From 1ba8b81be5c4efb438abe3a052ac5317bd61157c Mon Sep 17 00:00:00 2001
From: Sri Saran Balaji Vellore Rajakumar <srajakum@amazon.com>
Date: Sun, 13 Sep 2020 12:48:45 -0700
Subject: [PATCH] Disable TCP early demux when pod-eni is enabled

---
 scripts/init.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/scripts/init.sh b/scripts/init.sh
index b5c038595d9..6af597bbdc3 100755
--- a/scripts/init.sh
+++ b/scripts/init.sh
@@ -28,6 +28,14 @@ HOST_IP=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/late
 PRIMARY_IF=$(ip -4 -o a | grep "$HOST_IP" | awk '{print $2}')
 sysctl -w "net.ipv4.conf.$PRIMARY_IF.rp_filter=2"
 
+# Configure tcp_early_demux to enable kubelet to pod-eni communication
+# https://lwn.net/Articles/503420/ for background
+if [ "${ENABLE_TCP_EARLY_DEMUX:-false}" == "true" ]; then
+    sysctl -w "net.ipv4.tcp_early_demux=1"
+else
+    sysctl -w "net.ipv4.tcp_early_demux=0"
+fi
+
 cat "/proc/sys/net/ipv4/conf/$PRIMARY_IF/rp_filter"
 
 echo "CNI init container done"