Add switch cilium_enable_bandwidth_manager (#9441)
Signed-off-by: dcwbq <biqiang.wu@daocloud.io> Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
This commit is contained in:
parent
4d3f637684
commit
c681435432
3 changed files with 33 additions and 0 deletions
|
@ -121,6 +121,23 @@ cilium_encryption_type: "wireguard"
|
||||||
|
|
||||||
Kubespray currently supports Linux distributions with Wireguard Kernel mode on Linux 5.6 and newer.
|
Kubespray currently supports Linux distributions with Wireguard Kernel mode on Linux 5.6 and newer.
|
||||||
|
|
||||||
|
## Bandwidth Manager
|
||||||
|
|
||||||
|
Cilium’s bandwidth manager supports the kubernetes.io/egress-bandwidth Pod annotation.
|
||||||
|
|
||||||
|
Bandwidth enforcement currently does not work in combination with L7 Cilium Network Policies.
|
||||||
|
In case they select the Pod at egress, then the bandwidth enforcement will be disabled for those Pods.
|
||||||
|
|
||||||
|
Bandwidth Manager requires a v5.1.x or more recent Linux kernel.
|
||||||
|
|
||||||
|
For further information, make sure to check the official [Cilium documentation.](https://docs.cilium.io/en/v1.12/gettingstarted/bandwidth-manager/)
|
||||||
|
|
||||||
|
To use this function, set the following parameters
|
||||||
|
|
||||||
|
```yml
|
||||||
|
cilium_enable_bandwidth_manager: true
|
||||||
|
```
|
||||||
|
|
||||||
## Install Cilium Hubble
|
## Install Cilium Hubble
|
||||||
|
|
||||||
k8s-net-cilium.yml:
|
k8s-net-cilium.yml:
|
||||||
|
|
|
@ -103,6 +103,13 @@ cilium_ipsec_node_encryption: false
|
||||||
# This option is only effective when `cilium_encryption_type` is set to `wireguard`.
|
# This option is only effective when `cilium_encryption_type` is set to `wireguard`.
|
||||||
cilium_wireguard_userspace_fallback: false
|
cilium_wireguard_userspace_fallback: false
|
||||||
|
|
||||||
|
# Enable Bandwidth Manager
|
||||||
|
# Cilium’s bandwidth manager supports the kubernetes.io/egress-bandwidth Pod annotation.
|
||||||
|
# Bandwidth enforcement currently does not work in combination with L7 Cilium Network Policies.
|
||||||
|
# In case they select the Pod at egress, then the bandwidth enforcement will be disabled for those Pods.
|
||||||
|
# Bandwidth Manager requires a v5.1.x or more recent Linux kernel.
|
||||||
|
cilium_enable_bandwidth_manager: false
|
||||||
|
|
||||||
# IP Masquerade Agent
|
# IP Masquerade Agent
|
||||||
# https://docs.cilium.io/en/stable/concepts/networking/masquerading/
|
# https://docs.cilium.io/en/stable/concepts/networking/masquerading/
|
||||||
# By default, all packets from a pod destined to an IP address outside of the cilium_native_routing_cidr range are masqueraded
|
# By default, all packets from a pod destined to an IP address outside of the cilium_native_routing_cidr range are masqueraded
|
||||||
|
|
|
@ -117,6 +117,15 @@ data:
|
||||||
# - geneve
|
# - geneve
|
||||||
tunnel: "{{ cilium_tunnel_mode }}"
|
tunnel: "{{ cilium_tunnel_mode }}"
|
||||||
|
|
||||||
|
# Enable Bandwidth Manager
|
||||||
|
# Cilium’s bandwidth manager supports the kubernetes.io/egress-bandwidth Pod annotation.
|
||||||
|
# Bandwidth enforcement currently does not work in combination with L7 Cilium Network Policies.
|
||||||
|
# In case they select the Pod at egress, then the bandwidth enforcement will be disabled for those Pods.
|
||||||
|
# Bandwidth Manager requires a v5.1.x or more recent Linux kernel.
|
||||||
|
{% if cilium_enable_bandwidth_manager %}
|
||||||
|
enable-bandwidth-manager: "true"
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Name of the cluster. Only relevant when building a mesh of clusters.
|
# Name of the cluster. Only relevant when building a mesh of clusters.
|
||||||
cluster-name: "{{ cilium_cluster_name }}"
|
cluster-name: "{{ cilium_cluster_name }}"
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue