init.sh: remove script

bye bye Signed-off-by: Timo Beckers <[email protected]>
michi-covalent · Aug 16, 2023 · 9764bee · 9764bee
1 parent 789ba8b
commit 9764bee
Show file tree

Hide file tree

Showing 7 changed files with 3 additions and 286 deletions.
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -249,7 +249,6 @@
 /bpf/lib/egress_gateway.h @cilium/egress-gateway
 Makefile* @cilium/build
 /bpf/Makefile* @cilium/loader
-/bpf/init.sh @cilium/loader
 /bpf/custom/Makefile* @cilium/build @cilium/loader
 /bpf/lib/auth.h @cilium/sig-datapath @cilium/sig-servicemesh
 /bpf/lib/encrypt.h @cilium/ipsec

diff --git a/bpf/init.sh b/bpf/init.sh
diff --git a/daemon/cmd/kube_proxy_replacement.go b/daemon/cmd/kube_proxy_replacement.go
@@ -462,14 +462,6 @@ func finishKubeProxyReplacementInit() error {
 		if err != nil {
 			return fmt.Errorf("Cannot retrieve %s link: %w", iface, err)
 		}
-		if strings.ContainsAny(iface, "=;") {
-			// Because we pass IPV{4,6}_NODEPORT addresses to bpf/init.sh
-			// in a form "$IFACE_NAME1=$IPV{4,6}_ADDR1;$IFACE_NAME2=...",
-			// we need to restrict the iface names. Otherwise, bpf/init.sh
-			// won't properly parse the mappings.
-			return fmt.Errorf("%s link name contains '=' or ';' character which is not allowed",
-				iface)
-		}
 		if idx := link.Attrs().Index; idx > math.MaxUint16 {
 			return fmt.Errorf("%s link ifindex %d exceeds max(uint16)", iface, idx)
 		}

diff --git a/pkg/datapath/loader/base.go b/pkg/datapath/loader/base.go
@@ -10,13 +10,10 @@ import (
 	"net"
 	"os"
 	"path/filepath"
-	"strconv"
 	"strings"
 
-	"github.com/sirupsen/logrus"
 	"github.com/vishvananda/netlink"
 
-	"github.com/cilium/cilium/pkg/command/exec"
 	"github.com/cilium/cilium/pkg/datapath/alignchecker"
 	"github.com/cilium/cilium/pkg/datapath/connector"
 	"github.com/cilium/cilium/pkg/datapath/linux/ethtool"
@@ -37,36 +34,6 @@ import (
 	wgTypes "github.com/cilium/cilium/pkg/wireguard/types"
 )
 
-const (
-	initArgLib int = iota
-	initArgRundir
-	initArgProcSysNetDir
-	initArgSysDir
-	initArgIPv4NodeIP
-	initArgIPv6NodeIP
-	initArgMode
-	initArgTunnelProtocol
-	initArgTunnelPort
-	initArgDevices
-	initArgHostDev1
-	initArgHostDev2
-	initArgMTU
-	initArgSocketLB
-	initArgSocketLBPeer
-	initArgCgroupRoot
-	initArgBpffsRoot
-	initArgNodePort
-	initArgNodePortBind
-	initBPFCPU
-	initArgNrCPUs
-	initArgEndpointRoutes
-	initArgProxyRule
-	initTCFilterPriority
-	initDefaultRTProto
-	initLocalRulePriority
-	initArgMax
-)
-
 // firstInitialization is true when Reinitialize() is called for the first
 // time. It can only be accessed when GetCompilationLock() is being held.
 var firstInitialization = true
@@ -294,8 +261,6 @@ func (l *Loader) ReinitializeXDP(ctx context.Context, o datapath.BaseProgramOwne
 // locally detected prefixes. It may be run upon initial Cilium startup, after
 // restore from a previous Cilium run, or during regular Cilium operation.
 func (l *Loader) Reinitialize(ctx context.Context, o datapath.BaseProgramOwner, deviceMTU int, iptMgr datapath.IptablesManager, p datapath.Proxy) error {
-	args := make([]string, initArgMax)
-
 	sysSettings := []sysctl.Setting{
 		{Name: "net.core.bpf_jit_enable", Val: "1", IgnoreErr: true, Warn: "Unable to ensure that BPF JIT compilation is enabled. This can be ignored when Cilium is running inside non-host network namespace (e.g. with kind or minikube)"},
 		{Name: "net.ipv4.conf.all.rp_filter", Val: "0", IgnoreErr: false},
@@ -311,29 +276,17 @@ func (l *Loader) Reinitialize(ctx context.Context, o datapath.BaseProgramOwner,
 
 	l.init(o.Datapath(), o.LocalConfig())
 
