Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add disable udp service for ubuntu 22.04 on vmware #2326

Merged
merged 1 commit into from
Jul 25, 2023
Merged

Add disable udp service for ubuntu 22.04 on vmware #2326

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions ...kubernetes-sigs/image-builder/patches/0001-Add-goss-validations-for-EKS-D-artifacts.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 4b485baad0b89680444e4a994bdc384b26f304a3 Mon Sep 17 00:00:00 2001
From 1c8a0f202a9cec579266a8fed17a86165539b8c8 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 11 Jan 2022 18:36:56 -0800
Subject: [PATCH 01/18] Add goss validations for EKS-D artifacts
Expand Down Expand Up @@ -31,5 +31,5 @@ index 189b5a4cc..1ab83545e 100644
stderr: []
timeout: 0
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions ...igs/image-builder/patches/0002-Output-vsphere-builds-to-content-library-instead-of-.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From bcdde1a417a6123bac4685edfa246c486281cabd Mon Sep 17 00:00:00 2001
From 7825eeb1333575bbc6ffad6e922ec82a5d17d461 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 11 Jan 2022 21:00:12 -0800
Subject: [PATCH 02/18] Output vsphere builds to content library instead of
Expand Down Expand Up @@ -98,5 +98,5 @@ index d6fc80fdd..0b3e48792 100644
}
}
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions ...igs/image-builder/patches/0003-Create-etc-pki-tls-certs-dir-as-part-of-image-builds.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 2e01dc5b2d41b33cbff9b516df5380dcdf9c6452 Mon Sep 17 00:00:00 2001
From bd4a51d1cb15048cf8daa8c38b166065c91ec22c Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 11 Jan 2022 21:05:13 -0800
Subject: [PATCH 03/18] Create /etc/pki/tls/certs dir as part of image-builds
Expand Down Expand Up @@ -29,5 +29,5 @@ index 04a07ad7f..0114e934d 100644
file:
path: /etc/systemd/system/containerd.service.d/http-proxy.conf
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions ...igs/image-builder/patches/0004-Add-etcdadm-and-etcd.tar.gz-to-image-for-unstacked-e.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 514f9841d9747a970b7f91ff916ce30d01b4c6ee Mon Sep 17 00:00:00 2001
From e2e3348655b316f9cc336331d674b6be42741960 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 11 Jan 2022 21:12:53 -0800
Subject: [PATCH 04/18] Add etcdadm and etcd.tar.gz to image for unstacked etcd
Expand Down Expand Up @@ -83,5 +83,5 @@ index 4d3a5f5a8..80f93c5c3 100644
"kubernetes_series": "v1.25",
"kubernetes_source_type": "pkg",
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions ...bernetes-sigs/image-builder/patches/0005-Additional-EKS-A-specific-goss-validations.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From efbe109ab433663f0846582c4bf637363888db76 Mon Sep 17 00:00:00 2001
From d2b23cda807ba4782c6d6a6af7d5a9e929bb70c7 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 11 Jan 2022 21:26:09 -0800
Subject: [PATCH 05/18] Additional EKS-A specific goss validations
Expand Down Expand Up @@ -128,5 +128,5 @@ index 0b3e48792..ff6430db3 100644
"version": "{{user `goss_version`}}"
}
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions projects/kubernetes-sigs/image-builder/patches/0006-Tweak-Product-info-in-OVF.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 09051e0599528bac2033abef1512698d35b1f415 Mon Sep 17 00:00:00 2001
From e7622d7c38951b1d19b98638e5a027439327eb7a Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 11 Jan 2022 21:29:16 -0800
Subject: [PATCH 06/18] Tweak Product info in OVF
Expand Down Expand Up @@ -35,5 +35,5 @@ index 316427ec3..ca23db5f9 100644
<Property ovf:userConfigurable="false" ovf:value="${BUILD_TIMESTAMP}" ovf:type="string" ovf:key="BUILD_TIMESTAMP"/>
<Property ovf:userConfigurable="false" ovf:value="${BUILD_DATE}" ovf:type="string" ovf:key="BUILD_DATE"/>
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...netes-sigs/image-builder/patches/0007-Support-crictl-validation-from-input-checksum.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From eb0ec6499bcf05e4683215c6bbcee1a74cbecdcc Mon Sep 17 00:00:00 2001
From 466adc2ce78964efe944d698ff27f9bffc73db61 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Fri, 2 Sep 2022 14:32:21 -0700
Subject: [PATCH 08/18] Support crictl validation from input checksum
Subject: [PATCH 07/18] Support crictl validation from input checksum

