feat: add Fleet bundle and Cilium BGP configuration with dynamic CIDR assignment

2026-05-04 17:32:02 +02:00
parent e4e937119a
commit c3e79e45dd
2 changed files with 74 additions and 0 deletions
@@ -0,0 +1,15 @@
+# deployments/02-bgp-config/fleet.yaml
+kind: Bundle
+metadata:
+  name: bgp-config # Dieser Name ist wichtig für die Abhängigkeit
+
+targetCustomizations:
+  - name: all-clusters
+    clusterSelector:
+      matchExpressions:
+        - key: bgp-cidr
+          operator: Exists
+    helm:
+      values:
+        # Hier deine Logik mit dem CIDR-Label-Replace
+        rawCidr: "${.ClusterLabels.bgp-cidr}"
@@ -0,0 +1,59 @@
+apiVersion: cilium.io/v2
+kind: CiliumBGPAdvertisement
+metadata:
+  name: bgp-advertisement
+  labels:
+    bgp.cilium.io/advertise: "true"
+spec:
+  advertisements:
+    - advertisementType: "Service"
+      service:
+        addresses:
+          - LoadBalancerIP
+      selector:
+        matchLabels: {}
+---
+
+apiVersion: "cilium.io/v2"
+kind: CiliumBGPPeerConfig
+metadata:
+  name: "upstream-router-peer"
+spec:
+  families:
+    - afi: ipv4
+      safi: unicast
+      advertisements:
+        matchLabels:
+          bgp.cilium.io/advertise: "true"
+  gracefulRestart:
+    enabled: true
+    restartTimeSeconds: 120
+
+---
+
+apiVersion: cilium.io/v2
+kind: CiliumBGPClusterConfig
+metadata:
+  name: "rke2-cluster-bgp"
+spec:
+  nodeSelector: {}
+  bgpInstances:
+    - name: "homelab-cluster"
+      localASN: 65200
+      peers:
+        - name: "unifi-router"
+          peerAddress: 192.168.120.1
+          peerASN: 65100  # Hier gehört die Remote-ASN jetzt hin!
+          peerConfigRef:
+            name: upstream-router-peer
+
+---
+apiVersion: "cilium.io/v2"
+kind: CiliumLoadBalancerIPPool
+metadata:
+  name: "cilium-loadbalancer-pool"
+spec:
+  blocks:
+    - cidr: {{ .Values.rawCidr | replace "-" "/" }}
+  serviceSelector:
+    matchLabels: {}