Cilium Cluster Mesh RKE2

HelmChartConfig

apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
  name: rke2-cilium
  namespace: kube-system
spec:
  valuesContent: |-
    kubeProxyReplacement: strict
    k8sServiceHost: 127.0.0.1
    k8sServicePort: 6443
    ipv4NativeRoutingCIDR: 10.0.0.0/8
    # Transparent Encryption
    encryption:
      enabled: true
      type: wireguard
    # Cluster-mesh
    # cluster:
    #   name: cilium01
    #   id: 1

Use the CLI

export CLUSTER1=cilium01 CLUSTER2=cilium02
kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f -
cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer
cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer
kubectl annotate svc -n kube-system	clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp'
cilium clustermesh status --context $CLUSTER1 --wait
cilium clustermesh status --context $CLUSTER2 --wait
cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2
cilium clustermesh status --context $CLUSTER1 --wait
cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2
helm get values -n kube-system rke2-

Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/

wrkode/README.md

Select an option

No results found

Select an option

No results found

HelmChartConfig

Use the CLI