Skip to content

Instantly share code, notes, and snippets.

@Gentoli

Gentoli/OKE_CILIUM.md

Last active July 3, 2023 10:35
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Gentoli/5186d552ab5e6f60cbbbefc099658b4b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Gentoli/5186d552ab5e6f60cbbbefc099658b4b to your computer and use it in GitHub Desktop.
Download ZIP
OKE VCN Native Cilium
Raw
OKE_CILIUM.md

OKE @ v1.26.2 have OKE CNI without ipvlan. Native veth chaining works.

  • CNI Config (merged from /etc/cni/net.d/10-oci.conflist on the OS): 
    apiVersion: v1
kind: ConfigMap
metadata:
  name: cni-configuration
  namespace: cilium # same namespace as cilium (e.g. kube-system)
data:
  cni-config: |-
    {
      "name": "oci-cilium",
      "cniVersion": "0.3.1",
      "plugins": [
        {
          "cniVersion": "0.3.1",
          "type": "oci-ipvlan",
          "mode": "l2",
          "kubernetesServiceCidr": "10.111.8.0/21",
          "ipam": {
            "type": "oci-ipam"
          }
        },
        {
          "cniVersion": "0.3.1",
          "type": "oci-ptp",
          "containerInterface": "ptp-veth0",
          "mtu": 9000,
          "kubernetesServiceCidr": "10.111.8.0/21"
        },
        {
          "type": "cilium-cni",
          "chaining-mode": "generic-veth"
        }
      ]
    }
  • helm values: 
    cni:
  chainingMode: generic-veth
  customConf: true
  configMap: cni-configuration # from above
routingMode: native
enableIPv4Masquerade: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment