Option to use bird backend (iow BGP) for Calico when deploying cluster with Canal CNI plugin

[agrevtsev]

Is your feature request related to a problem? Please describe.

I tried to use BGP to publish LoadBalancer service on RKE2 cluster, deployed with Canal CNI plugin. To achieve that i:

1. Created Calico BGPConfiguration CR
2. Created Calico BGPPeer CR
3. Altered rke2-canal HelmChartConfig so Calico would use networkingBackend: bird

and then realised that such functionality were partially stripped out from hardened-calico docker image. And finally, after altering and rebuilding hardened-calico image, and altering calico-node ClusterRole, i managed to establish BGP peering.
My question - is such option stripped out on purpose? I like simplicity and robustness of Calico+Flannel solution, especially in multi-homed configuration, but in that case i also missed BGP peering option.

Describe the solution you'd like

Is it possible to add (IOW, return) such functionality into Canal CNI? Or am i overlooked something?

Describe alternatives you've considered

Probably MetalLB in BGP mode could help here, or migration to Cilium CNI.

Additional context

I prepared PRs which restores mentioned functionality.
rancher/image-build-calico#62
rancher/rke2-charts#412

Thank you!
Br, Alexey

[manuelbuil]

The reason for canal to exist is because you might want flannel to take care of the vxlan overlay network. In fact, there are historic reasons for that because at some point Calico did not have vxlan. However, if you are not going to use vxlan but BGP, then I'd say you should use Calico directly. In the end, Canal is basically Calico + flannel, where flannel only takes care of the vxlan infrastructure

[agrevtsev]

Hi @manuelbuil !
The problem is, that i want to use vxlan for inter-pod communication, and BGP for publishing LoadBalancers into the ToR router. But for now, even if i opt in to use Calico directly - i couldn't, because the rancher's build calico image is lack some crucial confd/bird config files.

Br, Alexey

[manuelbuil]

Hi @manuelbuil ! The problem is, that i want to use vxlan for inter-pod communication, and BGP for publishing LoadBalancers into the ToR router. But for now, even if i opt in to use Calico directly - i couldn't, because the rancher's build calico image is lack some crucial confd/bird config files.

Br, Alexey

Thanks for describing your use case, I understand now what you want to achive.

We know that the calico image we build does not include everything, that's normal and made on purpose to simpligy the build process. Note that we are only building the calico image for canal and for more advanced use cases, we refer users to Calico. If you use calico, we are mirroring the upstream calico image directly, so you should have everything there

[github-actions]

This repository uses a bot to automatically label issues which have not had any activity (commit/comment/label) for 45 days. This helps us manage the community issues better. If the issue is still relevant, please add a comment to the issue so the bot can remove the label and we know it is still valid. If it is no longer relevant (or possibly fixed in the latest release), the bot will automatically close the issue in 14 days. Thank you for your contributions.