Configure network_mtu for platforms

knrt10 · knrt10 · commit 32150668f63b · 2020-09-21T13:06:58.000+05:30
When encrypt_pod_traffic is set to true MTU should be 40 less than the
default value because of wireguard overhead.

Signed-off-by: knrt10 &lt;kautilya@kinvolk.io&gt;
diff --git a/assets/terraform-modules/aws/flatcar-linux/kubernetes/variables.tf b/assets/terraform-modules/aws/flatcar-linux/kubernetes/variables.tf
@@ -113,7 +113,6 @@ variable "asset_dir" {
 variable "network_mtu" {
   description = "CNI interface MTU. Use 8981 if using instances types with Jumbo frames."
   type        = number
-  default     = 1480
 }
 
 variable "host_cidr" {
diff --git a/assets/terraform-modules/bare-metal/flatcar-linux/kubernetes/variables.tf b/assets/terraform-modules/bare-metal/flatcar-linux/kubernetes/variables.tf
@@ -85,7 +85,6 @@ variable "asset_dir" {
 variable "network_mtu" {
   description = "CNI interface MTU"
   type        = number
-  default     = 1480
 }
 
 variable "network_ip_autodetection_method" {
diff --git a/assets/terraform-modules/packet/flatcar-linux/kubernetes/variables.tf b/assets/terraform-modules/packet/flatcar-linux/kubernetes/variables.tf
@@ -88,7 +88,6 @@ variable "asset_dir" {
 variable "network_mtu" {
   description = "CNI interface MTU"
   type        = number
-  default     = 1480
 }
 
 variable "network_ip_autodetection_method" {
diff --git a/pkg/assets/generated_assets.go b/pkg/assets/generated_assets.go
diff --git a/pkg/platform/aws/aws.go b/pkg/platform/aws/aws.go
@@ -109,6 +109,7 @@ func NewConfig() *config {
 		Region:             "eu-central-1",
 		EnableAggregation:  true,
 		EnableTLSBootstrap: true,
+		NetworkMTU:         1480, //nolint:gomnd
 	}
 }
 
diff --git a/pkg/platform/aws/template.go b/pkg/platform/aws/template.go
@@ -42,9 +42,6 @@ module "aws-{{.Config.ClusterName}}" {
   controller_type  = "{{.Config.ControllerType}}"
  {{- end }}
 
-  {{- if .Config.NetworkMTU }}
-  network_mtu = {{.Config.NetworkMTU}}
-  {{- end }}
   enable_reporting = {{.Config.EnableReporting}}
   {{- if .Config.PodCIDR }}
   pod_cidr = "{{.Config.PodCIDR}}"
@@ -100,6 +97,9 @@ module "aws-{{.Config.ClusterName}}" {
 
   {{- if .Config.EncryptPodTraffic }}
   encrypt_pod_traffic = {{.Config.EncryptPodTraffic}}
+  network_mtu = {{ .Config.NetworkMTU }} - 40 # Wireguard overhead
+  {{- else }}
+  network_mtu = {{ .Config.NetworkMTU }}
   {{- end }}
 
   worker_bootstrap_tokens = [
diff --git a/pkg/platform/baremetal/baremetal.go b/pkg/platform/baremetal/baremetal.go
@@ -90,6 +90,7 @@ func NewConfig() *config {
 		OSChannel:          "flatcar-stable",
 		OSVersion:          "current",
 		EnableTLSBootstrap: true,
+		NetworkMTU:         1480, //nolint:gomnd
 	}
 }
 
diff --git a/pkg/platform/baremetal/template.go b/pkg/platform/baremetal/template.go
@@ -32,6 +32,9 @@ module "bare-metal-{{.ClusterName}}" {
 
   {{- if .EncryptPodTraffic }}
   encrypt_pod_traffic = {{ .EncryptPodTraffic }}
+  network_mtu = {{ .NetworkMTU }} - 40 # Wireguard overhead
+  {{- else }}
+  network_mtu = {{ .NetworkMTU }}
   {{- end }}
 
   # configuration
@@ -48,10 +51,6 @@ module "bare-metal-{{.ClusterName}}" {
   worker_macs        = {{.WorkerMacs}}
   worker_domains     = {{.WorkerDomains}}
 
