v1.8 backports 2020-10-02 #13384
Merged
v1.8 backports 2020-10-02 #13384
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
maintainer-s-little-helper
bot
added
backport/1.8
kind/backports
[ upstream commit 758539b ] Initial guide with results and some basic tuning options for users. Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com> Signed-off-by: Paul Chaignon <paul@cilium.io> Signed-off-by: John Fastabend <john.fastabend@gmail.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 5b68613 ] Added configuration options nodeSelector (deployments) and tolerations (daemonsets and deployments) for all the existing charts: - agent - hubble-relay - hubble-ui - managed-etcd - nodeinit - operator - preflight On the preflight one, I also simplified the tolerations with a single 'operator: Exists'. Other than that, the behaviour with default values should remain identical. Initially, my use case was to be able to avoid having the hubble-relay pods running on tainted nodes. I went forward with updating all the charts as I felt this could probably be useful for others. Signed-off-by: Maxime VISONNEAU <maxime.visonneau@gmail.com> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
errordeveloper
force-pushed
the
pr/v1.8-backport-2020-10-02
branch
from
42c7c9e
to
dc79d2c
Compare
|
test-me-please |
pchaigno
requested changes
Oct 2, 2020
There was a problem hiding this comment.
There's still one documentation error:
Please fix the following documentation warnings:
/src/Documentation/operations/system_requirements.rst:170: WARNING: undefined label: bandwidth-manager (if the link has no caption the label must precede a section header)
Should be easy to fix with git rebase --exec "make render-docs" master.
[ upstream commit deffa27 ] Because network namespace cookies are only available in v5.7+, on older kernels, all pods on a given node will be serviced by the same backend for a given service, for east-west traffic. Fixes: 864f2f9 ("docs: Update list of optional kernel requirements") Reported-by: Martynas Pumputis <m@lambda.lt> Signed-off-by: Paul Chaignon <paul@cilium.io> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
errordeveloper
force-pushed
the
pr/v1.8-backport-2020-10-02
branch
from
dc79d2c
to
78fefca
Compare
|
@pchaigno I just deleted the line, sounds like "bandwidth manager" is a 1.9 feature... 🤔 |
@errordeveloper Yes, that's correct. |
|
@pchaigno for the rest, are you changes looking OK? I think most of them have applied cleanly. |
pchaigno
approved these changes
Oct 2, 2020
[ upstream commit 2371071 ] - Add multi-stream results - Add lower/higher is better labels - use (lat vs batch) and (tput vs batch) plots for TCP_RR - improve text Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 3179a47 ] It is reasonable to support encapsulation with enable-endpoint-routes. The existing code derived a new datapath mode when enable-endpoint-routes was enabled, which automatically disabled encapsulation. Signed-off-by: Thomas Graf <thomas@cilium.io> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 1ed8c87 ] Signed-off-by: Jed Salazar jed@isovalent.com Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 062c942 ] Signed-off-by: Jed Salazar jed@isovalent.com Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 57d3473 ] Rather then hardcoding the /sys/fs/bpf value in bugtool, use the `mountinfo` package (which exposes the information in /proc/self/mounts) to determine the correct mountpoint for the BPF filesystem. Fixes: #13218 Signed-off-by: Gilberto Bertin <gilberto@isovalent.com> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit b71cf0d ] Due to an extra `v` in the branch name, this script would fail with: $ ~/git/cilium/contrib/release/start-release.sh v1.6.12 128 fatal: 'origin/vv1.6' is not a commit and a branch 'pr/prepare-v1.6.12' cannot be created from it Signal ERR caught! Traceback (line function script): 62 main /home/joe/git/cilium/contrib/release/start-release.sh Fix it. While we're at it, update the instructions at the end for next steps, since there's also now a `submit-backport.sh` script to send the PR from the CLI. Signed-off-by: Joe Stringer <joe@cilium.io> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 28b4c96 ] fsnotify Event.Op is a bit mask and testing for strict equality might not detect the event operation correctly. This patch make it so we check for fsnotify event operation consistently as documented at https://github.com/fsnotify/fsnotify. Signed-off-by: Alexandre Perrin <alex@kaworu.ch> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 7257d4a ] Since Cilium sets ownership references on pods, it needs permission to delete pods via finalizers and for that purpose it also needs permissions to set the finalizers on pods. This change is required for OpenShift, however it's based on the GC admission controller that was introduced in Kubernetes 1.5 (kubernetes/kubernetes#34829). Also add explicit permissions for finalizers on all CRs, to ensure that agent and operator can set finalizers on their own resources. Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit b769c64 ] Signed-off-by: Paul Chaignon <paul@cilium.io> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit e4b3689 ] Signed-off-by: Paul Chaignon <paul@cilium.io> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
[ upstream commit 55209b7 ] Signed-off-by: Paul Chaignon <paul@cilium.io> Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
errordeveloper
force-pushed
the
pr/v1.8-backport-2020-10-02
branch
from
78fefca
to
483c7d4
Compare
|
test-me-please |
|
test-gke |
|
test-k8s-1.19 |
|
test-backport-1.8 |
|
retest-4.19 |
|
So I can see this in Jenkins: It looks like an issue with local registry. @nebril can we ignore this for this 1.8 backport? |
|
@errordeveloper let's retest for both failed builds, just to be on the safe side (K8s-1.19-kernel-4.9 failed on provisioning). |
|
test-gke |
|
test-4.9 |
|
The builds that failed due to provisioning issues are not required for backport PRs (is it even expected that they fail?). All other builds are passing, so marking as |
pchaigno
added
the
ready-to-merge
gandro
approved these changes
Oct 6, 2020
maintainer-s-little-helper
bot
removed
the
ready-to-merge
|
Was too late, reviewed my backported commit. LGTM 👍 |
|
Labels updated. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
hubble: Support--sincerequests in combination with follow-mode #13324 -- hubble: Support--sincerequests in combination with follow-mode (@gandro)Once this PR is merged, you can update the PR labels via: