From d9c7c2ff32089c752b883f45d5c6527b410612e0 Mon Sep 17 00:00:00 2001
From: Christian Berendt <berendt@osism.tech>
Date: Fri, 2 Aug 2024 19:08:31 +0200
Subject: [PATCH] k3s_server: add kube-vip BGP support

With the kube_vip_bgp parameter it is possible to enable the kube-vip
BGP support (https://kube-vip.io/docs/modes/bgp/).

The configuration is possible with the following new parameters:

* kube_vip_bgp_routerid
* kube_vip_bgp_as
* kube_vip_bgp_peeraddress
* kube_vip_bgp_peeras

Signed-off-by: Christian Berendt <berendt@osism.tech>
---
 inventory/sample/group_vars/all.yml    | 12 ++++++++++++
 roles/k3s_server/defaults/main.yml     |  3 ---
 roles/k3s_server/templates/vip.yaml.j2 | 22 +++++++++++++++++++++-
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml
index 01b1fe9..a4f554c 100644
--- a/inventory/sample/group_vars/all.yml
+++ b/inventory/sample/group_vars/all.yml
@@ -34,6 +34,18 @@ cilium_bgp_peer_asn: "64512"
 cilium_bgp_peer_address: "192.168.30.1"
 cilium_bgp_lb_cidr: "192.168.31.0/24"   # cidr for cilium loadbalancer ipam
 
+# enable kube-vip ARP broadcasts
+kube_vip_arp: true
+
+# enable kube-vip BGP peering
+kube_vip_bgp: false
+
+# bgp parameters for kube-vip
+kube_vip_bgp_routerid: "127.0.0.1" # Defines the router ID for the BGP server
+kube_vip_bgp_as: "64513" # Defines the AS for the BGP server
+kube_vip_bgp_peeraddress: "192.168.30.1" # Defines the address for the BGP peer
+kube_vip_bgp_peeras: "64512" # Defines the AS for the BGP peer
+
 # apiserver_endpoint is virtual ip-address which will be configured on each master
 apiserver_endpoint: "192.168.30.222"
 
diff --git a/roles/k3s_server/defaults/main.yml b/roles/k3s_server/defaults/main.yml
index 349889b..46f1528 100644
--- a/roles/k3s_server/defaults/main.yml
+++ b/roles/k3s_server/defaults/main.yml
@@ -4,9 +4,6 @@
 # will determine the right interface automatically at runtime.
 kube_vip_iface: null
 
-# Enables ARP broadcasts from Leader
-kube_vip_arp: true
-
 # Name of the master group
 group_name_master: master
 
diff --git a/roles/k3s_server/templates/vip.yaml.j2 b/roles/k3s_server/templates/vip.yaml.j2
index 47d4e8f..dfd56fc 100644
--- a/roles/k3s_server/templates/vip.yaml.j2
+++ b/roles/k3s_server/templates/vip.yaml.j2
@@ -27,7 +27,9 @@ spec:
         - manager
         env:
         - name: vip_arp
-          value: "{{ 'true' if kube_vip_arp | bool else 'false' }}"
+          value: "{{ 'true' if kube_vip_arp | default(true) | bool else 'false' }}"
+        - name: bgp_enable
+          value: "{{ 'true' if kube_vip_bgp | default(false) | bool else 'false' }}"
         - name: port
           value: "6443"
 {% if kube_vip_iface %}
@@ -54,6 +56,24 @@ spec:
           value: "2"
         - name: address
           value: {{ apiserver_endpoint }}
+{% if kube_vip_bgp | default(false) | bool %}
+{% if kube_vip_bgp_routerid is defined %}
+        - name: bgp_routerid
+          value: "{{ kube_vip_bgp_routerid }}"
+{% endif %}
+{% if kube_vip_bgp_as is defined %}
+        - name: bgp_as
+          value: "{{ kube_vip_bgp_as }}"
+{% endif %}
+{% if kube_vip_bgp_peeraddress is defined %}
+        - name: bgp_peeraddress
+          value: "{{ kube_vip_bgp_peeraddress }}"
+{% endif %}
+{% if kube_vip_bgp_peeras is defined %}
+        - name: bgp_peeras
+          value: "{{ kube_vip_bgp_peeras }}"
+{% endif %}
+{% endif %}
         image: ghcr.io/kube-vip/kube-vip:{{ kube_vip_tag_version }}
         imagePullPolicy: Always
         name: kube-vip