agent: add flock.fritzlab.net/addresses annotation (eth0 static IPs)
Build flock Image / build (push) Successful in 3m23s
Build flock Image / build (push) Successful in 3m23s
Like anycast, addresses IPs are advertised via BGP (/128+/32) and get host routes via the AnycastReconciler. The sole difference: they are assigned to pod eth0 instead of lo, so workloads that inspect their primary interface (e.g. Plex remote-access detection) see the public IP directly. - annotations.go: annAddresses const, Addresses []net.IP in ParsedAnnotations - state.go: Addresses []string persisted in allocations.json - anycast.go: resolveAnycastTargets processes Anycast+Addresses together - netns_linux.go: configurePodSide assigns Addresses to eth0 - netns_stub.go: mirror Addresses field for non-Linux builds - handlers.go: thread Addresses through ADD path Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Donavan Fritz
@@ -16,12 +16,13 @@ const annotationPrefix = "flock.fritzlab.net/"
|
||||
|
||||
// Recognised annotation keys (without the prefix).
|
||||
const (
|
||||
annIPv6 = "ipv6"
|
||||
annIPv4 = "ipv4"
|
||||
annCIDR6 = "cidr6"
|
||||
annCIDR4 = "cidr4"
|
||||
annIPAlgo = "ip-algo"
|
||||
annAnycast = "anycast"
|
||||
annIPv6 = "ipv6"
|
||||
annIPv4 = "ipv4"
|
||||
annCIDR6 = "cidr6"
|
||||
annCIDR4 = "cidr4"
|
||||
annIPAlgo = "ip-algo"
|
||||
annAnycast = "anycast"
|
||||
annAddresses = "addresses"
|
||||
)
|
||||
|
||||
// FamilyDefaults is the per-call baseline for whether a pod receives an IPv6
|
||||
@@ -91,6 +92,13 @@ type ParsedAnnotations struct {
|
||||
// Anycast is the set of anycast IPs to bind on the pod's loopback.
|
||||
// nil/empty means "no anycast".
|
||||
Anycast []net.IP
|
||||
// Addresses is the set of additional IPs to bind directly on the pod's
|
||||
// eth0. BGP advertisement (/128+/32) is identical to Anycast; the only
|
||||
// difference is that these IPs land on the primary interface instead of
|
||||
// lo. Use this when the workload needs the IP directly visible on eth0
|
||||
// (e.g. Plex, which inspects its own interfaces for remote-access setup).
|
||||
// nil/empty means "no extra addresses".
|
||||
Addresses []net.IP
|
||||
}
|
||||
|
||||
// ParseAnnotations applies the supplied per-node defaults and validates the
|
||||
@@ -150,6 +158,14 @@ func ParseAnnotations(in map[string]string, defaults FamilyDefaults) (*ParsedAnn
|
||||
out.Anycast = ips
|
||||
}
|
||||
|
||||
if v, ok := in[annotationPrefix+annAddresses]; ok {
|
||||
ips, err := parseIPList(v)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("annotation %s: %w", annAddresses, err)
|
||||
}
|
||||
out.Addresses = ips
|
||||
}
|
||||
|
||||
return out, nil
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user