From 33146b94810b988843d5fed294f0a79bfdec281e Mon Sep 17 00:00:00 2001
From: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
Date: Fri, 24 Sep 2021 19:57:23 +0300
Subject: [PATCH] CI: Add Calico eBPF in HA mode test (#7710)

* Sample-Inventory: add sample for calico_bpf_enabled

* Calico-Doc: note about CONFIG_NET_SCHED for eBPF support

* CI: Add Calico eBPF in HA mode test
---
 .gitlab-ci/packet.yml                            |  6 ++++++
 docs/calico.md                                   |  2 ++
 .../group_vars/k8s_cluster/k8s-net-calico.yml    |  3 +++
 tests/files/packet_centos8-calico-ha-ebpf.yml    | 16 ++++++++++++++++
 4 files changed, 27 insertions(+)
 create mode 100644 tests/files/packet_centos8-calico-ha-ebpf.yml

diff --git a/.gitlab-ci/packet.yml b/.gitlab-ci/packet.yml
index ecfc222d8..30d6ba3f3 100644
--- a/.gitlab-ci/packet.yml
+++ b/.gitlab-ci/packet.yml
@@ -154,6 +154,12 @@ packet_ubuntu18-flannel-containerd-ha-once:
   extends: .packet_pr
   when: manual
 
+# Calico HA eBPF
+packet_centos8-calico-ha-ebpf:
+  stage: deploy-part2
+  extends: .packet_pr
+  when: manual
+
 packet_debian9-macvlan:
   stage: deploy-part2
   extends: .packet_pr
diff --git a/docs/calico.md b/docs/calico.md
index 4b747d765..2d80d1ba3 100644
--- a/docs/calico.md
+++ b/docs/calico.md
@@ -298,6 +298,8 @@ calico_bpf_enabled: true
 kube_proxy_remove: true
 ```
 
+**NOTE:** there is known incompatibility in using the `kernel-kvm` kernel package on Ubuntu OSes because it is missing support for `CONFIG_NET_SCHED` which is a requirement for Calico eBPF support. When using Calico eBPF with Ubuntu ensure you run the `-generic` kernel.
+
 ### Cleaning up after kube-proxy
 
 Calico node cannot clean up after kube-proxy has run in ipvs mode. If you are converting an existing cluster to eBPF you will need to ensure the `kube-proxy` DaemonSet is deleted and that ipvs rules are cleaned.
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
index 6483320eb..4228c2bf2 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
@@ -89,6 +89,9 @@
 # calico_vxlan_vni: 4096
 # calico_vxlan_port: 4789
 
+# Cenable eBPF mode
+# calico_bpf_enabled: false
+
 # If you want to use non default IP_AUTODETECTION_METHOD for calico node set this option to one of:
 # * can-reach=DESTINATION
 # * interface=INTERFACE-REGEX
diff --git a/tests/files/packet_centos8-calico-ha-ebpf.yml b/tests/files/packet_centos8-calico-ha-ebpf.yml
new file mode 100644
index 000000000..d7be81a97
--- /dev/null
+++ b/tests/files/packet_centos8-calico-ha-ebpf.yml
@@ -0,0 +1,16 @@
+---
+# Instance settings
+cloud_image: centos-8
+mode: ha
+vm_memory: 3072Mi
+
+# Kubespray settings
+kube_network_plugin: calico
+deploy_netchecker: true
+
+calico_bpf_enabled: true
+kube_proxy_remove: true
+loadbalancer_apiserver_localhost: true
+use_localhost_as_kubeapi_loadbalancer: true
+
+auto_renew_certificates: true