Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Small k8s fixes and optimizations #11545

Merged
merged 10 commits into from May 21, 2020
Merged

Small k8s fixes and optimizations #11545

merged 10 commits into from May 21, 2020

Conversation

aanm
Copy link
Member

@aanm aanm commented May 15, 2020

Read per commit basis

@aanm aanm requested review from tklauser and tgraf May 15, 2020 10:30
@aanm aanm requested review from a team as code owners May 15, 2020 10:30
@aanm aanm requested a review from a team May 15, 2020 10:30
@maintainer-s-little-helper
Copy link

Please set the appropriate release note label.

@maintainer-s-little-helper maintainer-s-little-helper bot added this to In progress in 1.8.0 May 15, 2020
@aanm aanm added the release-note/misc This PR makes changes that have no direct user impact. label May 15, 2020
@aanm
Copy link
Member Author

aanm commented May 15, 2020

test-me-please

@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch from f302a97 to d07db00 Compare May 15, 2020 10:48
@aanm
Copy link
Member Author

aanm commented May 15, 2020

test-me-please

@coveralls
Copy link

coveralls commented May 15, 2020
edited

Coverage Status

Coverage decreased (-0.2%) to 36.864% when pulling 7816922f6fae1e2b4c7c02c9742c39d530422f56 on pr/k8s-fixes-and-optimizations into 4cd69dc on master.

@aanm aanm requested a review from a team as a code owner May 15, 2020 16:41
@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch from 455070e to 0a7cc9d Compare May 15, 2020 16:42
@aanm aanm requested a review from a team May 15, 2020 16:42
@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch 2 times, most recently from df77c16 to ce2421f Compare May 15, 2020 18:12
@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch 4 times, most recently from 01d0ef8 to b7f0ce0 Compare May 18, 2020 16:43
@aanm
Copy link
Member Author

aanm commented May 18, 2020

test-me-please

@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch from b7f0ce0 to 3a644cd Compare May 19, 2020 14:19
@aanm aanm requested a review from tgraf May 19, 2020 14:19
@aanm
Copy link
Member Author

aanm commented May 20, 2020

restest-runtime

1 similar comment
@aanm
Copy link
Member Author

aanm commented May 20, 2020

restest-runtime

@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch 2 times, most recently from dc8b34d to e117981 Compare May 20, 2020 15:12
@aanm
Copy link
Member Author

aanm commented May 20, 2020

test-me-please

@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch from e117981 to 7816922 Compare May 20, 2020 20:01
@aanm aanm requested a review from a team as a code owner May 20, 2020 20:01
@aanm
Copy link
Member Author

aanm commented May 20, 2020

test-me-please

@joestringer
Copy link
Member

Travis hit #11560, will re-kick.

@joestringer
Copy link
Member

Runtime privileged tests hit this:
#11624

@joestringer joestringer mentioned this pull request May 20, 2020
Closed
aanm added 10 commits May 21, 2020 00:35
@aanm
k8s/watchers: set BlockOwnerDeletion to true in CEP
6b6ac1c 
This field should be set to true so that k8s will block the deletion of
Pod until the CEP is also removed by k8s.

Fixes: 08dc8ca ("pkg/endpoint: set Pod as the endpoint owner of a CiliumEndpoint")
Signed-off-by: André Martins <andre@cilium.io>
@aanm
install/kubernetes: set the brief header when request for /healthz
467843a 
Similar to what done with cilium status --brief, we should perform
the HTTP request by sending the same headers set with
`cilium status --brief` to Cilium server.

Fixes: d613dea ("install/kubernetes: use HTTP for agent {liveness,readiness}Probe")
Signed-off-by: André Martins <andre@cilium.io>
@aanm
pkg/endpoint: optimize GetCiliumEndpointStatus
01fd925 
To get a GetCiliumEndpointStatus the function does not need to get an
endpoint model has it is expensive in terms of CPU and memory to do it
so. Thus, GetCiliumEndpointStatus is now optimized to only generate the
api Models for the fields that it actually needs.

