src/foundation/scripts/cni/calico/k8s-new/enable_bpf.sh

   1 #!/bin/bash
   2
   3 set -x
   4
   5 WORKDIR=$(pwd)
   6 TMP_DIR=$(mktemp -d)
   7 MARCH=$(uname -m)
   8 CALICO_VERSION=${1:-3.23.1}
   9
  10 if [ $MARCH == "aarch64" ]; then ARCH=arm64;
  11 elif [ $MARCH == "x86_64" ]; then ARCH=amd64;
  12 else ARCH="unknown";
  13 fi
  14 echo ARCH=$ARCH
  15
  16 k8s_ep=$(kubectl get endpoints kubernetes -o wide | grep kubernetes | cut -d " " -f 4)
  17 k8s_host=$(echo $k8s_ep | cut -d ":" -f 1)
  18 k8s_port=$(echo $k8s_ep | cut -d ":" -f 2)
  19
  20
  21 cat <<EOF > ${WORKDIR}/k8s_service.yaml
  22 kind: ConfigMap
  23 apiVersion: v1
  24 metadata:
  25   name: kubernetes-services-endpoint
  26   namespace: kube-system
  27 data:
  28   KUBERNETES_SERVICE_HOST: "__KUBERNETES_SERVICE_HOST__"
  29   KUBERNETES_SERVICE_PORT: "__KUBERNETES_SERVICE_PORT__"
  30 EOF
  31
  32
  33 sed -i "s/__KUBERNETES_SERVICE_HOST__/${k8s_host}/" ${WORKDIR}/k8s_service.yaml
  34 sed -i "s/__KUBERNETES_SERVICE_PORT__/${k8s_port}/" ${WORKDIR}/k8s_service.yaml
  35
  36 kubectl apply -f ${WORKDIR}/k8s_service.yaml
  37
  38 echo "Disable kube-proxy:"
  39 kubectl patch ds -n kube-system kube-proxy -p '{"spec":{"template":{"spec":{"nodeSelector":{"non-calico": "true"}}}}}'
  40
  41 if [ ! -f /usr/local/bin/calicoctl ]; then
  42    echo "No calicoctl, install now:"
  43    curl -L https://github.com/projectcalico/calico/releases/download/v${CALICO_VERSION}/calicoctl-linux-${ARCH} -o ${WORKDIR}/calicoctl;
  44    chmod +x ${WORKDIR}/calicoctl;
  45    sudo cp ${WORKDIR}/calicoctl /usr/local/bin;
  46    rm ${WORKDIR}/calicoctl
  47 fi
  48
  49 echo "Enable eBPF:"
  50 calicoctl patch felixconfiguration default --patch='{"spec": {"bpfEnabled": true}}'
  51
  52 echo "Enable Direct Server Return(DSR) mode: optional"
  53 calicoctl patch felixconfiguration default --patch='{"spec": {"bpfExternalServiceMode": "DSR"}}'