Signed-off-by: Vignesh Goutham Ganesh <vgg@amazon.com>
---
Expand Down Expand Up @@ -38,5 +38,5 @@ index 9ae4f81b1..1ef16318a 100644
mode: 0600

--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...etes-sigs/image-builder/patches/0008-Exclude-kernel-and-cloud-init-from-yum-updates.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From 4aeccc58b24b6bed94f752ed73b593641e4fe004 Mon Sep 17 00:00:00 2001
From 014e064f435e54a7651ff73593f9dad01efd8ba8 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 6 Dec 2022 15:42:02 -0600
Subject: [PATCH 09/18] Exclude kernel and cloud-init from yum updates
Subject: [PATCH 08/18] Exclude kernel and cloud-init from yum updates

Signed-off-by: Vignesh Goutham Ganesh <vgg@amazon.com>
---
Expand All @@ -21,5 +21,5 @@ index 66d9c8cac..0961f37d4 100644

- name: install baseline dependencies
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...igs/image-builder/patches/0009-Patch-cloud-init-systemd-unit-to-wait-for-network-ma.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From f2b68b5226209c244c3cb243f75cd9da1a53bd0b Mon Sep 17 00:00:00 2001
From 1d2f0a81b1560756ce9362be03a4a106a92790d5 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Mon, 9 Jan 2023 14:11:18 -0600
Subject: [PATCH 10/18] Patch cloud-init systemd unit to wait for network
Subject: [PATCH 09/18] Patch cloud-init systemd unit to wait for network
manager online

Signed-off-by: Vignesh Goutham Ganesh <vgg@amazon.com>
Expand Down Expand Up @@ -47,5 +47,5 @@ index 28c609177..e5f2ed16c 100644
# Enable all cloud-init services on boot.
- name: Make sure all cloud init services are enabled
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...etes-sigs/image-builder/patches/0010-Add-instance-metadata-options-to-Packer-config.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From 42f5a3b2caa7c5713d76df8ceefaa0d960a272b5 Mon Sep 17 00:00:00 2001
From 80b701ee528b6cb5de1d642eee75eeee2b107680 Mon Sep 17 00:00:00 2001
From: Abhay Krishna Arunachalam <arnchlm@amazon.com>
Date: Thu, 2 Feb 2023 01:39:15 -0800
Subject: [PATCH 11/18] Add instance metadata options to Packer config
Subject: [PATCH 10/18] Add instance metadata options to Packer config

Signed-off-by: Abhay Krishna Arunachalam <arnchlm@amazon.com>
---
Expand Down Expand Up @@ -35,5 +35,5 @@ index 7b957a8d6..d2c742649 100644
"ib_version": "{{env `IB_VERSION`}}",
"iops": "3000",
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...igs/image-builder/patches/0011-Rename-Snow-node-image-to-reflect-appropriate-CAPI-p.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From f07bc7270d61743a6dfed026ea1dc49dc7da1bf0 Mon Sep 17 00:00:00 2001
From f1d37d26168f74ab9c100547a0aba19e3a59298a Mon Sep 17 00:00:00 2001
From: Abhay Krishna Arunachalam <arnchlm@amazon.com>
Date: Fri, 10 Feb 2023 16:08:18 -0800
Subject: [PATCH 12/18] Rename Snow node image to reflect appropriate CAPI
Subject: [PATCH 11/18] Rename Snow node image to reflect appropriate CAPI
provider

Signed-off-by: Abhay Krishna Arunachalam <arnchlm@amazon.com>
Expand All @@ -23,5 +23,5 @@ index d2c742649..d64b22278 100644
"ami_regions": "{{user `ami_regions`}}",
"ami_users": "{{user `ami_users`}}",
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...igs/image-builder/patches/0012-Add-EKS-A-specific-inline-Goss-vars-to-all-supported.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From 7d29f0f259dffc29129306dc9bd36738e4bfe921 Mon Sep 17 00:00:00 2001
From 74fad131b42949bbbdd033c4f51129408d2a564c Mon Sep 17 00:00:00 2001
From: Abhay Krishna Arunachalam <arnchlm@amazon.com>
Date: Thu, 2 Mar 2023 19:27:50 -0800
Subject: [PATCH 13/18] Add EKS-A specific inline Goss vars to all supported
Subject: [PATCH 12/18] Add EKS-A specific inline Goss vars to all supported
providers

Signed-off-by: Abhay Krishna Arunachalam <arnchlm@amazon.com>
Expand Down Expand Up @@ -85,5 +85,5 @@ index e790e67d5..dc494a1e8 100644
"version": "{{user `goss_version`}}"
}
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...rnetes-sigs/image-builder/patches/0013-Use-tar.gz-extension-for-CNI-plugins-tarball.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From 695c60b097619f4c1c1b3b39fa5fe60e18e150fc Mon Sep 17 00:00:00 2001
From 2a291e5f7626d87f04b6a60c45a09f203d77dcb7 Mon Sep 17 00:00:00 2001
From: Abhay Krishna Arunachalam <arnchlm@amazon.com>
Date: Thu, 9 Mar 2023 16:05:22 -0800
Subject: [PATCH 14/18] Use tar.gz extension for CNI plugins tarball
Subject: [PATCH 13/18] Use tar.gz extension for CNI plugins tarball

Signed-off-by: Abhay Krishna Arunachalam <arnchlm@amazon.com>
---
Expand All @@ -22,5 +22,5 @@ index 48a4a2177..99bf2f843 100644
dest: /tmp/cni.tar.gz
mode: 0755
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions projects/kubernetes-sigs/image-builder/patches/0014-uses-latest-ubuntu-22.04-iso.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 2e69267b8f8ceb079ac263aafa5ea480d02d4d8e Mon Sep 17 00:00:00 2001
From 06b287df708bbb86f101cf26ea60aadb0abfe27e Mon Sep 17 00:00:00 2001
From: Jackson West <jgw@amazon.com>
Date: Fri, 23 Jun 2023 10:50:08 -0500
Subject: [PATCH 14/18] uses latest ubuntu 22.04 iso
Expand Down Expand Up @@ -41,5 +41,5 @@ index badbf1045..dffc6967f 100644
"shutdown_command": "shutdown -P now",
"vsphere_guest_os_type": "ubuntu64Guest"
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions projects/kubernetes-sigs/image-builder/patches/0015-Shrink-qemu-ubuntu-image-size.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 5d7f131e2ed7190f3cb9c2a7f82b2d2a5ba25845 Mon Sep 17 00:00:00 2001
From de8d2056f14d6c6bb9a782eb9d11b0d39ae1084c Mon Sep 17 00:00:00 2001
From: Roman Hros <roman.hros@dnation.cloud>
Date: Mon, 5 Jun 2023 16:29:45 +0200
Subject: [PATCH 15/18] Shrink qemu ubuntu image size
Expand Down Expand Up @@ -112,5 +112,5 @@ index 24bdce560..fdcb56c26 100644
+ - curtin in-target --target=/target -- apt-get clean
+ - curtin in-target --target=/target -- rm -rf /var/lib/apt/lists/*
--
2.39.2
2.39.1

4 changes: 2 additions & 2 deletions ...kubernetes-sigs/image-builder/patches/0016-adds-support-for-raw-ubuntu-22.04-builds.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
From 91daaa82f64c7c0a80c63b739f2a01c54640873d Mon Sep 17 00:00:00 2001
From 2787a5bd657cb37f2fb1d9be90b1ce34238526ce Mon Sep 17 00:00:00 2001
From: Jackson West <jgw@amazon.com>
Date: Fri, 16 Jun 2023 15:27:15 -0500
Subject: [PATCH 16/18] adds support for raw ubuntu 22.04 builds
Expand Down Expand Up @@ -311,5 +311,5 @@ index 000000000..38e827ef1
+ "shutdown_command": "shutdown -P now"
+ }
--
2.39.2
2.39.1

6 changes: 3 additions & 3 deletions ...igs/image-builder/patches/0017-sets-OS_VERSION-for-goss-validation-on-raw-image-bui.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
From 38977df506b782e779085b6a0cebe87ea080de5c Mon Sep 17 00:00:00 2001
From 2dfca2a7cdad5941c05f9f070b126d4b80398ce3 Mon Sep 17 00:00:00 2001
From: Jackson West <jgw@amazon.com>
Date: Wed, 28 Jun 2023 12:42:22 -0500
Subject: [PATCH 16/18] sets OS_VERSION for goss validation on raw image builds
Subject: [PATCH 17/18] sets OS_VERSION for goss validation on raw image builds

