Implement flat-mode network model with BGP support

This document describes how to implement a flat-mode network model with Border Gateway Protocol (BGP) support. When you implement a network model with BGP support, BGP dynamically ensures that pods in different L2 domains can communicate with each other.

For more information about flat-mode network models, see Flat vs island mode network models.

How to implement a flat-mode network that uses BGP

To implement a cluster on a flat-mode network model with BGP support, make the following changes to the cluster's cluster.yaml file:

  • Set the spec.clusterNetwork.advancedNetworking field to true in the cluster resource.
  • Set the spec.clusterNetwork.flatIPv4 field to true in the cluster resource.
  • When spec.clusterNetwork.flatIPv4is set to true, the field spec.clusterNetwork.pods.cidrBlocks is ignored and can be omitted. However, you will need to define a ClusterCIDRConfigs section in the yaml file (per-node, per-nodepool and/or per-cluster). See the example cluster.yaml file below for details.
  • Append a NetworkGatewayGroup resource to the cluster.yaml file and specify the floating IPs to use for BGP peering. Ensure that the name is default and the namespace is the cluster namespace.
  • Append FlatIPMode and BGPPeer resources to the cluster.yaml file. The name of the FlatIPMode resource must be default, and all resources must be in the cluster namespace.

For Preview, only IPv4 BGP Peers and sessions are supported. However, if your environment supports Multiprotocol BGP (MP-BGP), IPv4 and IPv6 routes can be advertised over these IPv4 sessions. IPv6 BGP Peer configuration is not supported in version 1.11.0 of Anthos clusters on bare metal.

The following excerpt of a cluster.yaml file shows how to implement flat-mode networking with BGP support. Note that the IP addresses that appear in this excerpt are only examples and you will need to replace them with your own IP addresses:


apiVersion: baremetal.cluster.gke.io/v1
kind: Cluster
metadata:
  name: bm
  namespace: cluster-bm
spec:

...

  clusterNetwork:
    advancedNetworking: true
    flatIPv4: true

  ... (other cluster config omitted)

apiVersion: networking.gke.io/v1
kind: NetworkGatewayGroup
metadata:
  name: default
  namespace: cluster-bm
spec:
  floatingIPs:
  - 10.0.1.100
  - 10.0.2.100

....

apiVersion: baremetal.cluster.gke.io/v1alpha1
kind: FlatIPMode
metadata:
  name: default
  namespace: cluster-bm
spec:
  enableBGPIPv4: true
  enableBGPIPv6: false
  peerSelector:
    flatip-peer: "true"

....

apiVersion: networking.gke.io/v1
kind: BGPPeer
metadata:
  name: bgppeer1
  namespace: cluster-bm
  labels:
    flatip-peer: "true"
spec:
  localASN: 65001
  peerASN: 65000
  peerIP: 10.0.1.254
  sessions: 2

....

apiVersion: networking.gke.io/v1
kind: BGPPeer
metadata:
  name: bgppeer2
  namespace: cluster-bm
  labels:
    flatip-peer: "true"
spec:
  localASN: 65001
  peerASN: 65000
  peerIP: 10.0.2.254
  sessions: 2

....

apiVersion: baremetal.cluster.gke.io/v1alpha1
kind: ClusterCIDRConfig
metadata:
  name: cluster-wide-1
  namespace: cluster-bm
spec:
  ipv4:
    cidr: "192.168.0.0/16"
    perNodeMaskSize: 24