Signed-off-by: André Martins <andre@cilium.io>
@aanm
operator/watchers: also store ResourceVersion
5029d8d 
If the resource version is not stored, the watcher won't be able to keep
up the last resource version it has seen for this object type so it will
assume that any event received from kube-apiserver is an event that
should be processed.

Fixes: 3a1bde5 ("types/slim: add slim packages for k8s structures")
Signed-off-by: André Martins <andre@cilium.io>
@aanm
k8s/types: do not store full ObjectMeta for CEPs
9955817 
It's not required to store the full ObjectMeta of CEPs. This will help
to reduce the memory consumption of CEPs since a none of the
ObjectMeta fields are used when processing a CEP k8s event.

Signed-off-by: André Martins <andre@cilium.io>
@aanm
maps/policymap: only dump keys of policy map
289a49f 
When the endpoint is synchronizing the desired policy with the enforced
policy it only uses the policy map keys. This commit introduces a new
function that will only dump the policy map keys, not the values. This
will help to decrease the memory consumption from 32 bytes to 8 bytes
per Policy entry.

Signed-off-by: André Martins <andre@cilium.io>
@aanm
agent/templates: add K8S_SERVICE_{HOST,PORT} in init container
4840a63 
Might be useful to pass the K8S_SERVICE_HOST and K8S_SERVICE_PORT to the
Cilium's init container.

Signed-off-by: André Martins <andre@cilium.io>
@aanm
config/templates: allow to enable health checks with helm options
bb2cd70 
Signed-off-by: André Martins <andre@cilium.io>
@aanm
config/templates: configure ipam mode if neither gke, azure nor eni a…
3ebe02b 
…re enabled

This avoids a duplicated entry for the "ipam" field in case the user
sets the ipam value manually and picks a GKE mode.

Fixes: 787c276 ("gke: Enable native-routing mode on GKE by default")
Signed-off-by: André Martins <andre@cilium.io>
@aanm
config/templates: disable cnp-status update for new installations
0df1fe9 
CNP status updates don't provide any useful information and prevents
Cilium from scaling for large clusters as each CNP node update will
trigger a k8s event to all remaining nodes.

Signed-off-by: André Martins <andre@cilium.io>
@aanm aanm force-pushed the pr/k8s-fixes-and-optimizations branch from 7816922 to 0df1fe9 Compare May 20, 2020 22:36
@aanm
Copy link
Member Author

aanm commented May 20, 2020

test-me-please

jrajahalme
jrajahalme approved these changes May 21, 2020
View reviewed changes
Copy link
Member

@jrajahalme jrajahalme left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice for a change that all the commits were independent of each other :-)

@aanm
Copy link
Member Author

aanm commented May 21, 2020
edited

k8s 1.18 hit #11582 see https://jenkins.cilium.io/job/Cilium-PR-K8s-newest-kernel-4.9/312/
4.9 hit #11076 see https://jenkins.cilium.io/job/Cilium-PR-Runtime-4.9/322/

travis hit #11560 see https://github.com/cilium/cilium/pull/11545/checks?check_run_id=694581151

@aanm aanm merged commit ee55fa5 into master May 21, 2020
1.8.0 automation moved this from In progress to Merged May 21, 2020
@aanm aanm deleted the pr/k8s-fixes-and-optimizations branch May 21, 2020 09:31
@pchaigno pchaigno mentioned this pull request May 26, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joestringer joestringer joestringer left review comments

@tklauser tklauser tklauser approved these changes

@tgraf tgraf tgraf approved these changes

@christarazi christarazi christarazi approved these changes

@jrajahalme jrajahalme jrajahalme approved these changes

Assignees
No one assigned
Labels
release-note/misc This PR makes changes that have no direct user impact.
Projects
No open projects
1.8.0
  
Merged
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@aanm @coveralls @tgraf @joestringer @tklauser @christarazi @jrajahalme