Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v1.6 backports 2020-07-01 #12356

Merged
merged 12 commits into from Jul 1, 2020
Merged

v1.6 backports 2020-07-01 #12356

merged 12 commits into from Jul 1, 2020

Conversation

jrajahalme
Copy link
Member

Once this PR is merged, you can update the PR labels via:

$ for pr in 10564 10730 10851 11280 11530 11905 11993 12109 12214 12248 12353; do contrib/backporting/set-labels.py $pr done 1.6; done

@jrajahalme
test: Update CI to Istio 1.5.0
5dedd56 
[ upstream commit ab5f506 ]

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
test: Update Istio integration to release 1.5.1
3d49a26 
[ upstream commit a754a0c ]

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
istio: Use cilium/istio_pilot:1.5.1-1
7c19b09 
Fixes: #10981
Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
istio: Use cilium-istioctl instead of helm directly
5a0ba4d 
[ upstream commit a1b1cd6 ]

Istio GSG and Istio CI test are modified to downloading the current
version of the cilium-istioctl and use it for Istio deployment.

Istioctl bundles the helm charts and uses a helm library to configure
Kubernetes. Cilium version (cilium-istioctl) adds support for
Cilium-specific configuration of the sidecar proxies and defaults to
Cilium builds of pilot and sidecar proxy so that the user does not
need to set the images explicitly.

'bookinfo-gateway.yaml' is added to examples so that it can be used in
the GSG without requiring downloading Istio yamls.

Both Istio GSG and the CI test now use a namespace label for automatic
sidecar injection. This simplifies application deployment and allows
easier future CI updates as pre-formed application/Istio yamls can now
be removed.

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme jrajahalme added kind/backports This PR provides functionality previously merged into master. backport/1.6 labels Jul 1, 2020
@jrajahalme jrajahalme requested a review from a team as a code owner July 1, 2020 07:21
@jrajahalme jrajahalme mentioned this pull request Jul 1, 2020
Closed
@jrajahalme
Copy link
Member Author

test-backport-1.6

@aanm
Copy link
Member

aanm commented Jul 1, 2020

@jrajahalme it seems the failures were related with the changes from the PR:

/home/jenkins/workspace/Cilium-PR-Ginkgo-Tests-K8s/1.14-gopath/src/github.com/cilium/cilium/test/ginkgo-ext/scopes.go:420
Unable to create resource "/home/vagrant/go/src/github.com/cilium/cilium/test/k8sT/manifests/bookinfo-v2-istio.yaml"
Expected command: kubectl create -f  /home/vagrant/go/src/github.com/cilium/cilium/test/k8sT/manifests/bookinfo-v2-istio.yaml 
To succeed, but it failed:
Exitcode: 1 
Stdout:
 	 
Stderr:
 	 error: the path "/home/vagrant/go/src/github.com/cilium/cilium/test/k8sT/manifests/bookinfo-v2-istio.yaml" does not exist
	 

/home/jenkins/workspace/Cilium-PR-Ginkgo-Tests-K8s/1.14-gopath/src/github.com/cilium/cilium/test/k8sT/istio.go:289

jrajahalme and others added 8 commits July 1, 2020 03:18
@jrajahalme
Istio: Update to release 1.5.2
c8cedca 
[ upstream commit 53f7c5f ]

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
istio: Update to 1.5.4
88d165b 
[ upstream commit eaea136 ]

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
test: Skip Istio test if Ginkgo runs on unsupported runtime.
e0d4e85 
[ upstream commit 471fe63 ]

Skip Istio test if running cilium-istioctl is not supported for the
current Go runtime.

Support running Istio test from OSX by downloading the osx version of
cilium-istioctl if the test suite is running in OSX. This allows
running the Istio test on a remote cluster (e.g., GKE) when Ginkgo is
running on OSX.

On Windows the test is skipped, even though the cilium-istioctl binary
is released also for Windows, but this has not been tested yet.

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@christarazi @jrajahalme
test: Add retries to curl command
5e6ff09 
[ upstream commit 47f8d32 ]

The curl is reaching out to a world / external resource so retrying is
acceptable, and helps test flakes.

Fixes: #11797

Signed-off-by: Chris Tarazi <chris@isovalent.com>
Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
test: Download correct cilium-istioctl for the executing OS.
6bcaee3 
[ upstream commit 12ef7d1 ]

Only use the Ginkgo runtime OS for determining which cilium-istioctl
binary to download is the command executor is local, otherwise default
to "linux". This supports Ginkgo running in OSX both with local and
SSH Executors.

Fixes: #11905
Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
istio: Update to 1.5.6
dc7984d 
[ upstream commit 640f669 ]

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
iptables: Remove '--nowildcard' from socket match
820aa59 
[ upstream commit ca767ee ]

'--no-wildcard' allows the socket match to find zero-bound (listening)
sockets, which we do not want, as this may intercept (reply) traffic
intended for other nodes when an ephemeral source port number
allocated in one node happens to be the same as the allocated proxy
port number in 'this' node (the node doing the iptables socket match
changed here).

Fixes: #12241
Related: #8864
Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme
istio: Update to 1.5.7
fda2965 
[ upstream commit 31f8ba0 ]

Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
@jrajahalme jrajahalme force-pushed the pr/v1.6-backport-2020-07-01 branch from 68e17f3 to fda2965 Compare July 1, 2020 10:19
@jrajahalme
Copy link
Member Author

test-backport-1.6

@joestringer
Copy link
Member

Hit known flake #11895.

@joestringer joestringer merged commit f71a957 into v1.6 Jul 1, 2020
@joestringer joestringer deleted the pr/v1.6-backport-2020-07-01 branch July 1, 2020 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aanm aanm aanm approved these changes

Assignees
No one assigned
Labels
kind/backports This PR provides functionality previously merged into master.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jrajahalme @aanm @joestringer @christarazi