blob: dfba7083a85e62332c279c4c904ee90323cb6ba7 [file] [log] [blame]
# Copyright 2019-present Open Networking Foundation
#
# SPDX-License-Identifier: Apache-2.0
---
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata:
name: router-net
spec:
config: '{
"cniVersion": "0.3.1",
"type": "macvlan",
"master": "${DATA_IFACE}",
"ipam": {
"type": "static"
}
}'
---
apiVersion: v1
kind: Pod
metadata:
name: router
labels:
app: router
annotations:
k8s.v1.cni.cncf.io/networks: '[
{ "name": "router-net", "interface": "core-gw", "ips": ["192.168.250.1/24"] },
{ "name": "router-net", "interface": "ran-gw", "ips": ["192.168.251.1/24"] },
{ "name": "router-net", "interface": "access-gw", "ips": ["192.168.252.1/24"] }
]'
spec:
containers:
- name: router
command: ["/bin/bash", "-c"]
args:
- >
sysctl -w net.ipv4.ip_forward=1;
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
ip route add 172.250.0.0/16 via 192.168.250.3;
trap : TERM INT; sleep infinity & wait
image: opencord/quagga
securityContext:
privileged: true
capabilities:
add:
- NET_ADMIN