vmware: Disable UDP offload for primary interface #2850
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
yeazelm
approved these changes
Mar 3, 2023
stmcginnis
approved these changes
Mar 3, 2023
Couple notes:
Please revise the PR description and commit message accordingly. |
bcressey
reviewed
Mar 3, 2023
In VMware, the Geneve / VXLan tunnels used by Cilium affect the vmxnet3 driver in recent kernels and can cause issues. Disabling UDP offload works around this problem. This commit adds a systemd unit to VMware variants only. The systemd unit disables UDP offload for the default primary interface (eth0) via ethtool commands. The unit is required by preconfigured.target and runs before bootstrap containers, which allows the user the chance to revert the change in a bootstrap container if they see fit.
zmrow
force-pushed
the
vmware-ethtool-unit
branch
from
db3b8e5
to
af3dd0f
Compare
|
^ Addresses @bcressey 's comments. |
bcressey
approved these changes
Mar 6, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue number:
N/A
Depends on #2829
Description of changes:
We've had reports of Bottlerocket in VMware having networking issues that we've traced back to the combination of our 5.10 kernel and the
vmxnet3driver. This driver enables UDP offload which has caused conflicts with NSX-T in certain environments.This PR adds a systemd unit to VMware variants only. The systemd unit disables UDP offload via
ethtoolcommands for the default primary interface in VMware:eth0.The unit does reference
eth0. Given thateth0is the default primary interface in VMware, and changing it isn't trivial (especially with EKS-A), this felt pretty safe and should cover the 98% use case.If a user does opt to do their own networking shenanigans, and runs into an issue where UDP offload is a problem, they are able to use a bootstrap container to run this same set of commands for their preferred interface.
Testing done:
aws-k8s-1.24image and ensure the unit does not exist and is not runvmware-k8s-1.24image and ensure the unit runs and the settings are applied for the interface.Without the systemd unit - the settings show as "on":
Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.