Cilium Network Communication Acceleration¶
Introduction¶
This page describes how to configure Cilium's communication acceleration capability. There are two optional configuration methods.
Prerequisites¶
Please make sure the Linux Kernel version >= 4.9.17 with 5.10+ recommended. To view and install the latest version, you can do the following:
-
To view the current kernel version:
-
Install the ELRepo repository, which provides the latest Linux kernel version:
-
Install the latest Linux kernel version:
kernel-ml
is the latest documented version of the kernel. You can also choose another version. -
Update the GRUB configuration to use the new kernel version at boot time:
First method:configure when creating the cluster¶
-
Click
Container Management
→Clusters
. On the page ofCreate Cluster
, enter the cluster'sbasic information
andnode configuration
, then go toNetwork Configuration
to configure as follows:-
Select
cilium
for the cluster's CNI plugin -
Add
other parameters
as follows:# Auto direct node routes must be set to be true, otherwise cross-node traffic cannot be routed auto-direct-node-routes: "true" # If masquerading is used, it will replace the iptables implementation based on eBPF. # Require kernel 5.10 and later. # Otherwise it will be downgraded to the iptables implementation even if enabled enable-bpf-masquerade: "true" # When doing source address translation for Pod access to outside traffic, enable it if using tunnel mode. # Disable it if BGP is used to connect to the physical network. enable-ipv6-masquerade: "false" # Distribute no-ct iptables rules for the pod to improve performance. install-no-conntrack-iptables-rules: "true" # Disable the ability for hosts to bypass their kernel stack when processing packets to speed up data forwarding. # Enable it by default, but fallback to legacy behavior if the host kernel does not support it. enable-host-legacy-routing: "false" # Turn on bandwidth-manager to improve the performance of tcp, udp enable-bandwidth-manager: "true" # Kube-proxy replacement feature can be enabled after removing kube-proxy component kube-proxy-replacement: strict # Disable tunnel mode tunnel: disabled # (optional) bbr network blocking control, with the requirement of kernel > 5.18 enable-bbr: "true"
-
Use the default ConfigMaps for everything else
-
-
Click
Create Cluster
to complete the creation.
Second method: modify Cilium ConfigMaps¶
If the cluster has been created and you need to enable acceleration parameters, you can modify the Cilium-Config
file.
Click Container Management
→ Clusters
. Go to the created cluster and click ConfigMaps & Secrets
. Select Config Items
, find Cilium-config
, and then click Edit to enter the following acceleration parameters:
Once the parameters are written, click OK
to achieve Pod communication acceleration.