Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v1.15 Backports 2024-02-20 #30863

Merged
merged 9 commits into from Feb 21, 2024
Merged

v1.15 Backports 2024-02-20 #30863

merged 9 commits into from Feb 21, 2024

Conversation

tklauser
Copy link
Member

@tklauser tklauser commented Feb 20, 2024
edited

marseel and others added 5 commits February 20, 2024 10:24
@marseel @tklauser
Network performance: fix native routing case
393c19e 
[ upstream commit dc6cf34 ]

While fixing one of the review comments in PR that introduced this test,
I changed datapath mode to be explicitly set from matrix.mode.
Unfortunately, setting `native` makes it actually use `tunneling` mode.
Switching to `gke` mode resolves this issue.

Fixes #30247

Signed-off-by: Marcel Zieba <marcel.zieba@isovalent.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@brlbil @tklauser
ci: Address AKS release cycle gap
279474c 
[ upstream commit d7f5e58 ]

In the AKS release cycle, a gap exists between the introduction of new supported Kubernetes versions
and the removal of older versions, leading to failures in scheduled tests.
This PR introduces the capability to disable older Kubernetes versions, mitigating test failures.

Signed-off-by: Birol Bilgin <birol@cilium.io>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@brlbil @tklauser
ci: Update tested K8S versions across all cloud providers
95d1b42 
[ upstream commit 14d68f2 ]

This commit revises the Kubernetes versions tested for compatibility across all supported cloud providers.
Additionally, it adjusts the default Kubernetes version to match the default version provided by each cloud provider

Signed-off-by: Birol Bilgin <birol@cilium.io>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@brlbil @tklauser
ci: change ariane config codeowners
672a9c7 
[ upstream commit bb81c06 ]

The current process delegates the review of ariane-config.yaml changes to the contributing group.
With this commit reviewing responsibilities be transferred to the github-sec and ci-structure groups.

Signed-off-by: Birol Bilgin <birol@cilium.io>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@joamaki @tklauser
statedb: Fix race between Observable and DB stopping
f897132 
[ upstream commit 48bd2ac ]

Since "Observable" forks a goroutine that is not tied to the lifecycle of the
application what may occur is that the "observe" goroutine calls DeleteTracker.Close
after DB.Stop, leading to:

    panic: send on closed channel

    goroutine 106 [running]:
    github.com/cilium/cilium/pkg/statedb.(*DeleteTracker[...]).Close(0x0)
        /host/pkg/statedb/deletetracker.go:76 +0x21e

While it would be ideal that goroutines created by statedb would be tied to its lifecycle
and thus Stop() could wait for e.g. all observable goroutines to be finished, it's not
enough as DeleteTracker's may be created outside and stopped after DB. Thus this commit
changes the logic to make it safe to call DeleteTracker.Close() even after the DB has
stopped.

The fix was validated by adding a "defer time.Sleep(100*time.Millisecond)" to observable.go
before the "tracker.Close()" to force it to run after DB.Stop, with it failing with
"send on closed channel" before fix and passing after.

As a future follow-up it would make sense to use a Hive job group tied to DB's
lifecycle to make sure all goroutines are cleaned up (this follow-up will be done against
the cilium/statedb repo as it's being moved there). The fix in this commit is already
part of cilium/statedb repo and does not need to be ported.

Fixes: #30806
Fixes: 23b0492 ("statedb2: StateDB v2.0 with per-table locks and deletion tracking")

Signed-off-by: Jussi Maki <jussi@isovalent.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@tklauser tklauser added kind/backports This PR provides functionality previously merged into master. backport/1.15 This PR represents a backport for Cilium 1.15.x of a PR that was merged to main. labels Feb 20, 2024
@tklauser tklauser marked this pull request as ready for review February 20, 2024 10:26
@tklauser tklauser requested review from a team as code owners February 20, 2024 10:26
@tklauser
Copy link
Member Author

/test-backport-1.15

nathanjsweet and others added 4 commits February 20, 2024 11:42
@nathanjsweet @squeed @tklauser
pkg: Add Bitwise LPM Trie Library
589556b 
[ upstream commit 27430d4 ]

This bitwise lpm trie is a non-thread-safe binary
trie that indexes arbitrarily long bit-based keys
with associated prefixes indexed from most
significant bit to least significant bit using
the longest prefix match algorithm.

Documenting the behavior of the datastructure is
localized around the method calls in the trie.go
file.

The tests specifically test boundary cases for the
various methods and fuzzes the RangeLookup method.

Updating CODEOWNERS to put sig-policy and ipcache
in charge of this library.

Fixes: #29519

Co-authored-by: Casey Callendrello <cdc@isovalent.com>
Signed-off-by: Nate Sweet <nathanjsweet@pm.me>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@brlbil @tklauser
ci: Restrict running tests to only the organization-members team
c91b22e 
[ upstream commit b19321e ]

This commit updates the Ariane configuration to include the GitHub organization team 'organization-members' in the list of allowed teams.
Consequently, only members of this specific team will have the authorization to initiate test runs via issue comments.

Signed-off-by: Birol Bilgin <birol@cilium.io>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@rsafonseca @tklauser
Fix: Remove IP filters from initial GC
2641247 
[ upstream commit 3a00f5b ]

This commit changes the more destructive initial GC of the conntrack that is exectuted during initial agent startup to behave like a normal GC.
The previous implementation doesn't represent any real value anymore and it caused some valid entries to be removed from conntrack, and there's no longer any reason to try to guess which entries could be valid, a regular GC is enough

Fixes: #29667

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@rsafonseca @tklauser
Lint: Remove unused method to appease linter
42ae8b6 
[ upstream commit 5276ce4 ]

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
@tklauser
Copy link
Member Author

/test-backport-1.15

brlbil
brlbil approved these changes Feb 20, 2024
View reviewed changes
Copy link
Contributor

@brlbil brlbil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@tklauser tklauser merged commit c8cf996 into v1.15 Feb 21, 2024
218 checks passed
@tklauser tklauser deleted the pr/v1.15-backport-2024-02-20 branch February 21, 2024 15:58
@jrajahalme jrajahalme mentioned this pull request Mar 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joamaki joamaki joamaki approved these changes

@marseel marseel marseel approved these changes

@ti-mo ti-mo ti-mo approved these changes

@brlbil brlbil brlbil approved these changes

@nathanjsweet nathanjsweet Awaiting requested review from nathanjsweet

Assignees
No one assigned
Labels
backport/1.15 This PR represents a backport for Cilium 1.15.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@tklauser @joamaki @marseel @ti-mo @brlbil @nathanjsweet @rsafonseca