(svc.Namespace, svc.Name, port.Name) serviceMap[svcId] = &svcInfo