-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cilium BGPv1 Reconciler - Handle updated and deprecated Cidr fields for CiliumLoadBalancerIPPool #32694
Conversation
Commit 971fe08 does not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
@dswaffordcw Thanks for the fix! Looks good, could you please also extend the test in |
Note: the |
Hi @dswaffordcw Thanks for the quick fix. Couple of suggestions
|
971fe08
to
32e729b
Compare
Commit 32e729b does not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
32e729b
to
5e93a93
Compare
Commit 5e93a93 does not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
5e93a93
to
dd60d44
Compare
Commit dd60d44 does not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
dd60d44
to
9b69130
Compare
Hi @rastislavs , I updated the tests as follows:
I don't like all the copy-and-paste that's going on there. I thought about re-factoring some of that test out with another function or two but held off. Let me know if you'd like me to explore that. |
9b69130
to
2ea8cb3
Compare
Commit 9b8262e does not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
Thanks @dswaffordcw for the changes. Some minor comments, but overall change looks good.
Let's hold on to that for now - this code will eventually deprecate as we move to BGPv2 reconcilers. Please let me know if you want to contribute to the BGP subsystem. There is plenty to do :) |
One natural change is to make sure BGPv2 Reconciler also have similar fix. Currently, it is only checking for Blocks here. |
9b8262e
to
206c84b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks a lot for updating the tests as well!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚀
One of the check patch is failing with this error |
5c8b33b
to
91c528b
Compare
Hi @dswaffordcw I think check is still failing because of merge commit 5d8961c, instead of merging the main branch into this branch - rebasing this branch on top of the main should resolve this issue. |
5d8961c
to
91c528b
Compare
In cilium@27322f3, the CiliumLoadBalancerIPPool's field named "cidrs" was deprecated. The documentation on https://docs.cilium.io/en/stable/network/lb-ipam/ provides an example of configuring a CiliumLoadBalancerIPPool using the field named "blocks". While testing a BGP policy configured with the Advertised Path Attributes feature, I was not able to achieve the desired policy. BGP attributes configured were not being applied. While discussing this in Cilium's Slack channel, it was pointed out that the BGPv1 reconciler was only aware of the deprecated field. This commit updates Cilium's BGPv1 reconciler to support both the deprecated and updated fields. Fixes: cilium#32693 Signed-off-by: David Swafford <dswafford@coreweave.com>
91c528b
to
1241974
Compare
Thanks @harsimran-pabla! You were right. I had messed up the rebase w/ my local fork. Corrected now. |
/test |
Cilium BGPv1 Reconciler - Handle updated and deprecated Cidr fields for CiliumLoadBalancerIPPool
Please ensure your pull request adheres to the following guidelines:
description and a
Fixes: #XXX
line if the commit addresses a particularGitHub issue.
Fixes: <commit-id>
tag, thenplease add the commit author[s] as reviewer[s] to this issue.
Fixes: #32693
Description
In 27322f3, the CiliumLoadBalancerIPPool's field named "cidrs" was deprecated. The documentation on https://docs.cilium.io/en/stable/network/lb-ipam/ provides an example of configuring a CiliumLoadBalancerIPPool using the field named "blocks". While testing a BGP policy configured with the Advertised Path Attributes feature (https://docs.cilium.io/en/stable/network/bgp-control-plane/#advertised-path-attributes), I was not able to achieve the desired policy. BGP attributes configured were not being applied.
While discussing this in Cilium's Slack channel, it was pointed out that the BGPv1 reconciler was only aware of the deprecated field.
This commit updates Cilium's BGPv1 reconciler to support both the deprecated and updated fields.
Unit Tests
Unit tests were updated as follows:
Manual Testing
For manual testing, I brought up the BGP development environment (see https://docs.cilium.io/en/stable/contributing/development/bgp_cplane/).
Steps included:
Next, I applied the policy below:
Using:
Next, I checked the state of the peers:
At this point, I have not yet spun up any services/pods. I then brought up a "hello-world" application using:
And observed:
Followed by:
Prior to this PR, when a prefix was defined on a
CiliumLoadBalancerIPPool
usingcidrs
, there were no routes advertised. In the above, we see routes advertised.Next, I tore down the lab by running:
After rebuilding the lab, I changed to:
After applying, I see routes as expected:
In one test, I specified both the new and deprecated fields:
Here, I observed the last prefix being used: