From 2c254491a7058f1a10544eca184ff296a28f4bc9 Mon Sep 17 00:00:00 2001 From: Hongliang Liu Date: Fri, 6 Dec 2024 11:59:05 +0800 Subject: [PATCH] Enable disabling TX checksum offload for Antrea host gateway This commit introduces the ability to disable TX checksum offload for the host gateway interface (default: `antrea-gw0`) by setting the `disableTXChecksumOffload` option to `true`. If this option is later set to false, Antrea does nothing to the affected container network interfaces and the host gateway interface. To restore the default TX checksum state of the affected interfaces, it is recommended to delete them and recreate. To delete the affected interfaces, for container network interfaces, delete the corresponding Pods; for the host gateway interface, uninstall Antrea, reboot all K8s Nodes and install Antrea. Signed-off-by: Hongliang Liu --- build/charts/antrea/conf/antrea-agent.conf | 6 +++--- build/yamls/antrea-aks.yml | 10 +++++----- build/yamls/antrea-eks.yml | 10 +++++----- build/yamls/antrea-gke.yml | 10 +++++----- build/yamls/antrea-ipsec.yml | 10 +++++----- build/yamls/antrea.yml | 10 +++++----- pkg/agent/agent_linux.go | 2 +- pkg/config/agent/config.go | 6 +++--- 8 files changed, 32 insertions(+), 32 deletions(-) diff --git a/build/charts/antrea/conf/antrea-agent.conf b/build/charts/antrea/conf/antrea-agent.conf index 272457d30bb..a5d9a3aa13d 100644 --- a/build/charts/antrea/conf/antrea-agent.conf +++ b/build/charts/antrea/conf/antrea-agent.conf @@ -182,9 +182,9 @@ enableBridgingMode: {{ .Values.enableBridgingMode }} # Disable TX checksum offloading for container network interfaces and the host gateway interface (default: # antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, # which causes packets to be dropped due to bad checksum. -# If this option is later set to false, for the host gateway interface, Antrea will not restore its -# original TX checksum state, as Antrea does not retain the original configuration. Users are responsible -# for manually reconfiguring the setting if needed. +# If this option is later set to false, Antrea does nothing to the affected container network interfaces +# and the host gateway interface. To restore the default TX checksum state of the affected interfaces, +# it is recommended to delete them and recreate. # This option affects Linux Nodes only. disableTXChecksumOffload: {{ .Values.disableTXChecksumOffload }} diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index eebe8f79d8f..d22a48e814f 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -4125,9 +4125,9 @@ data: # Disable TX checksum offloading for container network interfaces and the host gateway interface (default: # antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, # which causes packets to be dropped due to bad checksum. - # If this option is later set to false, for the host gateway interface, Antrea will not restore its - # original TX checksum state, as Antrea does not retain the original configuration. Users are responsible - # for manually reconfiguring the setting if needed. + # If this option is later set to false, Antrea does nothing to the affected container network interfaces + # and the host gateway interface. To restore the default TX checksum state of the affected interfaces, + # it is recommended to delete them and recreate. # This option affects Linux Nodes only. disableTXChecksumOffload: false @@ -5398,7 +5398,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: c33eb2561c88bdaa139731764e64f7e2e82a352e565277e91a3e8d6b7cc5ad8e + checksum/config: 23ae11f3cd06f1152ba1c5a16d206745aec469055e6f0a43518671bbe3285462 labels: app: antrea component: antrea-agent @@ -5636,7 +5636,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: c33eb2561c88bdaa139731764e64f7e2e82a352e565277e91a3e8d6b7cc5ad8e + checksum/config: 23ae11f3cd06f1152ba1c5a16d206745aec469055e6f0a43518671bbe3285462 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index 0af6e8abe33..9d723a7909c 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -4125,9 +4125,9 @@ data: # Disable TX checksum offloading for container network interfaces and the host gateway interface (default: # antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, # which causes packets to be dropped due to bad checksum. - # If this option is later set to false, for the host gateway interface, Antrea will not restore its - # original TX checksum state, as Antrea does not retain the original configuration. Users are responsible - # for manually reconfiguring the setting if needed. + # If this option is later set to false, Antrea does nothing to the affected container network interfaces + # and the host gateway interface. To restore the default TX checksum state of the affected interfaces, + # it is recommended to delete them and recreate. # This option affects Linux Nodes only. disableTXChecksumOffload: false @@ -5398,7 +5398,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: c33eb2561c88bdaa139731764e64f7e2e82a352e565277e91a3e8d6b7cc5ad8e + checksum/config: 23ae11f3cd06f1152ba1c5a16d206745aec469055e6f0a43518671bbe3285462 labels: app: antrea component: antrea-agent @@ -5637,7 +5637,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: c33eb2561c88bdaa139731764e64f7e2e82a352e565277e91a3e8d6b7cc5ad8e + checksum/config: 23ae11f3cd06f1152ba1c5a16d206745aec469055e6f0a43518671bbe3285462 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index 7090dd2619b..ab73d99b592 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -4125,9 +4125,9 @@ data: # Disable TX checksum offloading for container network interfaces and the host gateway interface (default: # antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, # which causes packets to be dropped due to bad checksum. - # If this option is later set to false, for the host gateway interface, Antrea will not restore its - # original TX checksum state, as Antrea does not retain the original configuration. Users are responsible - # for manually reconfiguring the setting if needed. + # If this option is later set to false, Antrea does nothing to the affected container network interfaces + # and the host gateway interface. To restore the default TX checksum state of the affected interfaces, + # it is recommended to delete them and recreate. # This option affects Linux Nodes only. disableTXChecksumOffload: false @@ -5398,7 +5398,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: d1bc82a4105dd68d41a246fdeaa94f523a312d25a015a4af642db3dd921d9ca2 + checksum/config: c53b2ce4d1af6f5dbb05f3a6a4b42df7bfb32ce6beea950903c2bfa3b030d682 labels: app: antrea component: antrea-agent @@ -5634,7 +5634,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: d1bc82a4105dd68d41a246fdeaa94f523a312d25a015a4af642db3dd921d9ca2 + checksum/config: c53b2ce4d1af6f5dbb05f3a6a4b42df7bfb32ce6beea950903c2bfa3b030d682 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index 035b26aee1a..0bd0ef155c3 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -4138,9 +4138,9 @@ data: # Disable TX checksum offloading for container network interfaces and the host gateway interface (default: # antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, # which causes packets to be dropped due to bad checksum. - # If this option is later set to false, for the host gateway interface, Antrea will not restore its - # original TX checksum state, as Antrea does not retain the original configuration. Users are responsible - # for manually reconfiguring the setting if needed. + # If this option is later set to false, Antrea does nothing to the affected container network interfaces + # and the host gateway interface. To restore the default TX checksum state of the affected interfaces, + # it is recommended to delete them and recreate. # This option affects Linux Nodes only. disableTXChecksumOffload: false @@ -5411,7 +5411,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 27b65f250725362ac4a550513f781b82c6b6c6145c0ce660cc3beaebe221bb68 + checksum/config: 86dca0ab732878d94c7927b999fd348f19c386dd9dc10f8bb6642a258c3f74d1 checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4 labels: app: antrea @@ -5693,7 +5693,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: 27b65f250725362ac4a550513f781b82c6b6c6145c0ce660cc3beaebe221bb68 + checksum/config: 86dca0ab732878d94c7927b999fd348f19c386dd9dc10f8bb6642a258c3f74d1 labels: app: antrea component: antrea-controller diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index 0b551f0ae86..8c09974d0bf 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -4125,9 +4125,9 @@ data: # Disable TX checksum offloading for container network interfaces and the host gateway interface (default: # antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, # which causes packets to be dropped due to bad checksum. - # If this option is later set to false, for the host gateway interface, Antrea will not restore its - # original TX checksum state, as Antrea does not retain the original configuration. Users are responsible - # for manually reconfiguring the setting if needed. + # If this option is later set to false, Antrea does nothing to the affected container network interfaces + # and the host gateway interface. To restore the default TX checksum state of the affected interfaces, + # it is recommended to delete them and recreate. # This option affects Linux Nodes only. disableTXChecksumOffload: false @@ -5398,7 +5398,7 @@ spec: kubectl.kubernetes.io/default-container: antrea-agent # Automatically restart Pods with a RollingUpdate if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: f61c0982305ae124c954dc3980b6bacabc23663e7eab46da17dd9d65fbf8a997 + checksum/config: b5c43688f60e69b5c166344b70a6d57bb5c4740ab9f13fd17b1e0b1899234448 labels: app: antrea component: antrea-agent @@ -5634,7 +5634,7 @@ spec: annotations: # Automatically restart Pod if the ConfigMap changes # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments - checksum/config: f61c0982305ae124c954dc3980b6bacabc23663e7eab46da17dd9d65fbf8a997 + checksum/config: b5c43688f60e69b5c166344b70a6d57bb5c4740ab9f13fd17b1e0b1899234448 labels: app: antrea component: antrea-controller diff --git a/pkg/agent/agent_linux.go b/pkg/agent/agent_linux.go index 7de2bfcf398..b4797c47fe5 100644 --- a/pkg/agent/agent_linux.go +++ b/pkg/agent/agent_linux.go @@ -269,7 +269,7 @@ func (i *Initializer) setTXChecksumOffload() error { if err := ethtool.EthtoolTXHWCsumOff(i.hostGateway); err != nil { return fmt.Errorf("error when disabling TX checksum offload on %s: %v", i.hostGateway, err) } - klog.Warningf("Disabled TX checksum offload on %s", i.hostGateway) + klog.InfoS("Disabled TX checksum offload on host gateway interface", "hostGateway", i.hostGateway) } return nil } diff --git a/pkg/config/agent/config.go b/pkg/config/agent/config.go index 63e14c9aa07..815269af641 100644 --- a/pkg/config/agent/config.go +++ b/pkg/config/agent/config.go @@ -123,9 +123,9 @@ type AgentConfig struct { // Disable TX checksum offloading for container network interfaces and the host gateway interface (default: // antrea-gw0). It's supposed to be set to true when the datapath doesn't support TX checksum offloading, // which causes packets to be dropped due to bad checksum. - // If this option is later set to false, for the host gateway interface, Antrea will not restore its - // original TX checksum state, as Antrea does not retain the original configuration. Users are responsible - // for manually reconfiguring the setting if needed. + // If this option is later set to false, Antrea does nothing to the affected container network interfaces + // and the host gateway interface. To restore the default TX checksum state of the affected interfaces, + // it is recommended to delete them and recreate. // This option affects Linux Nodes only. DisableTXChecksumOffload bool `yaml:"disableTXChecksumOffload,omitempty"` // APIPort is the port for the antrea-agent APIServer to serve on.