From 3a7d5f1df149ffd8b30b2a7e5abb466465445b97 Mon Sep 17 00:00:00 2001 From: Wei Zhou Date: Fri, 7 Jun 2024 10:52:49 +0200 Subject: [PATCH] CKS/calico: set arp_ignore and arp_announce to 0 in k8s controller/nodes --- .../src/main/resources/conf/k8s-control-node-add.yml | 11 +++++++++++ .../src/main/resources/conf/k8s-control-node.yml | 11 +++++++++++ .../src/main/resources/conf/k8s-node.yml | 11 +++++++++++ 3 files changed, 33 insertions(+) diff --git a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml index 2c18efa01891..429e2eff0985 100644 --- a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml +++ b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml @@ -36,6 +36,17 @@ write_files: exit 0 fi + sysctl net.ipv4.conf.default.arp_announce=0 + sysctl net.ipv4.conf.default.arp_ignore=0 + sysctl net.ipv4.conf.all.arp_announce=0 + sysctl net.ipv4.conf.all.arp_ignore=0 + sysctl net.ipv4.conf.eth0.arp_announce=0 + sysctl net.ipv4.conf.eth0.arp_ignore=0 + sed -i "s/net.ipv4.conf.default.arp_announce =.*$/net.ipv4.conf.default.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.default.arp_ignore =.*$/net.ipv4.conf.default.arp_ignore = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_announce =.*$/net.ipv4.conf.all.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_ignore =.*$/net.ipv4.conf.all.arp_ignore = 0/" /etc/sysctl.conf + ISO_MOUNT_DIR=/mnt/k8sdisk BINARIES_DIR=${ISO_MOUNT_DIR}/ K8S_CONFIG_SCRIPTS_COPY_DIR=/tmp/k8sconfigscripts/ diff --git a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml index aa7eec97ac82..4bc2c2c6d3ed 100644 --- a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml +++ b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml @@ -56,6 +56,17 @@ write_files: exit 0 fi + sysctl net.ipv4.conf.default.arp_announce=0 + sysctl net.ipv4.conf.default.arp_ignore=0 + sysctl net.ipv4.conf.all.arp_announce=0 + sysctl net.ipv4.conf.all.arp_ignore=0 + sysctl net.ipv4.conf.eth0.arp_announce=0 + sysctl net.ipv4.conf.eth0.arp_ignore=0 + sed -i "s/net.ipv4.conf.default.arp_announce =.*$/net.ipv4.conf.default.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.default.arp_ignore =.*$/net.ipv4.conf.default.arp_ignore = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_announce =.*$/net.ipv4.conf.all.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_ignore =.*$/net.ipv4.conf.all.arp_ignore = 0/" /etc/sysctl.conf + ISO_MOUNT_DIR=/mnt/k8sdisk BINARIES_DIR=${ISO_MOUNT_DIR}/ K8S_CONFIG_SCRIPTS_COPY_DIR=/tmp/k8sconfigscripts/ diff --git a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml index de1f4c9ffc70..ad5bb9d19a6f 100644 --- a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml +++ b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml @@ -36,6 +36,17 @@ write_files: exit 0 fi + sysctl net.ipv4.conf.default.arp_announce=0 + sysctl net.ipv4.conf.default.arp_ignore=0 + sysctl net.ipv4.conf.all.arp_announce=0 + sysctl net.ipv4.conf.all.arp_ignore=0 + sysctl net.ipv4.conf.eth0.arp_announce=0 + sysctl net.ipv4.conf.eth0.arp_ignore=0 + sed -i "s/net.ipv4.conf.default.arp_announce =.*$/net.ipv4.conf.default.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.default.arp_ignore =.*$/net.ipv4.conf.default.arp_ignore = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_announce =.*$/net.ipv4.conf.all.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_ignore =.*$/net.ipv4.conf.all.arp_ignore = 0/" /etc/sysctl.conf + ISO_MOUNT_DIR=/mnt/k8sdisk BINARIES_DIR=${ISO_MOUNT_DIR}/ K8S_CONFIG_SCRIPTS_COPY_DIR=/tmp/k8sconfigscripts/