s5b-public/k8s
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
eb00ba2c5a549a674353ceb063f97df2a2865663
k8s/README.md
Marcel Straub eb00ba2c5a fix: Make Cilium IPv4 BGP network fully functional including proof-of-concept application (#11) 
- Upgraded to
  - Talos v1.11 (newest)
  - Kubernetes v1.34
- Added test application for LB-IPAM
- Fixed IPv4 stack:
  - BGP advertisement of Services (ClusterIP, ExternalIP and LoadBalancerIP)
  - Fixed CoreDNS (integration between Talos HostDNS and Cilium BPF)

Co-authored-by: Marcel Straub <m@straubs.eu>
Reviewed-on: #11
2025-09-13 23:28:37 +02:00

1.0 KiB
Raw Blame History

Talos Cluster

Repository Structure

  1. Infrastructure

Architecture

Network

Node Network

  • IPv4 configuration uses DHCP with static MAC binding for easy bring-up
  • IPv6 addresses are manually assigned
  • DNS Zone: prod.k8.eis-mk8.de.s5b.org
VLAN IPv4 IPv6
210 10.51.10.0/23 2a13:fc80:1:a::/64

Pod Network

  • IPv4 only
  • IPv4 prefix: 10.244.0.0/16
  • Potential IPv6 prefix: 2a13:fc80:0001:d200::/64
Important side-notes
  • DNS resolver (Vyos) these networks must be whitelisted to allow recursive DNS

Service Network

  • Dual-Stack
  • IPv6 Prefix: 2a13:fc80:0001:d201::/64
  • IPv4 Prefix: 185.83.87.48/28

BGP

ASN Who
65000 Upstream Router
65001 Cluster

How to use

Prerequisites

Secrets handling

Use direnv package to automatically load the environment variables for a directory and keep the secrets in .envrc files. For ZSH, add

eval "$(direnv hook zsh)"
``

to your ``.zshrc`` for automatic loading on directory change.
Reference in New Issue View Git Blame Copy Permalink