feat: replace SRv6 endpoint routing with IPAM-managed pod subnet alloc#132
Merged
Conversation
…cation This patch adds a new resource that can be used to test and exercise the CNI connection. The once the containerlab deployment is active running `task deploy:testvpc` will deploy pods to each cluster and craete a VPC between them - Add internal/cni/ipam package with PoolAllocator and StaticAllocator for IPv6 /80 subnet allocation from a CIDR pool - Rewrite cmdAdd to configure IPAM, set IP address and default route on the guest interface inside the container netns, and advertise the allocated pod subnet in the BGPAdvertisement CRD - Rewrite cmdDel to deallocate IPAM by reading the allocated subnet from the BGPAdvertisement CRD annotation keyed by container ID - Remove SRv6 ingress route setup from CNI; the controller now derives the SRv6 endpoint from the pod subnet and installs the ingress route - Add idempotency guards to veth.Add and vrf.Add so a leftover interface from a prior failed cmdAdd does not cause cmdAdd to fail - Wrap galactic-cni binary with a shell script that exports NODE_NAME and KUBECONFIG so the CNI binary can reach the API server in Kind - Add containerlab test VPC resources (NAD, nginx deployment, RBAC) and install-testvpc.sh script to deploy cross-cluster connectivity - Create /var/run/galactic-cni directory in Dockerfile for IPAM state - Update BGPVRFInstance route target format to drop "rt:" prefix
scotwells
approved these changes
Jun 25, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This patch adds a new resource that can be used to test and exercise the
CNI connection. The once the containerlab deployment is active running
task deploy:testvpcwill deploy pods to each cluster and craete a VPCbetween them
Changes