[no ci] working default routing

2024-10-01 01:36:09 -04:00 · 2022-09-26 17:32:53 +02:00 · 2022-09-26 17:32:53 +02:00 · fdc667e61e
commit fdc667e61e
parent 75a1076f6b
2 changed files with 10 additions and 7 deletions
--- a/bootstrapper/internal/kubernetes/k8sapi/resources/konnectivity.go
+++ b/bootstrapper/internal/kubernetes/k8sapi/resources/konnectivity.go
@ -114,9 +114,12 @@ func NewKonnectivityAgents(konnectivityServerAddress string) *konnectivityAgents
 									"--sync-forever=true",
 									// Ensure stable connection to the konnectivity server.
 									"--keepalive-time=20s",
-									"--sync-interval=1s",     // GKE: 5s
-									"--sync-interval-cap=3s", // GKE: 30s
-									"--probe-interval=1s",    // GKE: 5s
+									// "--sync-interval=1s",     // GKE: 5s
+									// "--sync-interval-cap=3s", // GKE: 30s
+									// "--probe-interval=1s",    // GKE: 5s
+									"--sync-interval=5s",      // GKE: 5s
+									"--sync-interval-cap=30s", // GKE: 30s
+									"--probe-interval=5s",     // GKE: 5s
 									"--v=3",
 								},
 								Env: []corev1.EnvVar{
@ -332,8 +335,8 @@ func NewKonnectivityServerStaticPod(nodeCIDR, csp string) *konnectivityServerSta
 	}
 	// Add strict routing via setting "--node-cidr=10.9.0.0/16" as argument.
 	if csp != "gcp" {
-		yaml.StaticPod.Spec.Containers[0].Args = append(yaml.StaticPod.Spec.Containers[0].Args, "--node-cidr="+nodeCIDR)
-		yaml.StaticPod.Spec.Containers[0].Args = append(yaml.StaticPod.Spec.Containers[0].Args, "--proxy-strategies=destHost,default")
+		// yaml.StaticPod.Spec.Containers[0].Args = append(yaml.StaticPod.Spec.Containers[0].Args, "--node-cidr="+nodeCIDR)
+		yaml.StaticPod.Spec.Containers[0].Args = append(yaml.StaticPod.Spec.Containers[0].Args, "--proxy-strategies=default")
 	} else {
 		yaml.StaticPod.Spec.Containers[0].Args = append(yaml.StaticPod.Spec.Containers[0].Args, "--proxy-strategies=default")
 	}
--- a/internal/versions/versions.go
+++ b/internal/versions/versions.go
@ -45,8 +45,8 @@ const (
 	// These images are built in a way that they support all versions currently listed in VersionConfigs.
 	KonnectivityAgentImage = "us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.32"
 	// TODO: switch back to official image once cilium node2node encryption is enabled.
-	// KonnectivityServerImage = "registry.k8s.io/kas-network-proxy/proxy-server:v0.0.32".
-	KonnectivityServerImage  = "ghcr.io/3u13r/constellation-konnectivity-server:v0.0.33-edgeless@sha256:75a46a3d6cca859e301059ba62324cf986826122ec315a753dd7389d3fe09473"
+	// KonnectivityServerImage = "registry.k8s.io/kas-network-proxy/proxy-server:v0.0.32"
+	KonnectivityServerImage  = "ghcr.io/3u13r/constellation-konnectivity-server:latest@sha256:a737d2c50f5a2612ffccf2c47349bcccf60fb6e79dfa9af5a50352ae9bc24753"
 	JoinImage                = "ghcr.io/edgelesssys/constellation/join-service:v2.0.0"
 	AccessManagerImage       = "ghcr.io/edgelesssys/constellation/access-manager:v2.0.0"
 	KmsImage                 = "ghcr.io/edgelesssys/constellation/kmsserver:v2.0.0"