Skip to content

sotoon/tunnel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
group_vars/all
group_vars/all
 
 
inventory/sample
inventory/sample
 
 
roles
roles
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
example.yml
example.yml
 
 
requirements.txt
requirements.txt
 
 
site.yml
site.yml
 
 

Repository files navigation

Tunnel Configuration - VXLAN, BIRD, and Calico

This Ansible playbook sets up network tunnels and multi-cluster connectivity using VXLAN tunnels, BIRD BGP routing, and Calico integration.

Features

  • VXLAN Tunnels: Virtual Extensible LAN tunnels for Layer 2 connectivity across networks
  • BGP Routing: BIRD-based dynamic routing with support for ECMP and path isolation
  • Multi-Cluster Kubernetes: Calico integration for cross-cluster pod and service connectivity
  • Dynamic Interface Configuration: Support for any interface naming convention (eth0, ens3, etc.)
  • Comprehensive Network Tuning: Extensive sysctl configuration for optimal performance
  • ECMP Support: Equal-cost multipath routing for load balancing

Project Structure

The playbook consists of three main components:

  1. VXLAN Role: Creates VXLAN tunnels between virtual machines
  2. BIRD Role: Configures BGP routing for dynamic route propagation
  3. Calico Role: Integrates Kubernetes clusters via BGP peering

Configuration

Inventory Configuration

Each host in a VXLAN tunnel group requires:

all:
  hosts:
    machine1:
      ansible_host: your-server-ip
      tunnel_type: src
      public_ip: your-public-ip
      physical_interfaces:
        - name: eth0
          ip: 192.168.1.10/24
    engine1:
      ansible_host: peer-server-ip
      tunnel_type: dest
      public_ip: peer-public-ip
      physical_interfaces:
        - name: ens3
          ip: 10.0.0.5/24
  children:
    vxlan_all:
      hosts:
        machine1:
        engine1:

Global Variables

In group_vars/all/tunnel.yaml:

# VXLAN configuration
vxlan_ip_range: 192.168.234
vxlan_cidr: 24

# ECMP and BGP settings
enable_ecmp: true
enable_path_isolation: true

Usage

  1. Configure your inventory in inventory/your-environment/hosts.yml
  2. Update global variables in group_vars/all/tunnel.yaml and group_vars/all/kube.yaml
  3. Run the playbook:
# Deploy everything
ansible-playbook -i inventory/your-environment/hosts.yml site.yml

# Deploy only VXLAN tunnels
ansible-playbook -i inventory/your-environment/hosts.yml site.yml --tags vxlan

# Deploy only BIRD BGP
ansible-playbook -i inventory/your-environment/hosts.yml site.yml --tags bird

# Deploy only Calico configuration
ansible-playbook -i inventory/your-environment/hosts.yml site.yml --tags calico

Roles Overview

VXLAN Role

Creates VXLAN tunnels with comprehensive sysctl tuning for optimal performance. See roles/vxlan/README.md for details.

BIRD Role

Configures BGP routing with support for ECMP and path isolation. See roles/bird/README.md for details.

Calico Role

Integrates Kubernetes clusters via BGP peering. See roles/calico/README.md for details.

Troubleshooting

Check VXLAN Tunnel Status

# View tunnel configuration
ip tunnel show

# Check VXLAN interface
ip addr show vxlan-eth0

# Test connectivity
ping 192.168.234.2  # Replace with peer tunnel IP

Check BIRD BGP Status

# View BGP protocols
sudo birdc show protocols

# View BGP routes
sudo birdc show route

Check Calico Status

# Check BGP peers
calicoctl node status

# View routes
calicoctl get bgp routes

Logs

# VXLAN/netplan logs
journalctl -u networking

# BIRD logs
journalctl -u bird

# Calico logs (on Kubernetes nodes)
kubectl logs -n kube-system -l k8s-app=calico-node

Documentation

For detailed documentation on each role:

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages