Skip to content

Cilium Network Communication Acceleration

Introduction

This page describes how to configure Cilium's communication acceleration capability. There are two optional configuration methods.

Prerequisites

Please make sure the Linux Kernel version >= 4.9.17 with 5.10+ recommended. To view and install the latest version, you can do the following:

  1. To view the current kernel version:

    uname -r
    
  2. Install the ELRepo repository, which provides the latest Linux kernel version:

    rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
    rpm -Uvh https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
    
  3. Install the latest Linux kernel version:

    yum --enablerepo=elrepo-kernel install kernel-ml
    

    kernel-ml is the latest documented version of the kernel. You can also choose another version.

  4. Update the GRUB configuration to use the new kernel version at boot time:

    grub2-mkconfig -o /boot/grub2/grub.cfg
    

First method:configure when creating the cluster

  1. Click Container ManagementClusters. On the page of Create Cluster, enter the cluster's basic information and node configuration, then go to Network Configuration to configure as follows: cilium-speedup01

    • Select cilium for the cluster's CNI plugin

    • Add other parameters as follows:

      # Auto direct node routes must be set to be true, otherwise cross-node traffic cannot be routed
      auto-direct-node-routes: "true" 
      # If masquerading is used, it will replace the iptables implementation based on eBPF.
      # Require kernel 5.10 and later.
      # Otherwise it will be downgraded to the iptables implementation even if enabled
      enable-bpf-masquerade: "true" 
      # When doing source address translation for Pod access to outside traffic, enable it if using tunnel mode.
      # Disable it if BGP is used to connect to the physical network.
      enable-ipv6-masquerade: "false" 
      # Distribute no-ct iptables rules for the pod to improve performance.
      install-no-conntrack-iptables-rules: "true" 
      # Disable the ability for hosts to bypass their kernel stack when processing packets to speed up data forwarding. 
      # Enable it by default, but fallback to legacy behavior if the host kernel does not support it.
      enable-host-legacy-routing: "false"
      # Turn on bandwidth-manager to improve the performance of tcp, udp
      enable-bandwidth-manager: "true"
      # Kube-proxy replacement feature can be enabled after removing kube-proxy component
      kube-proxy-replacement: strict 
      # Disable tunnel mode
      tunnel: disabled
      # (optional) bbr network blocking control, with the requirement of kernel > 5.18
      enable-bbr: "true"
      
    • Use the default ConfigMaps for everything else

  2. Click Create Cluster to complete the creation.

Second method: modify Cilium ConfigMaps

If the cluster has been created and you need to enable acceleration parameters, you can modify the Cilium-Config file.

Click Container ManagementClusters. Go to the created cluster and click ConfigMaps & Secrets. Select Config Items, find Cilium-config, and then click Edit to enter the following acceleration parameters:

cilium-sppedup02

speed-up03

Once the parameters are written, click OK to achieve Pod communication acceleration.

Comments