docs: Clean up mentions to KPR=partial|strict #27314
Conversation
qmonnet
added
area/documentation
|
/test |
Let me do a couple of tests locally, and get back to you on the above. |
There was a problem hiding this comment.
One general comment I have is that it's tricky when a Helm value is "true"/"false", as a string not boolean, like it's the case for kubeProxyReplacement now. I think all helm upgrade commands need to be adjusted to treat this value as a string, but I haven't actually run them, so ignore me if I'm misremembering my helm.
(docs structure LGTM)
| @@ -93,7 +93,7 @@ The egress gateway feature and all the requirements can be enabled as follow: | |||
| --reuse-values \\ | |||
| --set egressGateway.enabled=true \\ | |||
| --set bpf.masquerade=true \\ | |||
| --set kubeProxyReplacement=strict \\ | |||
| --set kubeProxyReplacement=true \\ | |||
There was a problem hiding this comment.
| --set kubeProxyReplacement=true \\ | |
| --set-string kubeProxyReplacement=true \\ |
I haven't tried it, but IIRC Helm CLI would treat true as a boolean, while the value is string.
The string vs. boolean consideration is also my understanding, but I think we're already handling everything in the charts. We enquote the value for the KPR flag: I did test on my side with
Thanks for the review! |
The "strict" and "partial" mode for kube-proxy replacement (KPR) were deprecated in Cilium 1.14, in favour of the feature being enabled (the flag is set to "true" and all related options are turned on) or disabled (leaving users free to pick the options they want). Let's update the documentation for per-node configuration accordingly and use "true" instead of "strict". Signed-off-by: Quentin Monnet <quentin@isovalent.com>
The "strict" and "partial" mode for kube-proxy replacement (KPR) were deprecated in Cilium 1.14, in favour of the feature being enabled (the flag is set to "true" and all related options are turned on) or disabled (leaving users free to pick the options they want). This commit is a simple update for the cases where "strict" can be replaced with "true" in the documentation. Signed-off-by: Quentin Monnet <quentin@isovalent.com>
The "strict" and "partial" mode for kube-proxy replacement (KPR) were deprecated in Cilium 1.14, in favour of the feature being enabled (the flag is set to "true" and all related options are turned on) or disabled (leaving users free to pick the options they want). This commit updates some references to the legacy modes, and update the surrouinding documentation accordingly. For L7 traffic management, we can narrow the minimal requirements (NodePort rather than full KPR set), and also remove the requirement on Kubernetes version 1.19+, now that 1.19 is the minimal version supported by Cilium anyway. Signed-off-by: Quentin Monnet <quentin@isovalent.com>
qmonnet
force-pushed
the
pr/docs-kpr-strict-update
branch
from
9880664
to
d64a5a0
Compare
|
Merge conflict with 1cb2210 |
I see, thank you! |
CEC is working as expected with nodePort.enabled=true, and kubeProxyReplacement=fase. Sorry for late reply. |
maintainer-s-little-helper
bot
added
the
ready-to-merge
tklauser
added
backport-pending/1.14
joestringer
added
backport-done/1.14
joestringer
moved this from Needs backport from main
to Backport done to v1.14
in 1.14.2
Follow-up to #27222.
Similar to #26577.
Requirement on NodePort only in Documentation/network/servicemesh/l7-traffic-management.rst and Documentation/operations/troubleshooting_servicemesh.rst to be confirmed.