From 10a6bd67debc4b3a7f9f36bd17836fda2204f371 Mon Sep 17 00:00:00 2001
From: Catblade <catblade@gmail.com>
Date: Fri, 18 Dec 2020 00:54:25 -0600
Subject: [PATCH] Calico:  update files to handle multi-asn bgp peering
 conditions. (#6971)

* update files to handle multi-asn bgp peering conditions.

* put back in the serviceClusterIPs.  Bad merge.

* remove extraneous environment var.

* update files as discussed with mirwan

* update titles.

* add not in.

* add a conditional for using bgp to advertise cluster ips.

Co-authored-by: marlow-h <mweston@habana.ai>
---
 inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml | 4 ++++
 roles/network_plugin/calico/tasks/install.yml              | 7 ++++---
 roles/network_plugin/calico/templates/calico-node.yml.j2   | 4 ----
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
index 8e70ccec1..a6e925b9b 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
@@ -23,6 +23,10 @@
 # Global as_num (/calico/bgp/v1/global/as_num)
 # global_as_num: "64512"
 
+# If doing peering with node-assigned asn where the globas does not match your nodes, you want this
+# to be true.  All other cases, false.
+# calico_no_global_as_num: false
+
 # You can set MTU value here. If left undefined or empty, it will
 # not be specified in calico CNI config, so Calico will use built-in
 # defaults. The value should be a number, not a string.
diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml
index 19d7100bd..bcbf1873d 100644
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -168,7 +168,7 @@
     - inventory_hostname in groups['k8s-cluster']
   run_once: yes
 
-- name: Calico | Set global as_num
+- name: Calico | Set up BGP Configuration
   command:
     cmd: "{{ bin_dir }}/calicoctl.sh apply -f -"
     stdin: >
@@ -179,9 +179,10 @@
       },
       "spec": {
           "logSeverityScreen": "Info",
+          {% if not calico_no_global_as_num|default(false) %}"asNumber": {{ global_as_num }},{% endif %}
           "nodeToNodeMeshEnabled": {{ nodeToNodeMeshEnabled|default('true') }} ,
-          "serviceExternalIPs": {{ _service_external_ips|default([]) }},
-          "asNumber": {{ global_as_num }} }}
+          {% if calico_advertise_cluster_ips|default(false) %}"serviceClusterIPs": [{"cidr": {{ kube_service_addresses }} }],{% endif %}
+          "serviceExternalIPs": {{ _service_external_ips|default([]) }} }}
   changed_when: false
   when:
     - inventory_hostname == groups['kube-master'][0]
diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2
index 0cdfbbc02..f6fdb3991 100644
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -224,10 +224,6 @@ spec:
               value: "{{ calico_felix_prometheusgometricsenabled }}"
             - name: FELIX_PROMETHEUSPROCESSMETRICSENABLED
               value: "{{ calico_felix_prometheusprocessmetricsenabled }}"
-{% if calico_advertise_cluster_ips|default(false) %}
-            - name: CALICO_ADVERTISE_CLUSTER_IPS
-              value: "{{ kube_service_addresses }}"
-{% endif %}
 {% if calico_ip_auto_method is defined %}
             - name: IP_AUTODETECTION_METHOD
               value: "{{ calico_ip_auto_method }}"
-- 
GitLab