v1.14 Backports 2024-02-08 #30680
Merged
v1.14 Backports 2024-02-08 #30680
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nbusseneau
added
kind/backports
nbusseneau
requested review from
julianwiedmann,
giorio94,
brlbil,
chaunceyjiang,
ldelossa,
hemanthmalla and
tklauser
[ upstream commit b09561c ] The only functions left in egress_policies.h are SRv6 related. Let's rename this to 'srv6.h' and update references to the old file name. Signed-off-by: ldelossa <louis.delos@gmail.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit 2de0fea ] Include a trace reason for SRv6 encapsulation and decapsulation. This greatly improves the debugging process, indicating whether SRv6 VPN related packets are processed by our datapath. Signed-off-by: ldelossa <louis.delos@gmail.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit a6bfb79 ] Consider encap/decap as egress/ingress (respectively) and both as unknown reply ct status. Signed-off-by: Alexandre Perrin <alex@isovalent.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit ed26b07 ] AWS SDK now returns a dedicated error code to indicate the scenario where a subnet is out of capacity for /28 prefixes. This commit updates the fallback logic. The existing fallback logic does not work anymore since the code changed from InvalidParameterValue to InsufficientCidrBlocks Reported-by: Benjamin Pineau <benjamin.pineau@datadoghq.com> Signed-off-by: Hemanth Malla <hemanth.malla@datadoghq.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit bde37df ] Like in other GitHub actions workflows triggered by Ariane, mention the trigger phrase in the workflow name. Signed-off-by: Tobias Klauser <tobias@cilium.io> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit 2823114 ] ci-verifier uses the lvh complexity-test image, not the kind image. Adjust the dependency accordingly. Signed-off-by: Julian Wiedmann <jwi@isovalent.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit bd67597 ] b20038e ("gha: explicilty specify beefier runner type for clustermesh workflows") explicitly configured beefier runners for clustermesh workflows, as they require more power to host two multi-node kind clusters. However, this change turned out to have unexpected billing consequences, even though GitHub recently upgraded [1] the default runners for OSS projects to 4 vCPU and 16GiB of RAM (the same specs of the runner which had been configured). Hence, let's revert this change, and instead make the runner type configurable through an environment variable. This will also make it easier to change the runner type in the future, if needed. [1]: https://github.blog/2024-01-17-github-hosted-runners-double-the-power-for-open-source/ Fixes: b20038e ("gha: explicilty specify beefier runner type for clustermesh workflows") Suggested-by: André Martins <andre@cilium.io> Signed-off-by: Marco Iorio <marco.iorio@isovalent.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit 2c29d8f ] Currently, cloud regions for schedule tests are all over the world. The observation is tests in or close to us regions takes significatly less time than other regions. This causes some of tests being canceled due to timeouts. This commit changes regions to only US or closest regions. Signed-off-by: Birol Bilgin <birol@cilium.io> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit 92c2641 ] Signed-off-by: chaunceyjiang <chaunceyjiang@gmail.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
nbusseneau
force-pushed
the
pr/v1.14-backport-2024-02-08
branch
from
808febc
to
13d3a5e
Compare
|
/test-backport-1.14 |
nbusseneau
force-pushed
the
pr/v1.14-backport-2024-02-08
branch
from
13d3a5e
to
19f2e8f
Compare
[ upstream commit a1089a7 ] [ backporter's notes: we keep masquerade set to false on upgrade tests for 1.14 due to limitations outlined in #14350. However we still backport the rest of the changes as regular non-upgrade tests still benefit from it. ] Currently, BPF masquerade was always disabled in the clustermesh E2E tests due to unintended interactions with Docker iptables rules breaking DNS resolution [1]. Instead, let's explicitly configure external upstream DNS servers for coredns, so that we can also enable this feature when KPR is enabled. While being there, let's also make the KPR setting explicit, instead of relying on the Cilium CLI configuration (which is based on whether the kube-proxy daemonset is present or not). [1]: #23283 Signed-off-by: Marco Iorio <marco.iorio@isovalent.com> Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
[ upstream commit 51b3076 ] Signed-off-by: gailsuccess <157372272+gailsuccess@users.noreply.github.com>
nbusseneau
force-pushed
the
pr/v1.14-backport-2024-02-08
branch
from
19f2e8f
to
ddea402
Compare
|
/test-backport-1.14 |
|
The expected All testing has passed, awaiting for reviews now. |
|
This should be ready to merge as soon as reviews are in. |
hemanthmalla
approved these changes
Feb 8, 2024
julianwiedmann
approved these changes
Feb 8, 2024
sayboras
approved these changes
Feb 9, 2024
sayboras
added
the
ready-to-merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Once this PR is merged, a GitHub action will update the labels of these PRs: