New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v1.7 backports 2020-06-30 #12354
Merged
Merged
v1.7 backports 2020-06-30 #12354
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
christarazi
added
backport/1.7
kind/backports
This PR provides functionality previously merged into master.
labels
Jul 1, 2020
test-backport-1.7 |
christarazi
force-pushed
the
pr/v1.7-backport-2020-06-30-2
branch
from
July 1, 2020 03:18
93b5f17
to
35235ff
Compare
test-backport-1.7 |
christarazi
force-pushed
the
pr/v1.7-backport-2020-06-30-2
branch
from
July 1, 2020 03:32
35235ff
to
ee658f2
Compare
test-backport-1.7 |
[ upstream commit 606736c ] Signed-off-by: Rene Zbinden <rene.zbinden@postfinance.ch> Signed-off-by: André Martins <andre@cilium.io>
[ upstream commit e7d4f5c ] Signed-off-by: Rene Zbinden <rene.zbinden@postfinance.ch> Signed-off-by: André Martins <andre@cilium.io>
[ upstream commit 93d32dd ] Otherwise, when running with IPv6-only the agent fails with the following: level=fatal msg="Error while creating daemon" error="invalid daemon configuration: native routing cidr must be configured with option --native-routing-cidr in combination with --masquerade --tunnel=disabled --ipam=hostscope-legacy" subsys=daemon Also, we currently do not masquerade IPv6. Fixes: e7d4f5c ("daemon: validate IPv4NativeRoutingCIDR value in DaemonConfig") Signed-off-by: Martynas Pumputis <m@lambda.lt> Signed-off-by: André Martins <andre@cilium.io>
[ upstream commit fc94aa1 ] As we are currently running our CI with a CIDR from the Cilium-Operator, which is "10.0.0.0/16", we should set it as part of our 'nativeRoutingCIDR'. Fixes: ace902d ("helm: Enable BPF masquerading by default") Signed-off-by: André Martins <andre@cilium.io> Signed-off-by: Chris Tarazi <chris@isovalent.com>
[ upstream commit ae19a9d ] Having a init function to initialize all structures does not initialize the different fields of 'CNPCRV' in case this variable is accessed outside the 'v2/client' package. Replacing the 'init' function with dedicated functions that initialize those fields allows 'CNPCRV' to have the fields rightfully initialized. Signed-off-by: André Martins <andre@cilium.io>
aanm
force-pushed
the
pr/v1.7-backport-2020-06-30-2
branch
from
July 1, 2020 09:12
ee658f2
to
282bec9
Compare
test-backport-1.7 |
I have a fix for the unit test failures locally. Will repush once all other tests finish. |
test-upstream-k8s |
all tests have passed, I'll re-push the PR with the unit tests fixed, once the unit tests have passed we can merge this PR |
[ upstream commit f5b1887 ] From now on, the validation schema for MatchLabels will only allow at maximum of 63 characters with the regex '^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$' similar to what is used in k8s structures: "Valid label values must be 63 characters or less and must be empty or begin and end with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between." Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ This fixes an issue where a user could create a badly defined CNP which wouldn't have a map[string]string in the matchLabels field. This CNP would then be accepted by the kube-apiserver and make Cilium error out and possibly crashing. Unfortunately not all k8s version support this fix and we can only backport it to Cilium versions that have a minimum support for k8s >= 1.11. Signed-off-by: André Martins <andre@cilium.io>
aanm
force-pushed
the
pr/v1.7-backport-2020-06-30-2
branch
from
July 1, 2020 12:49
282bec9
to
4f9355a
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I had to backport the following PRs due lack of existing code:
Once this PR is merged, you can update the PR labels via: