mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
94 lines
3.2 KiB
Plaintext
94 lines
3.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/network_security/ebpf_manager/ebpf-manager-operator-deploy.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="nw-bpfman-operator-deploy_{context}"]
|
|
= Deploying a containerized eBPF program
|
|
|
|
As a cluster administrator, you can deploy an eBPF program to nodes on your cluster. In this procedure, a sample containerized eBPF program is installed in the `go-xdp-counter` namespace.
|
|
|
|
.Prerequisites
|
|
|
|
* You have installed the OpenShift CLI (`oc`).
|
|
* You have an account with administrator privileges.
|
|
* You have installed the eBPF Manager Operator.
|
|
|
|
.Procedure
|
|
|
|
. To download the manifest, enter the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ curl -L https://github.com/bpfman/bpfman/releases/download/v0.5.1/go-xdp-counter-install-selinux.yaml -o go-xdp-counter-install-selinux.yaml
|
|
----
|
|
|
|
. To deploy the sample eBPF application, enter the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f go-xdp-counter-install-selinux.yaml
|
|
----
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
namespace/go-xdp-counter created
|
|
serviceaccount/bpfman-app-go-xdp-counter created
|
|
clusterrolebinding.rbac.authorization.k8s.io/xdp-binding created
|
|
daemonset.apps/go-xdp-counter-ds created
|
|
xdpprogram.bpfman.io/go-xdp-counter-example created
|
|
selinuxprofile.security-profiles-operator.x-k8s.io/bpfman-secure created
|
|
----
|
|
|
|
. To confirm that the eBPF sample application deployed successfully, enter the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get all -o wide -n go-xdp-counter
|
|
----
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
|
|
pod/go-xdp-counter-ds-4m9cw 1/1 Running 0 44s 10.129.0.92 ci-ln-dcbq7d2-72292-ztrkp-master-1 <none> <none>
|
|
pod/go-xdp-counter-ds-7hzww 1/1 Running 0 44s 10.130.0.86 ci-ln-dcbq7d2-72292-ztrkp-master-2 <none> <none>
|
|
pod/go-xdp-counter-ds-qm9zx 1/1 Running 0 44s 10.128.0.101 ci-ln-dcbq7d2-72292-ztrkp-master-0 <none> <none>
|
|
|
|
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
|
|
daemonset.apps/go-xdp-counter-ds 3 3 3 3 3 <none> 44s go-xdp-counter quay.io/bpfman-userspace/go-xdp-counter:v0.5.0 name=go-xdp-counter
|
|
----
|
|
|
|
. To confirm that the example XDP program is running, enter the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get xdpprogram go-xdp-counter-example
|
|
----
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
|
|
NAME BPFFUNCTIONNAME NODESELECTOR STATUS
|
|
go-xdp-counter-example xdp_stats {} ReconcileSuccess
|
|
----
|
|
|
|
. To confirm that the XDP program is collecting data, enter the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc logs <pod_name> -n go-xdp-counter
|
|
----
|
|
+
|
|
Replace `<pod_name>` with the name of an XDP program pod, such as `go-xdp-counter-ds-4m9cw`.
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
2024/08/13 15:20:06 15016 packets received
|
|
2024/08/13 15:20:06 93581579 bytes received
|
|
...
|
|
----
|