cilium · tklauser · Dec 14, 2022 · Dec 13, 2022 · Dec 13, 2022 · Dec 13, 2022
diff --git a/connectivity/check/context.go b/connectivity/check/context.go
@@ -509,18 +509,12 @@ func (ct *ConnectivityTest) initCiliumPods(ctx context.Context) error {
 func (ct *ConnectivityTest) DetectMinimumCiliumVersion(ctx context.Context) (*semver.Version, error) {
 	var minVersion *semver.Version
 	for name, ciliumPod := range ct.ciliumPods {
-		stdout, err := ciliumPod.K8sClient.ExecInPod(ctx, ciliumPod.Pod.Namespace, ciliumPod.Pod.Name,
-			defaults.AgentContainerName, []string{"cilium", "version", "-o", "jsonpath={$.Daemon.Version}"})
-		if err != nil {
-			return nil, fmt.Errorf("unable to fetch cilium version on pod %q: %w", name, err)
-		}
-		v, _, _ := strings.Cut(strings.TrimSpace(stdout.String()), "-") // strips proprietary -releaseX suffix
-		podVersion, err := semver.Parse(v)
+		podVersion, err := ciliumPod.K8sClient.GetCiliumVersion(ctx, ciliumPod.Pod)
 		if err != nil {
 			return nil, fmt.Errorf("unable to parse cilium version on pod %q: %w", name, err)
 		}
 		if minVersion == nil || podVersion.LT(*minVersion) {
-			minVersion = &podVersion
+			minVersion = podVersion
 		}
 	}
 

diff --git a/k8s/client.go b/k8s/client.go
@@ -808,6 +808,29 @@ func getCiliumVersionFromImage(image string) (string, error) {
 	return version, nil
 }
 
+// GetCiliumVersion returns a semver.Version representing the version of cilium
+// running in the cilium-agent pod
+func (c *Client) GetCiliumVersion(ctx context.Context, p *corev1.Pod) (*semver.Version, error) {
+	o, _, err := c.ExecInPodWithStderr(
+		ctx,
+		p.Namespace,
+		p.Name,
+		defaults.AgentContainerName,
+		[]string{"cilium", "version", "-o", "jsonpath={$.Daemon.Version}"},
+	)
+	if err != nil {
+		return nil, fmt.Errorf("unable to fetch cilium version on pod %q: %w", p.Name, err)
+	}
+
+	v, _, _ := strings.Cut(strings.TrimSpace(o.String()), "-") // strips proprietary -releaseX suffix
+	podVersion, err := semver.Parse(v)
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse cilium version on pod %q: %w", p.Name, err)
+	}
+
+	return &podVersion, nil
+}
+
 func (c *Client) GetRunningCiliumVersion(ctx context.Context, namespace string) (string, error) {
 	pods, err := c.ListPods(ctx, namespace, metav1.ListOptions{LabelSelector: defaults.AgentPodSelector})
 	if err != nil {

diff --git a/sysdump/client.go b/sysdump/client.go
@@ -15,6 +15,7 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 
+	"github.com/blang/semver/v4"
 	ciliumv2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2"
 	ciliumv2alpha1 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2alpha1"
 
@@ -37,6 +38,7 @@ type KubernetesClient interface {
 	GetLogs(ctx context.Context, namespace, name, container string, sinceTime time.Time, limitBytes int64, previous bool) (string, error)
 	GetPodsTable(ctx context.Context) (*metav1.Table, error)
 	GetSecret(ctx context.Context, namespace, name string, opts metav1.GetOptions) (*corev1.Secret, error)
+	GetCiliumVersion(ctx context.Context, p *corev1.Pod) (*semver.Version, error)
 	GetVersion(ctx context.Context) (string, error)
 	ListCiliumClusterwideNetworkPolicies(ctx context.Context, opts metav1.ListOptions) (*ciliumv2.CiliumClusterwideNetworkPolicyList, error)
 	ListCiliumClusterwideEnvoyConfigs(ctx context.Context, opts metav1.ListOptions) (*ciliumv2.CiliumClusterwideEnvoyConfigList, error)

diff --git a/sysdump/sysdump.go b/sysdump/sysdump.go
@@ -15,6 +15,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/cilium/cilium/pkg/versioncheck"
 	"github.com/cilium/workerpool"
 	"github.com/mholt/archiver/v3"
 	corev1 "k8s.io/api/core/v1"
@@ -1194,8 +1195,20 @@ func (c *Collector) submitCiliumBugtoolTasks(ctx context.Context, pods []*corev1
 				}
 			}()
 
+			// Default flags for cilium-bugtool
+			bugtoolFlags := []string{"--archiveType=gz"}
+			ciliumVersion, err := c.Client.GetCiliumVersion(ctx, p)
+			if err == nil {
+				// This flag is not available in older versions
+				if versioncheck.MustCompile(">=1.13.0")(*ciliumVersion) {
+					bugtoolFlags = append(bugtoolFlags, "--exclude-object-files")
+				}
+			}
+			// Additional flags
+			bugtoolFlags = append(bugtoolFlags, c.Options.CiliumBugtoolFlags...)
+
 			// Run 'cilium-bugtool' in the pod.
-			command := append([]string{ciliumBugtoolCommand, "--archiveType=gz"}, c.Options.CiliumBugtoolFlags...)
+			command := append([]string{ciliumBugtoolCommand}, bugtoolFlags...)
 
 			c.logDebug("Executing cilium-bugtool command: %v", command)
 			o, e, err := c.Client.ExecInPodWithStderr(ctx, p.Namespace, p.Name, containerName, command)

diff --git a/sysdump/sysdump_test.go b/sysdump/sysdump_test.go
@@ -24,6 +24,7 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 
+	"github.com/blang/semver/v4"
 	ciliumv2 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2"
 	ciliumv2alpha1 "github.com/cilium/cilium/pkg/k8s/apis/cilium.io/v2alpha1"
 	"github.com/stretchr/testify/assert"
@@ -256,6 +257,10 @@ func (c *fakeClient) ExecInPodWithStderr(ctx context.Context, namespace, pod, co
 	return *bytes.NewBuffer(out.stdout), *bytes.NewBuffer(out.stderr), out.err
 }
 
+func (c *fakeClient) GetCiliumVersion(ctx context.Context, p *corev1.Pod) (*semver.Version, error) {
+	panic("implement me")
+}
+
 func (c *fakeClient) GetConfigMap(ctx context.Context, namespace, name string, opts metav1.GetOptions) (*corev1.ConfigMap, error) {
 	panic("implement me")
 }