Created
November 9, 2023 21:49
-
-
Save MatthiasWinzeler/3295f2dfe0a9a14dadd6392cccebc04b to your computer and use it in GitHub Desktop.
cilium 1.14 w/ etcd and docker plugin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # git clone https://github.com/cilium/cilium | |
| # cd cilium | |
| ## build docker plugin since there is no dockerhub image for 1.14.3 for it | |
| # docker build -f images/cilium-docker-plugin/Dockerfile -t cilium-docker-plugin-local . | |
| # docker-compose up | |
| ## in other shell: | |
| # docker network create my_network --ipam-driver cilium --driver cilium | |
| # docker run --net my_network -it ubuntu bash | |
| ## in other shell: | |
| # cilium status | |
| # cilium endpoint list | |
| ## to inspect etcd | |
| # docker run -it --rm --network host --env ALLOW_NONE_AUTHENTICATION=yes bitnami/etcd:latest etcdctl --endpoints http://127.0.0.1:2379 get "" --prefix --keys-only | |
| version: '2' | |
| services: | |
| cilium: | |
| container_name: cilium | |
| image: docker.io/cilium/cilium:v1.14.3 | |
| command: cilium-agent --enable-ipv6=false --kvstore etcd --kvstore-opt etcd.address=127.0.0.1:2379 -t vxlan --enable-bpf-masquerade=true --enable-node-port=true --bpf-lb-sock=true | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - /var/run/cilium:/var/run/cilium | |
| - /sys/fs/bpf:/sys/fs/bpf | |
| # To access Docker container netns: | |
| - /var/run/docker/netns:/var/run/docker/netns:rshared | |
| # To create named netns for cilium-health endpoint: | |
| - /var/run/netns:/var/run/netns:rshared | |
| network_mode: "host" | |
| cap_add: | |
| - "NET_ADMIN" | |
| privileged: true | |
| depends_on: | |
| - etcd | |
| cilium_docker: | |
| container_name: cilium-docker-plugin | |
| #image: docker.io/cilium/docker-plugin:v1.9 | |
| image: cilium-docker-plugin-local | |
| command: cilium-docker | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - /var/run/cilium:/var/run/cilium | |
| - /run/docker/plugins:/run/docker/plugins | |
| network_mode: "host" | |
| cap_add: | |
| - "NET_ADMIN" | |
| privileged: true | |
| depends_on: | |
| - cilium | |
| # consul: | |
| # container_name: cilium-kvstore | |
| # ports: | |
| # - "8500:8500" | |
| # environment: | |
| # - "CONSUL_LOCAL_CONFIG={\"skip_leave_on_interrupt\": true, \"disable_update_check\": true}" | |
| # image: docker.io/library/consul:1.1.0 | |
| # command: agent -client=0.0.0.0 -server -bootstrap-expect 1 | |
| etcd: | |
| container_name: cilium-etcd | |
| image: bitnami/etcd:latest | |
| network_mode: "host" | |
| ports: | |
| - "2379:2379" | |
| - "2380:2380" | |
| environment: | |
| ALLOW_NONE_AUTHENTICATION: yes | |
| cilium_operator: | |
| container_name: cilium-operator | |
| image: cilium/operator-generic:v1.14.3 | |
| command: cilium-operator-generic --enable-k8s=false --enable-ipv4=true --enable-ipv6=false --ipam=docker-ipam --kvstore etcd --kvstore-opt etcd.address=127.0.0.1:2379 --identity-allocation-mode=kvstore | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - /var/run/cilium:/var/run/cilium | |
| - /run/docker/plugins:/run/docker/plugins | |
| # To have access to etcd.yml | |
| - /vagrant:/vagrant | |
| network_mode: "host" | |
| cap_add: | |
| - "NET_ADMIN" | |
| privileged: true | |
| depends_on: | |
| - cilium | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment