Useful for troubleshooing network namespaces problems without having to create containers and the additional functionality
source netns.sh
netns_add ns1 192.168.0.2 192.168.0.1
netns_add ns2 192.168.0.3 192.168.0.1
ping -c 2 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
Conformance test are a subset of the e2e test Kubernetes test.
The e2e tests are based on Ginkgo https://onsi.github.io/ginkgo/ and live in the Kubernetes repository https://github.com/kubernetes/kubernetes/tree/master/test/e2e.
There is no guarantee of compatibility for the e2e binaries, hence the e2e binary version MUST match your kubernetes cluster version.
Iptables performance is limited mainly by two reasons:
The kernel community moved to nftables as replacement of iptables, with the goal of removing the existing performance bottlenecks. Kubernetes has decided to implement a new nftables proxy because of this and another reasons explained in more detail in the corresponding KEP and during the Kubernetes Contributor Summit in Chicago 2023 on the session [Iptables, end of
It seems that is a common practice in HPC and AI/ML environments that use MPI applications to populate a hosts files with all the nodes on the cluster and copy it over all the nodes, ref https://help.ubuntu.com/community/MpichCluster
It is my observation that in Kubernetes, Headless Services are used to implement this Service Discovery This is very handy because it allows to reference a pod by hostname without having to copy over a generace /etc/hosts.
There must also be an A record of the following form for each ready endpoint with hostname of and IPv4 address . If there are multiple IPv4 addresses for a given hostname, then there must be one such A record returned for each IP.
| https://prow.k8s.io/view/gs/kubernetes-jenkins/pr-logs/pull/108414/pull-kubernetes-e2e-gce-100-performance/1499390264190439424 | |
| https://storage.googleapis.com/kubernetes-jenkins/pr-logs/pull/108414/pull-kubernetes-e2e-gce-100-performance/1499390264190439424/artifacts/prometheus_snapshot.tar | |
| TMP_DIR=$(mktemp -d) | |
| cd $TMP_DIR | |
| wget https://storage.googleapis.com/kubernetes-jenkins/pr-logs/pull/108414/pull-kubernetes-e2e-gce-100-performance/1499390264190439424/artifacts/prometheus_snapshot.tar | |
| tar xvf prometheus_snapshot.tar | |
| touch prometheus.yml | |
| SNAPSHOT=$(ls prometheus/snapshots/) |
Download binary
curl -s -L https://github.com/libbpf/bpftool/releases/download/v7.2.0/bpftool-v7.2.0-amd64.tar.gz | tar xvzf - -C /tmp chmod +x /tmp/bpftool
List network
checkout cilium repo and run it in kind
git clone https://github.com/cilium/cilium.git
cd cilium
REPO_ROOT=$PWD
KUBEPROXY_MODE="none" make kind
make kind-image
make kind-install-cilium
KIND runs Kubernetes cluster in Docker, and leverages Docker networking for all the network features: port mapping, IPv6, containers connectivity, etc.
KIND uses a docker user defined network.
It creates a bridge named kind
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
| #!/bin/bash | |
| set -xe | |
| # This script takes as a parameter the name of the VM | |
| # and creates a linked clone | |
| # Ref: https://unix.stackexchange.com/a/33584 | |
| # The scripts assumes that it runs from the same folder | |
| # where the vm image is located and it coincides with the | |
| # image name |