From ae4b6d3b6c4125e136e97f6ac5a5dd6b41fcb6b0 Mon Sep 17 00:00:00 2001 From: Wei Zhou Date: Wed, 26 Jun 2024 08:48:50 +0200 Subject: [PATCH] CKS/calico: set arp_ignore and arp_announce to 0 in k8s controller/nodes (#9186) --- .../src/main/resources/conf/k8s-control-node-add.yml | 11 +++++++++++ .../src/main/resources/conf/k8s-control-node.yml | 11 +++++++++++ .../src/main/resources/conf/k8s-node.yml | 11 +++++++++++ 3 files changed, 33 insertions(+) diff --git a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml index 2c18efa0189..429e2eff098 100644 --- a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml +++ b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node-add.yml @@ -36,6 +36,17 @@ write_files: exit 0 fi + sysctl net.ipv4.conf.default.arp_announce=0 + sysctl net.ipv4.conf.default.arp_ignore=0 + sysctl net.ipv4.conf.all.arp_announce=0 + sysctl net.ipv4.conf.all.arp_ignore=0 + sysctl net.ipv4.conf.eth0.arp_announce=0 + sysctl net.ipv4.conf.eth0.arp_ignore=0 + sed -i "s/net.ipv4.conf.default.arp_announce =.*$/net.ipv4.conf.default.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.default.arp_ignore =.*$/net.ipv4.conf.default.arp_ignore = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_announce =.*$/net.ipv4.conf.all.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_ignore =.*$/net.ipv4.conf.all.arp_ignore = 0/" /etc/sysctl.conf + ISO_MOUNT_DIR=/mnt/k8sdisk BINARIES_DIR=${ISO_MOUNT_DIR}/ K8S_CONFIG_SCRIPTS_COPY_DIR=/tmp/k8sconfigscripts/ diff --git a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml index aa7eec97ac8..4bc2c2c6d3e 100644 --- a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml +++ b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-control-node.yml @@ -56,6 +56,17 @@ write_files: exit 0 fi + sysctl net.ipv4.conf.default.arp_announce=0 + sysctl net.ipv4.conf.default.arp_ignore=0 + sysctl net.ipv4.conf.all.arp_announce=0 + sysctl net.ipv4.conf.all.arp_ignore=0 + sysctl net.ipv4.conf.eth0.arp_announce=0 + sysctl net.ipv4.conf.eth0.arp_ignore=0 + sed -i "s/net.ipv4.conf.default.arp_announce =.*$/net.ipv4.conf.default.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.default.arp_ignore =.*$/net.ipv4.conf.default.arp_ignore = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_announce =.*$/net.ipv4.conf.all.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_ignore =.*$/net.ipv4.conf.all.arp_ignore = 0/" /etc/sysctl.conf + ISO_MOUNT_DIR=/mnt/k8sdisk BINARIES_DIR=${ISO_MOUNT_DIR}/ K8S_CONFIG_SCRIPTS_COPY_DIR=/tmp/k8sconfigscripts/ diff --git a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml index de1f4c9ffc7..ad5bb9d19a6 100644 --- a/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml +++ b/plugins/integrations/kubernetes-service/src/main/resources/conf/k8s-node.yml @@ -36,6 +36,17 @@ write_files: exit 0 fi + sysctl net.ipv4.conf.default.arp_announce=0 + sysctl net.ipv4.conf.default.arp_ignore=0 + sysctl net.ipv4.conf.all.arp_announce=0 + sysctl net.ipv4.conf.all.arp_ignore=0 + sysctl net.ipv4.conf.eth0.arp_announce=0 + sysctl net.ipv4.conf.eth0.arp_ignore=0 + sed -i "s/net.ipv4.conf.default.arp_announce =.*$/net.ipv4.conf.default.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.default.arp_ignore =.*$/net.ipv4.conf.default.arp_ignore = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_announce =.*$/net.ipv4.conf.all.arp_announce = 0/" /etc/sysctl.conf + sed -i "s/net.ipv4.conf.all.arp_ignore =.*$/net.ipv4.conf.all.arp_ignore = 0/" /etc/sysctl.conf + ISO_MOUNT_DIR=/mnt/k8sdisk BINARIES_DIR=${ISO_MOUNT_DIR}/ K8S_CONFIG_SCRIPTS_COPY_DIR=/tmp/k8sconfigscripts/