---
images/capi/packer/raw/packer.json | 1 +
Expand Down Expand Up @@ -87,5 +87,5 @@ index 38e827ef1..7a7b3109f 100644
"iso_checksum": "5e38b55d57d94ff029719342357325ed3bda38fa80054f9330dc789cd2d43931",
"iso_checksum_type": "sha256",
--
2.40.1
2.39.1

112 changes: 112 additions & 0 deletions ...s-sigs/image-builder/patches/0018-Disable-UDP-offload-service-for-Redhat-and-Ubuntu.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
From b1d69b87ea150387e738af951ef4723a8f2c040a Mon Sep 17 00:00:00 2001
From: Taylor Neyland <tneyla@amazon.com>
Date: Wed, 19 Jul 2023 12:51:30 -0500
Subject: [PATCH 18/18] Disable UDP offload service for Redhat and Ubuntu

---
.../system/disable-udp-offload-redhat.service | 15 +++++++++++++++
.../system/disable-udp-offload-ubuntu.service | 15 +++++++++++++++
.../roles/providers/tasks/vmware-redhat.yml | 18 ++++++++++++++++++
.../roles/providers/tasks/vmware-ubuntu.yml | 17 +++++++++++++++++
4 files changed, 65 insertions(+)
create mode 100644 images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-redhat.service
create mode 100644 images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-ubuntu.service

diff --git a/images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-redhat.service b/images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-redhat.service
new file mode 100644
index 000000000..d445e4763
--- /dev/null
+++ b/images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-redhat.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Disables UDP offload
+After=NetworkManager-wait-online.service
+# Block manual interactions with this service
+RefuseManualStart=true
+RefuseManualStop=true
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/ethtool -K eth0 tx-udp_tnl-segmentation off
+ExecStart=/usr/sbin/ethtool -K eth0 tx-udp_tnl-csum-segmentation off
+RemainAfterExit=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-ubuntu.service b/images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-ubuntu.service
new file mode 100644
index 000000000..7f5d50a8e
--- /dev/null
+++ b/images/capi/ansible/roles/providers/files/etc/systemd/system/disable-udp-offload-ubuntu.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Disables UDP offload for Ubuntu
+After=systemd-networkd-wait-online.service
+# Block manual interactions with this service
+RefuseManualStart=true
+RefuseManualStop=true
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/ethtool -K eth0 tx-udp_tnl-segmentation off
+ExecStart=/usr/sbin/ethtool -K eth0 tx-udp_tnl-csum-segmentation off
+RemainAfterExit=true
+
+[Install]
+WantedBy=network-online.target
\ No newline at end of file
diff --git a/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml b/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml
index 0047e90a7..616098859 100644
--- a/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml
+++ b/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml
@@ -49,3 +49,21 @@
file:
path: /tmp/cloud-init-vmware.sh
state: absent
+
+- name: Create service disable udp offload
+ copy:
+ src: files/etc/systemd/system/disable-udp-offload-redhat.service
+ dest: /etc/systemd/system/disable-udp-offload-redhat.service
+ owner: root
+ group: root
+ mode: 0644
+ when: ansible_os_family != "Flatcar"
+
+- name: Enable disable-udp-offload-redhat.service
+ systemd:
+ name: disable-udp-offload-redhat.service
+ daemon_reload: yes
+ enabled: True
+ state: stopped
+ when: ansible_os_family != "Flatcar"
+
\ No newline at end of file
diff --git a/images/capi/ansible/roles/providers/tasks/vmware-ubuntu.yml b/images/capi/ansible/roles/providers/tasks/vmware-ubuntu.yml
index 8a63b50ce..392a6fc4e 100644
--- a/images/capi/ansible/roles/providers/tasks/vmware-ubuntu.yml
+++ b/images/capi/ansible/roles/providers/tasks/vmware-ubuntu.yml
@@ -51,3 +51,20 @@
content: |
datasource: VMware
when: ansible_distribution_version is version('22.04', '>=')
+
+- name: Create service disable udp offload
+ copy:
+ src: files/etc/systemd/system/disable-udp-offload-ubuntu.service
+ dest: /etc/systemd/system/disable-udp-offload-ubuntu.service
+ owner: root
+ group: root
+ mode: 0644
+ when: ansible_distribution_version is version('22.04', '>=')
+
+- name: Enable disable-udp-offload-ubuntu.service
+ systemd:
+ name: disable-udp-offload-ubuntu.service
+ daemon_reload: yes
+ enabled: True
+ state: stopped
+ when: ansible_distribution_version is version('22.04', '>=')
--
2.39.1

Loading