Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support DSR in VXLAN tunneling mode #10114

Open
brb opened this issue Feb 10, 2020 · 5 comments
Open

support DSR in VXLAN tunneling mode #10114

brb opened this issue Feb 10, 2020 · 5 comments
Labels
area/loadbalancing Impacts load-balancing and Kubernetes service implementations feature/dsr Relates to Cilium's Direct-Server-Return feature for KPR. kind/feature This introduces new functionality. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
Projects
1.9.0

Comments

@brb
Copy link
Member

brb commented Feb 10, 2020

No description provided.

@brb brb added the kind/feature This introduces new functionality. label Feb 10, 2020
@brb brb added this to the 1.8 milestone Feb 10, 2020
@brb brb added this to Load-balancing in 1.8.0 Feb 10, 2020
@borkmann borkmann moved this from 1.8 planning to In progress (1.8) in 1.9 kube-proxy removal & general dp optimization Apr 8, 2020
@tgraf tgraf removed this from Load-balancing in 1.8.0 May 27, 2020
@tgraf tgraf added this to Load-balancing in 1.9.0 May 27, 2020
@borkmann borkmann moved this from In progress (1.8) to TODO (untriaged) in 1.9 kube-proxy removal & general dp optimization Jul 6, 2020
@borkmann borkmann moved this from TODO (untriaged & unsorted) to Priority unclear in 1.9 kube-proxy removal & general dp optimization Sep 4, 2020
@pchaigno pchaigno added area/kube-proxy-free pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. labels Feb 18, 2021
@brb brb removed this from the 1.8 milestone Jun 17, 2021
@brb brb unassigned brb and borkmann Jul 27, 2021
@inju-song
Copy link

Hello, @brb @borkmann and Cilium team,

We are a team that provides K8s cluster and network dataplane, and we are currently developing to provide Cilium-based k8 cluster as our company's container platform.

Our K8s cluster need to provide DSR in the tunneling mode. So, we developed this feature and use this feature to provide the load balancer DSR function in the VXLAN environment.

Cilium doesn't have feature that to enable DSR in the tunneling mode, so we can contribute this feature to the Cilium community. So I'm curious about your future plans for this issue.

@borkmann
Copy link
Member

Our K8s cluster need to provide DSR in the tunneling mode. So, we developed this feature and use this feature to provide the load balancer DSR function in the VXLAN environment.

Cilium doesn't have feature that to enable DSR in the tunneling mode, so we can contribute this feature to the Cilium community. So I'm curious about your future plans for this issue.

If you have implemented DSR with tunneling mode, that would be awesome and very much appreciated if you could upstream it to mainline Cilium.

Thanks Inju!

changwoo-nam added a commit to changwoo-nam/cilium that referenced this issue Dec 6, 2021
@changwoo-nam
datapath: Implement Direct Server Return (DSR) mode that can be used …
4bee3e1 
…with vxlan tunl mode

Adds DSR mode that can be used with tunl mode.
In the added DSR mode, the packet is forwarded through IPIP tunl to the node where the actual Pod is located.
To enable the added DSR mode, you need to add the settings below.
```
  bpf-lb-mode: dsr-tunl
  enable-remote-node-identity: "True"
```

Fixes: cilium#10114
Signed-off-by: changwoo.nam <changwoo.nam@navercorp.com>
changwoo-nam added a commit to changwoo-nam/cilium that referenced this issue Dec 10, 2021
@changwoo-nam
datapath: Enable DSR in the tunneling mode
ca0cf3a 
Adds DSR mode that can be used with tunl mode.
In the added DSR mode, the packet is forwarded through IPIP tunl to the node where the actual Pod is located.
To enable the added DSR mode, you need to add the settings below.

```
bpf-lb-mode: dsr-tunl
enable-remote-node-identity: "True"
```

Fixes: cilium#10114
changwoo-nam added a commit to changwoo-nam/cilium that referenced this issue Dec 10, 2021
@changwoo-nam
datapath: Enable DSR in the tunneling mode
c162336 
Adds DSR mode that can be used with tunl mode.
In the added DSR mode, the packet is forwarded through IPIP tunl to the node where the actual Pod is located.
To enable the added DSR mode, you need to add the settings below.

```
bpf-lb-mode: dsr-tunl
enable-remote-node-identity: "True"
```

Fixes: cilium#10114
Signed-off-by: changwoo-nam <changwoo.nam@navercorp.com>
changwoo-nam added a commit to changwoo-nam/cilium that referenced this issue Dec 10, 2021
@changwoo-nam
datapath: Enable DSR in the tunneling mode
3121d25 
Adds DSR mode that can be used with tunl mode.
In the added DSR mode, the packet is forwarded through IPIP tunl to the node where the actual Pod is located.
To enable the added DSR mode, you need to add the settings below.

```
bpf-lb-mode: dsr-tunl
enable-remote-node-identity: "True"
```

Fixes: cilium#10114
Signed-off-by: changwoo.nam <changwoo.nam@navercorp.com>
@changwoo-nam changwoo-nam mentioned this issue Dec 10, 2021
Closed
6 tasks
@brb brb removed this from Priority unclear in 1.9 kube-proxy removal & general dp optimization Apr 28, 2022
@brb
Copy link
Member Author

brb commented Apr 28, 2022

@inju-song Hey, are you still on the issue?

@anfernee
Copy link
Contributor

I am trying to look into this issue. Is the key to forward to a node that shares the same subnet as the service VIP? Is there any other caveat comparing to non-tunnel mode?

@julianwiedmann
Copy link
Member

I am trying to look into this issue. Is the key to forward to a node that shares the same subnet as the service VIP? Is there any other caveat comparing to non-tunnel mode?

FYI, v1.14 will offer DSR using GENEVE tunneling (#23890).

@julianwiedmann julianwiedmann added the area/loadbalancing Impacts load-balancing and Kubernetes service implementations label Aug 30, 2023
@julianwiedmann julianwiedmann changed the title Enable DSR in the tunneling mode support DSR in VXLAN tunneling mode Sep 7, 2023
@julianwiedmann julianwiedmann added the feature/dsr Relates to Cilium's Direct-Server-Return feature for KPR. label May 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/loadbalancing Impacts load-balancing and Kubernetes service implementations feature/dsr Relates to Cilium's Direct-Server-Return feature for KPR. kind/feature This introduces new functionality. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
Projects
No open projects
1.9.0
  
Load-balancing
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

datapath: Enable DSR in the tunneling mode changwoo-nam/cilium
7 participants
@brb @anfernee @borkmann @pchaigno @aanm @julianwiedmann @inju-song