github.com/cilium/cilium@v1.16.2/Documentation/installation/cni-chaining-generic-veth.rst

github.com/cilium/cilium@v1.16.2/Documentation/installation/cni-chaining-generic-veth.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      https://docs.cilium.io
     6  
     7  .. _generic_veth_cni_chaining:
     8  
     9  *********************
    10  Generic Veth Chaining
    11  *********************
    12  
    13  The generic veth chaining plugin enables CNI chaining on top of any CNI plugin
    14  that is using a veth device model. The majority of CNI plugins use such a
    15  model.
    16  
    17  .. include:: cni-chaining-limitations.rst
    18  
    19  Validate that the current CNI plugin is using veth
    20  ==================================================
    21  
    22  1. Log into one of the worker nodes using SSH
    23  2. Run ``ip -d link`` to list all network devices on the node. You should be
    24     able spot network devices representing the pods running on that node.
    25  3. A network device might look something like this:
    26  
    27     .. code-block:: shell-session
    28  
    29         103: lxcb3901b7f9c02@if102: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    30             link/ether 3a:39:92:17:75:6f brd ff:ff:ff:ff:ff:ff link-netnsid 18 promiscuity 0
    31             veth addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    32  4. The ``veth`` keyword on line 3 indicates that the network device type is virtual ethernet.
    33  
    34  If the CNI plugin you are chaining with is currently not using veth then the
    35  ``generic-veth`` plugin is not suitable. In that case, a full CNI chaining
    36  plugin is required which understands the device model of the underlying plugin.
    37  Writing such a plugin is trivial, contact us on `Cilium Slack`_ for more
    38  details.
    39  
    40  Create a CNI configuration to define your chaining configuration
    41  ================================================================
    42  
    43  Create a ``chaining.yaml`` file based on the following template to specify the
    44  desired CNI chaining configuration:
    45  
    46  
    47  .. code-block:: yaml
    48  
    49      apiVersion: v1
    50      kind: ConfigMap
    51      metadata:
    52        name: cni-configuration
    53        namespace: kube-system
    54      data:
    55        cni-config: |-
    56          {
    57            "name": "generic-veth",
    58            "cniVersion": "0.3.1",
    59            "plugins": [
    60              {
    61                "type": "XXX",
    62  	      [...]
    63              },
    64              {
    65                "type": "cilium-cni",
    66                "chaining-mode": "generic-veth"
    67              }
    68            ]
    69          }
    70  
    71  Deploy the :term:`ConfigMap`:
    72  
    73  .. code-block:: shell-session
    74  
    75     kubectl apply -f chaining.yaml
    76  
    77  Deploy Cilium with the portmap plugin enabled
    78  =============================================
    79  
    80  .. include:: k8s-install-download-release.rst
    81  
    82  Deploy Cilium release via Helm:
    83  
    84  .. parsed-literal::
    85  
    86      helm install cilium |CHART_RELEASE| \\
    87        --namespace=kube-system \\
    88        --set cni.chainingMode=generic-veth \\
    89        --set cni.customConf=true \\
    90        --set cni.configMap=cni-configuration \\
    91        --set routingMode=native \\
    92        --set enableIPv4Masquerade=false