diff --git a/cli/cmd/plugin/standalone-cluster/cluster/kind.go b/cli/cmd/plugin/standalone-cluster/cluster/kind.go index 5b92503787..4d2b667328 100644 --- a/cli/cmd/plugin/standalone-cluster/cluster/kind.go +++ b/cli/cmd/plugin/standalone-cluster/cluster/kind.go @@ -4,8 +4,12 @@ package cluster import ( + "fmt" + "regexp" + kindCluster "sigs.k8s.io/kind/pkg/cluster" "sigs.k8s.io/kind/pkg/cluster/nodes" + "sigs.k8s.io/kind/pkg/exec" ) const KIND_CONFIG = `kind: Cluster @@ -105,3 +109,54 @@ func (kcm KindClusterManager) ListNodes(clusterName string) []string { } return result } + +// PatchForAntrea modifies the node network settings to allow local routing. +// this needs to happen for antrea running on kind or else you'll lose network connectivity +// see: https://github.com/antrea-io/antrea/blob/main/hack/kind-fix-networking.sh +func PatchForAntrea(nodeName string) error { + // First need to get the ID of the interface from the cluster node. + cmd := exec.Command("docker", "exec", nodeName, "ip", "link") + out, err := exec.Output(cmd) + if err != nil { + return err + } + re := regexp.MustCompile("eth0@if(.*?):") + match := re.FindStringSubmatch(string(out)) + peerIdx := string(match[1]) + + // Now that we have the ID, we need to look on the host network to find its name. + cmd = exec.Command("docker", "run", "--rm", "--net=host", "antrea/ethtool:latest", "ip", "link") + outLines, err := exec.OutputLines(cmd) + if err != nil { + return err + } + peerName := "" + re = regexp.MustCompile(fmt.Sprintf("^%s: (.*?)@.*:", peerIdx)) + for _, line := range outLines { + match = re.FindStringSubmatch(line) + if len(match) > 0 { + peerName = match[1] + break + } + } + + if peerName == "" { + return fmt.Errorf("unable to find node interface %q on host network", peerIdx) + } + + // With the name, we can now use ethtool to turn off TX checksumming offload + cmd = exec.Command("docker", "run", "--rm", "--net=host", "--privileged", "antrea/ethtool:latest", "ethtool", "-K", peerName, "tx", "off") + out, err = exec.Output(cmd) + if err != nil { + return err + } + + // Finally, enable local routing + cmd = exec.Command("docker", "exec", nodeName, "sysctl", "-w", "net.ipv4.conf.all.route_localnet=1") + out, err = exec.Output(cmd) + if err != nil { + return err + } + + return nil +} diff --git a/cli/cmd/plugin/standalone-cluster/create.go b/cli/cmd/plugin/standalone-cluster/create.go index 05906eca4d..d67f3816db 100644 --- a/cli/cmd/plugin/standalone-cluster/create.go +++ b/cli/cmd/plugin/standalone-cluster/create.go @@ -232,7 +232,7 @@ func create(cmd *cobra.Command, args []string) error { // run the antrea patch for kind-specific deployments nodes := ListNodes(clusterName) for _, node := range nodes { - err := patchNodeForAntrea(node) + err := cluster.PatchForAntrea(node) if err != nil { log.Errorf("Failed to patch node!!! %s\n", err.Error()) } @@ -320,20 +320,6 @@ infraProvider: docker return createdSecret, err } -// this needs to happen for antrea running on kind or else you'll lose network connectivity -// see: https://github.com/antrea-io/antrea/blob/main/hack/kind-fix-networking.sh -// TODO(joshrosso): I noticed the kind image has the `ethtool` inside of it. Could we do this by executing in the -// containers created rather than doing this hack? -func patchNodeForAntrea(nodeName string) error { - // TODO(joshrosso): This is not portable for windows! We need to bring this into go. - _, err := exec.Command("/bin/sh", "cli/cmd/plugin/standalone-cluster/hack/patch-node-for-antrea.sh", nodeName).Output() - if err != nil { - return err - } - - return nil -} - // getTkgConfigDir returns the configuration directory used by tce. func getTkgConfigDir() (path string, err error) { home, err := os.UserHomeDir() diff --git a/cli/cmd/plugin/standalone-cluster/hack/patch-node-for-antrea.sh b/cli/cmd/plugin/standalone-cluster/hack/patch-node-for-antrea.sh deleted file mode 100644 index 74309b4d0c..0000000000 --- a/cli/cmd/plugin/standalone-cluster/hack/patch-node-for-antrea.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -peerIdx=$(docker exec $1 ip link | grep eth0 | awk -F[@:] '{ print $3 }' | cut -c 3-) -peerName=$(docker run --rm --net=host antrea/ethtool:latest ip link | grep ^"$peerIdx": | awk -F[:@] '{ print $2 }' | cut -c 2-) -docker run --rm --net=host --privileged antrea/ethtool:latest ethtool -K "$peerName" tx off -docker exec "$1" sysctl -w net.ipv4.conf.all.route_localnet=1