-	var mode baseDeviceMode
 	encapProto := option.TunnelDisabled
-	switch {
-	case option.Config.TunnelingEnabled():
-		mode = tunnelMode
+	if option.Config.TunnelingEnabled() {
 		encapProto = option.Config.TunnelProtocol
-	case option.Config.EnableHealthDatapath:
-		mode = option.DSRDispatchIPIP
-	default:
-		mode = directMode
 	}
-	args[initArgMode] = string(mode)
 
 	var nodeIPv4, nodeIPv6 net.IP
-	args[initArgIPv4NodeIP] = "<nil>"
-	args[initArgIPv6NodeIP] = "<nil>"
 	if option.Config.EnableIPv4 {
 		nodeIPv4 = node.GetInternalIPv4Router()
-		args[initArgIPv4NodeIP] = nodeIPv4.String()
 	}
 	if option.Config.EnableIPv6 {
 		nodeIPv6 = node.GetIPv6Router()
-		args[initArgIPv6NodeIP] = nodeIPv6.String()
 		// Docker <17.05 has an issue which causes IPv6 to be disabled in the initns for all
 		// interface (https://github.com/docker/libnetwork/issues/1720)
 		// Enable IPv6 for now
@@ -342,12 +295,10 @@ func (l *Loader) Reinitialize(ctx context.Context, o datapath.BaseProgramOwner,
 	}
 
 	// Datapath initialization
-	hostDev1, hostDev2, err := SetupBaseDevice(deviceMTU)
+	hostDev1, _, err := SetupBaseDevice(deviceMTU)
 	if err != nil {
-		return fmt.Errorf("failed to setup base devices in mode %s: %w", mode, err)
+		return fmt.Errorf("failed to setup base devices: %w", err)
 	}
-	args[initArgHostDev1] = hostDev1.Attrs().Name
-	args[initArgHostDev2] = hostDev2.Attrs().Name
 
 	if option.Config.EnableHealthDatapath {
 		sysSettings = append(
@@ -402,8 +353,6 @@ func (l *Loader) Reinitialize(ctx context.Context, o datapath.BaseProgramOwner,
 		log.WithError(err).Warn("Unable to write netdev header")
 		return err
 	}
-	args[initArgProcSysNetDir] = filepath.Join(o.Datapath().Procfs(), "sys", "net")
-	args[initArgSysDir] = filepath.Join("/sys", "class", "net")
 
 	if option.Config.EnableXDPPrefilter {
 		scopedLog := log.WithField(logfields.Devices, option.Config.GetDevices())
@@ -422,70 +371,9 @@ func (l *Loader) Reinitialize(ctx context.Context, o datapath.BaseProgramOwner,
 		o.SetPrefilter(preFilter)
 	}
 
