Disable TCP early demux when pod-eni is enabled

aws · Sep 13, 2020 · 1ba8b81 · 1ba8b81
1 parent 91ce9f5
commit 1ba8b81
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/scripts/init.sh b/scripts/init.sh
@@ -28,6 +28,14 @@ HOST_IP=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/late
 PRIMARY_IF=$(ip -4 -o a | grep "$HOST_IP" | awk '{print $2}')
 sysctl -w "net.ipv4.conf.$PRIMARY_IF.rp_filter=2"
 
+# Configure tcp_early_demux to enable kubelet to pod-eni communication
+# https://lwn.net/Articles/503420/ for background
+if [ "${ENABLE_TCP_EARLY_DEMUX:-false}" == "true" ]; then
+ sysctl -w "net.ipv4.tcp_early_demux=1"
+else
+ sysctl -w "net.ipv4.tcp_early_demux=0"
+fi
+
 cat "/proc/sys/net/ipv4/conf/$PRIMARY_IF/rp_filter"
 
 echo "CNI init container done"