X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=src%2Ffoundation%2Fscripts%2Fcni%2Fcalico%2Fk8s-new%2Fenable_bpf.sh;fp=src%2Ffoundation%2Fscripts%2Fcni%2Fcalico%2Fk8s-new%2Fenable_bpf.sh;h=1eee57e94722b8c4f976f45d086a216c35d78bf5;hb=bf8c38a13036ac507b3a8f79add3d41902f4615a;hp=0000000000000000000000000000000000000000;hpb=6b74a888d0d965d8c7a4d1b762c81e42a0f9b418;p=iec.git diff --git a/src/foundation/scripts/cni/calico/k8s-new/enable_bpf.sh b/src/foundation/scripts/cni/calico/k8s-new/enable_bpf.sh new file mode 100755 index 0000000..1eee57e --- /dev/null +++ b/src/foundation/scripts/cni/calico/k8s-new/enable_bpf.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +set -x + +WORKDIR=$(pwd) +TMP_DIR=$(mktemp -d) +MARCH=$(uname -m) +CALICO_VERSION=${1:-3.23.1} + +if [ $MARCH == "aarch64" ]; then ARCH=arm64; +elif [ $MARCH == "x86_64" ]; then ARCH=amd64; +else ARCH="unknown"; +fi +echo ARCH=$ARCH + +k8s_ep=$(kubectl get endpoints kubernetes -o wide | grep kubernetes | cut -d " " -f 4) +k8s_host=$(echo $k8s_ep | cut -d ":" -f 1) +k8s_port=$(echo $k8s_ep | cut -d ":" -f 2) + + +cat < ${WORKDIR}/k8s_service.yaml +kind: ConfigMap +apiVersion: v1 +metadata: + name: kubernetes-services-endpoint + namespace: kube-system +data: + KUBERNETES_SERVICE_HOST: "__KUBERNETES_SERVICE_HOST__" + KUBERNETES_SERVICE_PORT: "__KUBERNETES_SERVICE_PORT__" +EOF + + +sed -i "s/__KUBERNETES_SERVICE_HOST__/${k8s_host}/" ${WORKDIR}/k8s_service.yaml +sed -i "s/__KUBERNETES_SERVICE_PORT__/${k8s_port}/" ${WORKDIR}/k8s_service.yaml + +kubectl apply -f ${WORKDIR}/k8s_service.yaml + +echo "Disable kube-proxy:" +kubectl patch ds -n kube-system kube-proxy -p '{"spec":{"template":{"spec":{"nodeSelector":{"non-calico": "true"}}}}}' + +if [ ! -f /usr/local/bin/calicoctl ]; then + echo "No calicoctl, install now:" + curl -L https://github.com/projectcalico/calico/releases/download/v${CALICO_VERSION}/calicoctl-linux-${ARCH} -o ${WORKDIR}/calicoctl; + chmod +x ${WORKDIR}/calicoctl; + sudo cp ${WORKDIR}/calicoctl /usr/local/bin; + rm ${WORKDIR}/calicoctl +fi + +echo "Enable eBPF:" +calicoctl patch felixconfiguration default --patch='{"spec": {"bpfEnabled": true}}' + +echo "Enable Direct Server Return(DSR) mode: optional" +calicoctl patch felixconfiguration default --patch='{"spec": {"bpfExternalServiceMode": "DSR"}}'