Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kubernetes: enable bpf masqurade and tunnel based routing for tenant clusters #144

Merged
merged 1 commit into from
May 21, 2024

Conversation

kvaps
Copy link
Member

@kvaps kvaps commented May 21, 2024

This PR solves issues with communication across pods in management cluster with KubeVirt and enables BPF masquerading

@kvaps kvaps changed the title fix kubernetes kubernetes: enable bpf masqurade and tunnel routing May 21, 2024
@kvaps kvaps changed the title kubernetes: enable bpf masqurade and tunnel routing kubernetes: enable bpf masqurade and tunnel based routing May 21, 2024
@kvaps kvaps changed the title kubernetes: enable bpf masqurade and tunnel based routing kubernetes: enable bpf masqurade and tunnel based routing for tenant clusters May 21, 2024
Copy link
Collaborator

@themoriarti themoriarti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand that this solution solves the problem head on, but have other options been considered? It is not very good for me to pass through masquerade communication between pods that are on the same physical server or when they are on the same network.

@kvaps
Copy link
Member Author

kvaps commented May 21, 2024

@themoriarti it should not enable masquerade for inter-cluster operation.
For external nodes it will have masquerading, but without it it will not work any way since external nodes knows nothing for internal pod addresses

@kvaps kvaps merged commit 6cae6ce into main May 21, 2024
themoriarti added a commit that referenced this pull request May 23, 2024
* upd kubernetes (#134)

* Allow root login without password

* add ephemeral volumes for containerd and kubelet

* update kubernetes application

* etcd: Add quota-backend-bytes calculations (#133)

* Prepare release v0.6.0 (#135)

* etcd: enable autocompact and defrag (#137)

Signed-off-by: Andrei Kvapil <[email protected]>

* switched place -maxdepth im Makefiles (#140)

* postgres: fix users and roles (#138)

Signed-off-by: Andrei Kvapil <[email protected]>

* kubernetes: enable bpf masqurade and tunnel routing (#144)

* Unhardcode cluster.local domain (#142)

Allow using other domains for the cluster

Signed-off-by: Andrei Kvapil <[email protected]>

* kamaji: unhardcode cluster.local domain (#145)

Signed-off-by: Andrei Kvapil <[email protected]>

* kubernetes: specify correct dns address (#147)

---------

Signed-off-by: Andrei Kvapil <[email protected]>
Co-authored-by: Andrei Kvapil <[email protected]>
This was referenced Jun 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants