docs: NodePort XDP on Azure #12150
Merged
docs: NodePort XDP on Azure #12150
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gandro
added
area/documentation
|
Please set the appropriate release note label. |
2 similar comments
|
Please set the appropriate release note label. |
|
Please set the appropriate release note label. |
gandro
added
the
release-note/misc
20 tasks
This adds a basic section with details on how to run NodePort XDP on
Azure. There are two things needed to get native XDP on a Azure VM:
- The VM needs to be have "Accelerated Networking", which attaches
an native XDP capable `mlx4`/`mlx5` NIC.
- Because the above VF card acts as a slave to the Hyper-V NIC on
Azure, the running kernel must in addition also have native XDP
for the `hv_netvsc` driver. This is available in Linux >= 5.6 [1].
Unfortunately, this means that running NodePort XDP on e.g. AKS is not
straightforward, as none of the provided VM images right now offer
native XDP for `hv_netsvc`. There is an open issue to add backport this
to Ubuntu, which is likely to land in the next few weeks [2].
Beacuse we cannot use the stock images for now, I have therefore
validated the setup on a self-managed Kubernetes cluster set up
with `kubeadm` on Flatcar Container Linux Edge. This one of few
Azure supporting distributions with kernel 5.6+. It runs NodePort XDP
and passes the `connectivity-check.yaml` with the `helm install`
command provided in the section. I used Azure IPAM, as I was not able
to convince the underlying vnet forward the pod-to-pod traffic
otherwise.
Because my setup is rather ad-hoc and therefore not recommended for
production use, we abstain from a step-by-step guide until native XDP
for `hv_netsvc` is available in official Azure images.
[1] https://lore.kernel.org/netdev/1579816355-6933-2-git-send-email-haiyangz@microsoft.com/
[2] https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1877654
Signed-off-by: Sebastian Wicki <sebastian@isovalent.com>
gandro
force-pushed
the
pr/gandro/docs-nodeport-xdp-on-azure
branch
from
ecc18a3
to
42263ba
Compare
borkmann
approved these changes
Jun 17, 2020
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.8
in 1.8.0
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.8
in 1.8.0
maintainer-s-little-helper
bot
moved this from Backport pending to v1.8
to Backport done to v1.8
in 1.8.0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a basic section with details on how to run NodePort XDP on
Azure. There are two things needed to get native XDP on a Azure VM:
an native XDP capable
mlx4/mlx5NIC.Azure, the running kernel must in addition also have native XDP
for the
hv_netvscdriver. This is available in Linux >= 5.6 [1].Unfortunately, this means that running NodePort XDP on e.g. AKS is not
straightforward, as none of the provided VM images right now offer
native XDP for
hv_netsvc. There is an open issue to add backport thisto Ubuntu, which is likely to land in the next few weeks [2].
Beacuse we cannot use the stock images for now, I have therefore
validated the setup on a self-managed Kubernetes cluster set up
with
kubeadmon Flatcar Container Linux Edge. This one of fewAzure supporting distributions with kernel 5.6+. It runs NodePort XDP
and passes the
connectivity-check.yamlwith thehelm installcommand provided in the section. I used Azure IPAM, as I was not able
to convince the underlying vnet forward the pod-to-pod traffic
otherwise.
Because my setup is rather ad-hoc and therefore not recommended for
production use, we abstain from a step-by-step guide until native XDP
for
hv_netsvcis available in official Azure images.[1] https://lore.kernel.org/netdev/1579816355-6933-2-git-send-email-haiyangz@microsoft.com/
[2] https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1877654