Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
endpoint: set labels outside NewEndpointFromChange
When endpoint API is used to create an endpoint and `EndpointChangeRequest` contains labels, it will not allocate an identity to the endpoint. During `NewEndpointFromChangeModel()` labels are stored in the endpoint model, causing the followup call `ep.UpdateLabels()` to not bump revision during this single `createEndpoint()` call. This means the folloup call to `e.runIdentityResolver()` never happens and the endpoint ends up without identity and with state waiting-for-identity. ``` ENDPOINT IDENTITY LABELS (source:key[=value]) IPv4 STATUS 3236 <no label id> k8s:app=incubator-mynetns3 10.247.1.1 waiting-for-identity k8s:io.cilium.k8s.policy.cluster=default k8s:io.kubernetes.pod.namespace=default ``` This should be allowed, otherwise user can only not set the labels during `createEndpoint()` call and do a followup call `patchEndpoint()` where labels will be set which then triggers regeneration to be triggered and identity allocated. This commit fixes the above issue by letting the caller handle the setting of the endpoint labels and remove them from `NewEndpointFromChangeModel()`. ``` ENDPOINT IDENTITY LABELS (source:key[=value]) IPv4 STATUS 331 21864 k8s:app=incubator-mynetns3 10.247.1.1 ready k8s:io.cilium.k8s.policy.cluster=default k8s:io.kubernetes.pod.namespace=default ``` Fixes: #29776 Signed-off-by: Ondrej Blazek <ondrej.blazek@firma.seznam.cz>
- Loading branch information