| # Copyright 2019-present Open Networking Foundation |
| # |
| # SPDX-License-Identifier: Apache-2.0 |
| |
| --- |
| apiVersion: "k8s.cni.cncf.io/v1" |
| kind: NetworkAttachmentDefinition |
| metadata: |
| name: router-net |
| spec: |
| config: '{ |
| "cniVersion": "0.3.1", |
| "type": "macvlan", |
| "master": "${DATA_IFACE}", |
| "ipam": { |
| "type": "static" |
| } |
| }' |
| --- |
| apiVersion: v1 |
| kind: Pod |
| metadata: |
| name: router |
| labels: |
| app: router |
| annotations: |
| k8s.v1.cni.cncf.io/networks: '[ |
| { "name": "router-net", "interface": "core-gw", "ips": ["192.168.250.1/24"] }, |
| { "name": "router-net", "interface": "ran-gw", "ips": ["192.168.251.1/24"] }, |
| { "name": "router-net", "interface": "access-gw", "ips": ["192.168.252.1/24"] } |
| ]' |
| spec: |
| containers: |
| - name: router |
| command: ["/bin/bash", "-c"] |
| args: |
| - > |
| sysctl -w net.ipv4.ip_forward=1; |
| iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; |
| ip route add 172.250.0.0/16 via 192.168.250.3; |
| trap : TERM INT; sleep infinity & wait |
| image: opencord/quagga |
| securityContext: |
| privileged: true |
| capabilities: |
| add: |
| - NET_ADMIN |