Skip to content

Instantly share code, notes, and snippets.

View anfernee's full-sized avatar

Yongkun Anfernee Gui anfernee

185 followers · 35 following
  • Google
  • San Francisco Bay area
View GitHub Profile
@anfernee
anfernee / cilium-e2e.md
Last active January 4, 2023 02:12

THE PR

The PR contains 2 commits: one fix to the datapath; the other e2e test which tests both the fix and the basic funtionatlity. The problem is the basic functionality part fails the e2e test. However, it is only reproducible in e2e test, not in dev cluster. We also included the same functionality in Anthos. I haven't figured out the reason.

Prerequisite

You would need a Linux machine (Ubuntu is fine), and install virtualbox on the machine.

@anfernee
anfernee / cilium-ipvlan.md
Last active June 14, 2021 05:12 
--datapath-mode=ipvlan 

Works with:
--ipvlan-master-device
--enable-ipv6 (required? maybe a bug) 


Not compatible with:
@anfernee
anfernee / dev-kubernetes.md
Last active May 5, 2021 05:15

Build kubernetes release

# The following command doesn't build windows node
kubetest2 gke --build --repo-root=$HOME/go/src/k8s.io/kubernetes --strategy=make --stage=gs://kubernetes-release-gke-internal/devel

# Use the following to build
KUBE_BUILD_PLATFORMS="linux/amd64 windows/amd64" make quick-release
@anfernee
anfernee / windows-deployment.yaml
Created April 27, 2021 00:37
apiVersion: v1
kind: Service
metadata:
name: win-webserver
labels:
app: win-webserver
spec:
ports:
# the port that this service should serve on
- port: 80
@anfernee
anfernee / antrea-note.md
Last active May 2, 2021 23:56

Linux node

noEncap mode GKE cluster

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
@anfernee
anfernee / kube-up-note.md
Last active March 16, 2021 19:22

  • create-master

    • echo "Starting master and configuring firewalls"
    • create firewall, disk, ip
    • create certs
    • create-master-instance

  • create-nodes-template # gce/util.sh

    • echo "Creating nodes."

  • write-linux-node-env

@anfernee
anfernee / cilium-bpf.md
Last active March 17, 2021 06:02

NodePort

Calling from bpf_host.c:to-netdev and bpf_overlay.c:to-overlay

  • nodeport_nat_fwd()
  • tail_handle_nat_fwd_ipv4()
    • nodeport_nat_ipv4_fwd()
      • snat_v4_needed(&addr, &from_endpoint) # check source see if it's from_endpoint.
      • if needed: snat_v4_process(EGRESS, target, from_endpoint) # DO SNAT
@anfernee
anfernee / cilium-options
Last active March 10, 2021 01:40
CILIUM_OPTS=--kvstore consul --kvstore-opt consul.address=127.0.0.1:8500
CILIUM_OPERATOR_OPTS=--kvstore consul --kvstore-opt consul.address=127.0.0.1:8500 --k8s-kubeconfig-path=/home/vagrant/.kube/config
HOME=/home/vagrant
## Path: System/Management
## Description: init system cilium is running on
## Type: string
## Default: ""
@anfernee
anfernee / 00-windows-note.md
Last active April 1, 2021 04:39
  • Install updates in windows
Install-Module PSWindowsUpdate
Get-Command -module PSWindowsUpdate 
# Add-WUServiceManager -MicrosoftUpdate 
Install-WindowsUpdate -MicrosoftUpdate -AcceptAll -AutoReboot
@anfernee
anfernee / egress-rule.md
Last active March 4, 2021 01:39

Original proposal:

kind: EgressRoute
metadata:
  name: egress
spec:
  egress:
  - namespaceSelector:
      matchLabels:
 user: alice