-  {{- if .NetworkMTU }}
-  network_mtu = {{ .NetworkMTU }}
-  {{- end }}
-
   {{- if .KubeAPIServerExtraFlags }}
   kube_apiserver_extra_flags = [
     {{- range .KubeAPIServerExtraFlags }}
diff --git a/pkg/platform/packet/packet.go b/pkg/platform/packet/packet.go
@@ -122,6 +122,7 @@ func NewConfig() *config {
 	return &config{
 		EnableAggregation:  true,
 		EnableTLSBootstrap: true,
+		NetworkMTU:         1480, //nolint:gomnd
 	}
 }
 
diff --git a/pkg/platform/packet/template.go b/pkg/platform/packet/template.go
@@ -55,9 +55,6 @@ module "packet-{{.Config.ClusterName}}" {
 
   enable_aggregation = {{.Config.EnableAggregation}}
 
-  {{- if .Config.NetworkMTU }}
-  network_mtu = {{.Config.NetworkMTU}}
-  {{- end }}
   enable_reporting = {{.Config.EnableReporting}}
 
   {{- if .Config.PodCIDR }}
@@ -115,6 +112,9 @@ EOF
 
   {{- if .Config.EncryptPodTraffic }}
   encrypt_pod_traffic = {{.Config.EncryptPodTraffic}}
+  network_mtu = {{ .Config.NetworkMTU }} - 40 # Wireguard overhead
+  {{- else }}
+  network_mtu = {{ .Config.NetworkMTU }}
   {{- end }}
 
   worker_bootstrap_tokens = [

Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,6 @@ variable "asset_dir" {`
`113`	`113`	`variable "network_mtu" {`
`114`	`114`	`description = "CNI interface MTU. Use 8981 if using instances types with Jumbo frames."`
`115`	`115`	`type = number`
`116`		`- default = 1480`
`117`	`116`	`}`
`118`	`117`
`119`	`118`	`variable "host_cidr" {`
Original file line number	Diff line number	Diff line change
`@@ -85,7 +85,6 @@ variable "asset_dir" {`
`85`	`85`	`variable "network_mtu" {`
`86`	`86`	`description = "CNI interface MTU"`
`87`	`87`	`type = number`
`88`		`- default = 1480`
`89`	`88`	`}`
`90`	`89`
`91`	`90`	`variable "network_ip_autodetection_method" {`
Original file line number	Diff line number	Diff line change
`@@ -88,7 +88,6 @@ variable "asset_dir" {`
`88`	`88`	`variable "network_mtu" {`
`89`	`89`	`description = "CNI interface MTU"`
`90`	`90`	`type = number`
`91`		`- default = 1480`
`92`	`91`	`}`
`93`	`92`
`94`	`93`	`variable "network_ip_autodetection_method" {`
Original file line number	Diff line number	Diff line change
`@@ -109,6 +109,7 @@ func NewConfig() *config {`
`109`	`109`	`Region: "eu-central-1",`
`110`	`110`	`EnableAggregation: true,`
`111`	`111`	`EnableTLSBootstrap: true,`
	`112`	`+ NetworkMTU: 1480, //nolint:gomnd`
`112`	`113`	`}`
`113`	`114`	`}`
`114`	`115`
Original file line number	Diff line number	Diff line change
`@@ -90,6 +90,7 @@ func NewConfig() *config {`
`90`	`90`	`OSChannel: "flatcar-stable",`
`91`	`91`	`OSVersion: "current",`
`92`	`92`	`EnableTLSBootstrap: true,`
	`93`	`+ NetworkMTU: 1480, //nolint:gomnd`
`93`	`94`	`}`
`94`	`95`	`}`
`95`	`96`
Original file line number	Diff line number	Diff line change
`@@ -122,6 +122,7 @@ func NewConfig() *config {`
`122`	`122`	`return &config{`
`123`	`123`	`EnableAggregation: true,`
`124`	`124`	`EnableTLSBootstrap: true,`
	`125`	`+ NetworkMTU: 1480, //nolint:gomnd`
`125`	`126`	`}`
`126`	`127`	`}`
`127`	`128`