From 46cdf2f2a9ad478ade679f303bccb27baf277520 Mon Sep 17 00:00:00 2001
From: JJGadgets <git@jjgadgets.tech>
Date: Mon, 27 Nov 2023 09:10:59 +0800
Subject: [PATCH] fix(cilium): disable clustermesh, native routing LoadBalancer
 services not responding Minecraft server specifically gets denied from
 egressing to world Not sure if Minecraft server issue related to `k8s:`
 matchLabels prefix

---
 .../app/config/biohazard/helm-values.yaml     | 41 ++++++++++---------
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml b/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml
index 570d7c66..9dad9f8c 100644
--- a/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml
+++ b/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml
@@ -16,31 +16,34 @@ cluster:
   id: "1"
 
 ## NOTE: ClusterMesh, for connecting multiple clusters
-clustermesh:
-  useAPIServer: true
-  apiserver:
-    replicas: 3
-    service:
-      type: "NodePort"
-      nodePort: 32371
-  config:
-    enabled: true
-    clusters:
-      - name: "hercules"
-        port: 32372
-        ips: ["${IP_HERCULES}"]
+# clustermesh:
+#   useAPIServer: true
+#   apiserver:
+#     replicas: 1
+#     service:
+#       type: "NodePort"
+#       nodePort: 32371
+#       # type: "LoadBalancer"
+#       # annotations:
+#       #   "io.cilium/lb-ipam-ips": "${IP_CILIUM_CLUSTERMESH_BIOHAZARD}"
+#   config:
+#     enabled: true
+#     clusters:
+#       - name: "hercules"
+#         port: 32372
+#         ips: ["${IP_HERCULES}"]
 
 ## NOTE: Cilium's routing modes for inter-nodes pod traffic
-# tunnel: "disabled"
-# autoDirectNodeRoutes: true
-# ipv4NativeRoutingCIDR: "${IP_POD_CIDR_V4}"
+tunnel: "disabled"
+autoDirectNodeRoutes: true
+ipv4NativeRoutingCIDR: "${IP_POD_CIDR_V4}"
 ### using Geneve tunnel for simpler routing and easier ClusterMesh across WireGuard
-routingMode: tunnel
-tunnelProtocol: geneve
+# routingMode: tunnel
+# tunnelProtocol: geneve
 loadBalancer:
   algorithm: maglev
   mode: dsr
-  dsrDispatch: geneve
+  # dsrDispatch: geneve
   # acceleration: best-effort
 
 ## NOTE: Cilium's networking internals