From 8a153ed38e88293c470c7247e281576165b7c2d2 Mon Sep 17 00:00:00 2001
From: Andrii <28559404+anjkl@users.noreply.github.com>
Date: Wed, 25 Nov 2020 15:34:39 +0200
Subject: [PATCH] Add serviceExternalIPs option for calico installation (#6928)

---
 docs/calico.md                                           | 9 +++++++++
 .../sample/group_vars/k8s-cluster/k8s-net-calico.yml     | 5 +++++
 roles/network_plugin/calico/defaults/main.yml            | 3 +++
 roles/network_plugin/calico/tasks/install.yml            | 7 +++++++
 4 files changed, 24 insertions(+)

diff --git a/docs/calico.md b/docs/calico.md
index f48bda941..f722a0932 100644
--- a/docs/calico.md
+++ b/docs/calico.md
@@ -93,6 +93,15 @@ This can be enabled by setting the following variable as follow in group_vars (k
 calico_advertise_cluster_ips: true
 ```
 
+Since calico 3.10, Calico supports advertising Kubernetes service ExternalIPs over BGP in addition to cluster IPs advertising.
+This can be enabled by setting the following variable in group_vars (k8s-cluster/k8s-net-calico.yml)
+
+```yml
+calico_advertise_service_external_ips:
+- x.x.x.x/24
+- y.y.y.y/32
+```
+
 ### Optional : Define global AS number
 
 Optional parameter `global_as_num` defines Calico global AS number (`/calico/bgp/v1/global/as_num` etcd key).
diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
index 5badefd40..8e70ccec1 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
@@ -38,6 +38,11 @@
 # Advertise Cluster IPs
 # calico_advertise_cluster_ips: true
 
+# Advertise Service External IPs
+# calico_advertise_service_external_ips:
+# - x.x.x.x/24
+# - y.y.y.y/32
+
 # Choose data store type for calico: "etcd" or "kdd" (kubernetes datastore)
 # calico_datastore: "etcd"
 
diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index 1cf703cc1..b43f45c9d 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -22,6 +22,9 @@ global_as_num: "64512"
 # defaults. The value should be a number, not a string.
 # calico_mtu: 1500
 
+# Advertise Service External IPs
+calico_advertise_service_external_ips: []
+
 # Limits for apps
 calico_node_memory_limit: 500M
 calico_node_cpu_limit: 300m
diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml
index 7721c591d..19d7100bd 100644
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -154,6 +154,12 @@
     - inventory_hostname == groups['kube-master'][0]
     - 'calico_conf.stdout == "0"'
 
+- name: Populate Service External IPs
+  set_fact:
+    _service_external_ips: "{{ _service_external_ips|default([]) + [ {'cidr': item} ] }}"
+  with_items: "{{ calico_advertise_service_external_ips }}"
+  run_once: yes
+
 - name: "Determine nodeToNodeMesh needed state"
   set_fact:
     nodeToNodeMeshEnabled: "false"
@@ -174,6 +180,7 @@
       "spec": {
           "logSeverityScreen": "Info",
           "nodeToNodeMeshEnabled": {{ nodeToNodeMeshEnabled|default('true') }} ,
+          "serviceExternalIPs": {{ _service_external_ips|default([]) }},
           "asNumber": {{ global_as_num }} }}
   changed_when: false
   when:
-- 
GitLab