helm: allow multiple default routes (#3344)

This commit is contained in:
Markus Rudy 2024-09-10 13:17:26 +02:00 committed by GitHub
parent 3e37819fe7
commit 98f359e039
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 35 additions and 9 deletions

View File

@ -764,13 +764,14 @@ spec:
- -exc - -exc
- | - |
pref=32 pref=32
interface=$(ip route | awk '/^default/ { print $5 }') for interface in $(ip route | awk '/^default/ { print $5 }'); do
tc qdisc add dev "${interface}" clsact || true tc qdisc add dev "${interface}" clsact || true
tc filter del dev "${interface}" ingress pref "${pref}" 2>/dev/null || true tc filter del dev "${interface}" ingress pref "${pref}" 2>/dev/null || true
handle=0 handle=0
for cidr in ${POD_CIDRS}; do for cidr in ${POD_CIDRS}; do
handle=$((handle + 1)) handle=$((handle + 1))
tc filter replace dev "${interface}" ingress pref "${pref}" handle "${handle}" protocol ip flower dst_ip "${cidr}" action drop tc filter replace dev "${interface}" ingress pref "${pref}" handle "${handle}" protocol ip flower dst_ip "${cidr}" action drop
done
done done
env: env:
- name: POD_CIDRS - name: POD_CIDRS

View File

@ -1,5 +1,5 @@
diff --git a/install/kubernetes/cilium/Chart.yaml b/install/kubernetes/cilium/Chart.yaml diff --git a/install/kubernetes/cilium/Chart.yaml b/install/kubernetes/cilium/Chart.yaml
index 256a79542..3f3fc714b 100644 index 4df10f166b..9f079933b2 100644
--- a/install/kubernetes/cilium/Chart.yaml --- a/install/kubernetes/cilium/Chart.yaml
+++ b/install/kubernetes/cilium/Chart.yaml +++ b/install/kubernetes/cilium/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2 @@ -2,8 +2,8 @@ apiVersion: v2
@ -13,4 +13,29 @@ index 256a79542..3f3fc714b 100644
kubeVersion: ">= 1.16.0-0" kubeVersion: ">= 1.16.0-0"
icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.15/Documentation/images/logo-solo.svg icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.15/Documentation/images/logo-solo.svg
description: eBPF-based Networking, Security, and Observability description: eBPF-based Networking, Security, and Observability
diff --git a/install/kubernetes/cilium/templates/cilium-agent/daemonset.yaml b/install/kubernetes/cilium/templates/cilium-agent/daemonset.yaml
index ffd5935ba1..e2b8ccff6c 100644
--- a/install/kubernetes/cilium/templates/cilium-agent/daemonset.yaml
+++ b/install/kubernetes/cilium/templates/cilium-agent/daemonset.yaml
@@ -764,13 +764,14 @@ spec:
- -exc
- |
pref=32
- interface=$(ip route | awk '/^default/ { print $5 }')
- tc qdisc add dev "${interface}" clsact || true
- tc filter del dev "${interface}" ingress pref "${pref}" 2>/dev/null || true
- handle=0
- for cidr in ${POD_CIDRS}; do
- handle=$((handle + 1))
- tc filter replace dev "${interface}" ingress pref "${pref}" handle "${handle}" protocol ip flower dst_ip "${cidr}" action drop
+ for interface in $(ip route | awk '/^default/ { print $5 }'); do
+ tc qdisc add dev "${interface}" clsact || true
+ tc filter del dev "${interface}" ingress pref "${pref}" 2>/dev/null || true
+ handle=0
+ for cidr in ${POD_CIDRS}; do
+ handle=$((handle + 1))
+ tc filter replace dev "${interface}" ingress pref "${pref}" handle "${handle}" protocol ip flower dst_ip "${cidr}" action drop
+ done
done
env:
- name: POD_CIDRS