You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Did you modify the code of network-agent? What does eBPF/Tap/TCP (host netns via netlink HandleAt) mean? It looks like you changed the source code—could you share it?
Did you modify the code of network-agent? What does eBPF/Tap/TCP (host netns via netlink HandleAt) mean? It looks like you changed the source code—could you share it?
Nice work on the K8s deployment packaging. I have a few concerns about CNI compatibility:
TC BPF filter conflict with eBPF-mode CNIs:
network-agent calls cubevs.Init() which attaches TC BPF filters to eth0 ingress and lo ingress via legacy TC netlink (tnl.Filter().Replace() in CubeNet/cubevs/tc.go:43-75). Cilium in eBPF mode attaches its own TC BPF programs (from-netdev, to-netdev) to the same host interfaces — the two will overwrite each other, breaking either CubeSandbox networking or Cilium's kube-proxy replacement / host routing.
The bpffs mount-namespace isolation in start-network-agent.sh correctly solves the map pinning conflict, but the TC filter attachment conflict remains unresolved.
This means any K8s cluster running Cilium eBPF dataplane (or Calico eBPF mode) is incompatible with this deployment.
Questions:
What CNI / kube-proxy mode was this tested with?
Could you add CNI compatibility notes to the PR description or a README?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CubeSandbox on Kubernetes, compute node image build and deploy.
TencentCloud#636