https://github.com/taboola/consul2calico

Sync Consul registry to Calico GlobalNetworkSet
https://github.com/taboola/consul2calico

calico consul networkpolicy

Last synced: 5 months ago
JSON representation

Sync Consul registry to Calico GlobalNetworkSet

• Host: GitHub
• URL: https://github.com/taboola/consul2calico
• Owner: taboola
• License: apache-2.0
• Created: 2021-12-13T15:31:45.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2022-01-06T10:43:43.000Z (over 4 years ago)
• Last Synced: 2024-06-19T06:46:22.106Z (almost 2 years ago)
• Topics: calico, consul, networkpolicy
• Language: Go
• Homepage:
• Size: 404 KB
• Stars: 12
• Watchers: 11
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
[![Go Report Card](https://goreportcard.com/badge/github.com/taboola/consul2calico)](https://goreportcard.com/report/github.com/taboola/consul2calico)

# Consul Calico Sync



## Overview

This project will sync/configure calico network policies based on consul KV state.

It will allow ingress/egress traffic from nodes registered in consul to deployments running on kubernetes .

Whenever a node is added to the Hostgroup / rebuilt / changes ip , this project will dynamically change the corresponding calico GlobalNetworkSet.

## Getting Started Running with Helm

1. Create ETCD secret: 

    ``` bash

    kubectl create secret generic etcd-cert \

    --from-file=etcd-ca.crt=./etcd-ca.crt.txt \

    --from-file=etcd.crt=./etcd.crt.txt \

    --from-file=etcd.key=./etcd.key.txt 

    ```

2. Build docker image :

    

    ``` bash

    docker build -t consul-calico-sync:0.0.1 .

    ```

3. Push to local repository :

    ``` bash

    docker push  http://local-repo:8080/consul-calico-sync:0.0.1 .

    ```

4. Change image in values.yaml

    ``` bash

    # The name (and tag) of the Docker image for consul2calico sync.

    image:

    repository: http://local-repo:8080/consul-calico-sync

    pullPolicy: Always

    tag: 0.0.1

    ```

5. Install chart 

    ``` bash

    helm install -n consul-calico-sync -c ./charts/ --namespace namespace

    ```

## How to run tests :

Defaults configured for tests :

    ```

    CALICO_SYNC_INTERVAL=2s

    CALICO_REMOVE_GRACE_TIME=30m

    ```

- With logs :

    ``` bash

    go test  ./...

    ```

- Without logs :

    ``` bash

    go test  ./... -v

    ```

## Future releases

- Add support for  Kubernetes API datastore . (Currently this project support Calico deployments with etcd as datastore)

- Add support for consul TLS .