New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Small k8s fixes and optimizations #11545
Conversation
Please set the appropriate release note label. |
test-me-please |
f302a97
to
d07db00
Compare
test-me-please |
Coverage decreased (-0.2%) to 36.864% when pulling 7816922f6fae1e2b4c7c02c9742c39d530422f56 on pr/k8s-fixes-and-optimizations into 4cd69dc on master. |
455070e
to
0a7cc9d
Compare
df77c16
to
ce2421f
Compare
01d0ef8
to
b7f0ce0
Compare
test-me-please |
b7f0ce0
to
3a644cd
Compare
restest-runtime |
1 similar comment
restest-runtime |
dc8b34d
to
e117981
Compare
test-me-please |
e117981
to
7816922
Compare
test-me-please |
Travis hit #11560, will re-kick. |
Runtime privileged tests hit this: |
This field should be set to true so that k8s will block the deletion of Pod until the CEP is also removed by k8s. Fixes: 08dc8ca ("pkg/endpoint: set Pod as the endpoint owner of a CiliumEndpoint") Signed-off-by: André Martins <andre@cilium.io>
Similar to what done with cilium status --brief, we should perform the HTTP request by sending the same headers set with `cilium status --brief` to Cilium server. Fixes: d613dea ("install/kubernetes: use HTTP for agent {liveness,readiness}Probe") Signed-off-by: André Martins <andre@cilium.io>
To get a GetCiliumEndpointStatus the function does not need to get an endpoint model has it is expensive in terms of CPU and memory to do it so. Thus, GetCiliumEndpointStatus is now optimized to only generate the api Models for the fields that it actually needs. Signed-off-by: André Martins <andre@cilium.io>
If the resource version is not stored, the watcher won't be able to keep up the last resource version it has seen for this object type so it will assume that any event received from kube-apiserver is an event that should be processed. Fixes: 3a1bde5 ("types/slim: add slim packages for k8s structures") Signed-off-by: André Martins <andre@cilium.io>
It's not required to store the full ObjectMeta of CEPs. This will help to reduce the memory consumption of CEPs since a none of the ObjectMeta fields are used when processing a CEP k8s event. Signed-off-by: André Martins <andre@cilium.io>
When the endpoint is synchronizing the desired policy with the enforced policy it only uses the policy map keys. This commit introduces a new function that will only dump the policy map keys, not the values. This will help to decrease the memory consumption from 32 bytes to 8 bytes per Policy entry. Signed-off-by: André Martins <andre@cilium.io>
Might be useful to pass the K8S_SERVICE_HOST and K8S_SERVICE_PORT to the Cilium's init container. Signed-off-by: André Martins <andre@cilium.io>
Signed-off-by: André Martins <andre@cilium.io>
…re enabled This avoids a duplicated entry for the "ipam" field in case the user sets the ipam value manually and picks a GKE mode. Fixes: 787c276 ("gke: Enable native-routing mode on GKE by default") Signed-off-by: André Martins <andre@cilium.io>
CNP status updates don't provide any useful information and prevents Cilium from scaling for large clusters as each CNP node update will trigger a k8s event to all remaining nodes. Signed-off-by: André Martins <andre@cilium.io>
7816922
to
0df1fe9
Compare
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice for a change that all the commits were independent of each other :-)
Read per commit basis