titan-iac/services/maintenance/titan-22-link-keeper-daemonset.yaml

# services/maintenance/titan-22-link-keeper-daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: titan-22-link-keeper
  namespace: maintenance
  labels:
    app: titan-22-link-keeper
spec:
  selector:
    matchLabels:
      app: titan-22-link-keeper
  template:
    metadata:
      labels:
        app: titan-22-link-keeper
    spec:
      hostNetwork: true
      hostPID: true
      nodeSelector:
        kubernetes.io/hostname: titan-22
      tolerations:
        - key: node.kubernetes.io/unschedulable
          operator: Exists
          effect: NoSchedule
        - key: node.kubernetes.io/not-ready
          operator: Exists
          effect: NoExecute
        - key: node.kubernetes.io/unreachable
          operator: Exists
          effect: NoExecute
        - key: node.kubernetes.io/unreachable
          operator: Exists
          effect: NoSchedule
        - key: node.kubernetes.io/disk-pressure
          operator: Exists
          effect: NoSchedule
        - key: node.kubernetes.io/memory-pressure
          operator: Exists
          effect: NoSchedule
        - key: node.kubernetes.io/pid-pressure
          operator: Exists
          effect: NoSchedule
        - key: node.kubernetes.io/network-unavailable
          operator: Exists
          effect: NoSchedule
      containers:
        - name: link-keeper
          image: bitnami/kubectl@sha256:554ab88b1858e8424c55de37ad417b16f2a0e65d1607aa0f3fe3ce9b9f10b131
          imagePullPolicy: IfNotPresent
          securityContext:
            privileged: true
            runAsUser: 0
          command:
            - /bin/bash
            - -lc
            - |
              set -u
              while true; do
                nsenter -t 1 -m -u -i -n -p -- /bin/sh -lc '
                  date -Is
                  ip link set enp5s0 up || true
                  ethtool --set-eee enp5s0 eee off || true
                  ethtool -s enp5s0 advertise 0x020 autoneg on || true
                  sleep 3

                  stable=true
                  for _ in 1 2 3 4 5; do
                    if ! ethtool enp5s0 | grep -q "Link detected: yes"; then
                      stable=false
                    fi
                    sleep 2
                  done

                  if [ "${stable}" != "true" ]; then
                    echo "link not stable at 1G-only; falling back to 100M-only autoneg"
                    ethtool -s enp5s0 advertise 0x008 autoneg on || true
                    sleep 5
                  fi

                  ethtool --show-eee enp5s0 || true
                  ethtool enp5s0 | sed -n "1,45p" || true
                  ip -br addr show enp5s0 || true
                '
                sleep 30
              done