kmesh icon indicating copy to clipboard operation
kmesh copied to clipboard
verified publisher icon kmesh-net

XDP has been enabled in enableKmeshManage. Do we need to enable XDP in the CNI?

Open bitcoffeeiux opened this issue 11 months ago • 2 comments

The XDP program is added for each new pod in the podAdd logic. When the Kmesh restarts, the XDP program is also mounted to the existing pods. The logic for inserting xdp into the cni is executed before the pod is started. If you switch to enableKmeshManage to mount the xdp process, the process is after the pod is completely started. There's a window in the middle, but does it have a more obvious impact on our business? If no, delete the xdp processing in the cni. If yes, it is recommended to add relevant description in the document or code.

bitcoffeeiux avatar Dec 30 '24 03:12 bitcoffeeiux

Link xdp in cni provide a capture all application capability. By this, the authz does not miss any tcp packet

hzxuzhonghu avatar Dec 30 '24 03:12 hzxuzhonghu

Link xdp in cni provide a capture all application capability. By this, the authz does not miss any tcp packet

Theoretically, the link xdp function can be implemented during a new startup or restart in enable enableKmeshManage.

bitcoffeeiux avatar Dec 30 '24 06:12 bitcoffeeiux