Cilium Weekly Episode 30 - External Traffic Policy
Вставка
- Опубліковано 25 вер 2024
- 🚀 New Cilium feature this week - and my 30th weekly Cilium feature post if I've counted correctly - was introduced in Cilium 1.14: BGP support for Local External Traffic Policy 🔀
Most of my other recent videos have been about porting standard BGP features to Cilium. However, this one focuses on enhancing BGP on Cilium to cater to a specific Kubernetes Service requirement.
By default, a Kubernetes Service employs Cluster-wide External Traffic Policy. In the context of BGP, 1. Cilium BGP would advertise the routes for a Service even if there's no available endpoint and 2. the client source IP would shift to the node receiving the traffic
The alternative option is to use Local External Traffic Policy, now supported with Cilium 1.14.
In this mode: 1. Cilium BGP advertises the route for a Service only when healthy local endpoints are present, and 2. the client source IP remains intact (quite handy for troubleshooting and more).
Check out the detailed demo below! 📹 (I've bumped up the playback speed to 1.25x to keep this video within LinkedIn's 15-minute limit). 🕒
was just fiddling around with externalTrafficPolicy and AWS NLBs (also using Cilium as a chained CNI ^^), not understanding much about the Policy Types at its impacts. Thanks tou your explanations, I can understand what I got working today at work - thanks! :)