This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Auther Clément Nussbaumer <clement@astutus.org>, Aug 2020 | |
# | |
# CNI interception script: permits to do live debugging of CNI calls. | |
# Usage: rename the real cni binary file with by prepending the orginal binary name with real_ | |
# E.g. for multus, real_multus. Now put this script in place the binary: | |
# Concretely, name it `multus` if you want to intercept multus calls. | |
cni=$(echo $0 | awk '{split($0,r,"/"); print r[length(r)]}') | |
echo 'intercepted '$cni' cni with command: ' $CNI_COMMAND ' and caller: ' $(ps -o comm= $PPID) | logger -t cni |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# given $netns the the network namespace id. e.g. netns=46165437 | |
# 1st: we create a virtual interface | |
ip link add name toto_if type ipip local 10.20.30.46 remote 10.30.30.1 | |
# 2nd, we put this interface in the network namespace of our pod | |
ip link set dev toto_if netns $netns | |
# 3rd, we can for example change the ip address or routing parameters: | |
nsenter -t $netns --network ip addr add 1.2.3.4/30 dev toto_if |
NewerOlder