-	args[initArgLib] = "<nil>"
-	args[initArgRundir] = option.Config.StateDir
-
-	args[initArgMTU] = fmt.Sprintf("%d", deviceMTU)
-
-	args[initArgSocketLB] = "<nil>"
-	args[initArgSocketLBPeer] = "<nil>"
-	args[initArgCgroupRoot] = "<nil>"
-	args[initArgBpffsRoot] = "<nil>"
-	args[initArgDevices] = "<nil>"
-
-	// set init.sh args based on encapProto
-	args[initArgTunnelProtocol] = "<nil>"
-	args[initArgTunnelPort] = "<nil>"
-	if encapProto != option.TunnelDisabled {
-		args[initArgTunnelProtocol] = encapProto
-		args[initArgTunnelPort] = fmt.Sprintf("%d", option.Config.TunnelPort)
-	}
-
-	args[initArgNodePort] = "<nil>"
-	args[initArgNodePortBind] = "<nil>"
-	args[initBPFCPU] = "<nil>"
-	args[initArgNrCPUs] = "<nil>"
-
-	if option.Config.EnableEndpointRoutes {
-		args[initArgEndpointRoutes] = "true"
-	} else {
-		args[initArgEndpointRoutes] = "false"
-	}
-
-	clockSource := []string{"ktime", "jiffies"}
-	log.WithFields(logrus.Fields{
-		logfields.BPFInsnSet:     args[initBPFCPU],
-		logfields.BPFClockSource: clockSource[option.Config.ClockSource],
-	}).Info("Setting up BPF datapath")
-
-	if option.Config.InstallIptRules && option.Config.EnableL7Proxy {
-		args[initArgProxyRule] = "true"
-	} else {
-		args[initArgProxyRule] = "false"
-	}
-
-	args[initTCFilterPriority] = "<nil>"
-	args[initDefaultRTProto] = strconv.Itoa(linux_defaults.RTProto)
-	args[initLocalRulePriority] = strconv.Itoa(linux_defaults.RulePriorityLocalLookup)
-
-	// "Legacy" datapath inizialization with the init.sh script
-	// TODO(mrostecki): Rewrite the whole init.sh in Go, step by step.
-	for i, arg := range args {
-		if arg == "" {
-			log.Warningf("empty argument passed to bpf/init.sh at position %d", i)
-		}
-	}
-
 	ctx, cancel := context.WithTimeout(ctx, defaults.ExecTimeout)
 	defer cancel()
 
-	prog := filepath.Join(option.Config.BpfDir, "init.sh")
-	cmd := exec.CommandContext(ctx, prog, args...)
-	cmd.Env = os.Environ()
-	if _, err := cmd.CombinedOutput(log, true); err != nil {
-		return err
-	}
-
 	if option.Config.EnableSocketLB {
 		// compile bpf_sock.c and attach/detach progs for socketLB
 		if err := CompileWithOptions(ctx, "bpf_sock.c", "bpf_sock.o", []string{"-DCALLS_MAP=cilium_calls_lb"}); err != nil {

diff --git a/pkg/datapath/loader/netlink.go b/pkg/datapath/loader/netlink.go
@@ -25,13 +25,6 @@ import (
 	"github.com/cilium/cilium/pkg/sysctl"
 )
 
-type baseDeviceMode string
-
-const (
-	directMode = baseDeviceMode("direct")
-	tunnelMode = baseDeviceMode("tunnel")
-)
-
 func directionToParent(dir string) uint32 {
 	switch dir {
 	case dirIngress:

diff --git a/pkg/logging/logfields/logfields.go b/pkg/logging/logfields/logfields.go
@@ -338,9 +338,6 @@ const (
 	// BPFClockSource denotes the internal clock source (ktime vs jiffies)
 	BPFClockSource = "bpfClockSource"
 
-	// BPFInsnSet denotes the instruction set version
-	BPFInsnSet = "bpfInsnSet"
-
 	// CiliumLocalRedirectPolicyName is the name of a CiliumLocalRedirectPolicy
 	CiliumLocalRedirectName = "ciliumLocalRedirectPolicyName"
 

diff --git a/test/helpers/cons.go b/test/helpers/cons.go
@@ -219,7 +219,6 @@ const (
 	NACKreceived        = "NACK received for version"                                // from https://github.com/cilium/cilium/issues/4003
 	RunInitFailed       = "JoinEP: "                                                 // from https://github.com/cilium/cilium/pull/5052
 	sizeMismatch        = "size mismatch for BPF map"                                // from https://github.com/cilium/cilium/issues/7851
-	emptyBPFInitArg     = "empty argument passed to bpf/init.sh"                     // from https://github.com/cilium/cilium/issues/10228
 	RemovingMapMsg      = "Removing map to allow for property upgrade"               // from https://github.com/cilium/cilium/pull/10626
 	logBufferMessage    = "Log buffer too small to dump verifier log"                // from https://github.com/cilium/cilium/issues/10517
 	ClangErrorsMsg      = " errors generated."                                       // from https://github.com/cilium/cilium/issues/10857
@@ -291,7 +290,6 @@ var badLogMessages = map[string][]string{
 	NACKreceived:        nil,
 	RunInitFailed:       {"signal: terminated", "signal: killed"},
 	sizeMismatch:        {"globals/cilium_policy"},
-	emptyBPFInitArg:     nil,
 	RemovingMapMsg:      nil,
 	logBufferMessage:    nil,
 	ClangErrorsMsg:      nil,