-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
endpoint: Add DebugPolicy option #14112
Conversation
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks solid - hope you can use this to debug issues more easily in the future :-)
test-me-please |
retest-4.9 |
@@ -114,3 +139,61 @@ func (e *Endpoint) UpdateLogger(fields map[string]interface{}) { | |||
|
|||
atomic.StorePointer(&e.logger, unsafe.Pointer(l)) | |||
} | |||
|
|||
func (e *Endpoint) updatePolicyLogger(fields map[string]interface{}) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The caller need to hold Endpoint.mutex
for writing correct? If yes, can we add a comment please?
About UpdateLogger
comment on holding the mutex, my understanding is that the caller must hold Endpoint.mutex
(not Endpoint.Mutex
) for writing (not for reading) even when fields
is nil
as we can reach the atomic.StorePointer
at line 140.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update the locking comments ;-)
Add endpoint DebugPolicy option that, if enabled, logs endpoint policy map update details to /var/run/cilium/state/endpoint-policy.log. The new DebugPolicy option is enabled if the new flag --debug-verbose=policy is set, but can be enabled also independently via: cilium endpoint config <EPID> DebugPolicy=true Signed-off-by: Martynas Pumputis <m@lambda.lt> Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
Endpoint's Mutex has been renamed as 'mutex'. Update comments to reflect this and also the lock level requirement (Lock for writing, RLock for reading). Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
ec51408
to
4d922b4
Compare
All tests passed before adding changes to comments only, no need to retest. |
Add endpoint DebugPolicy option that, if enabled, logs endpoint policy
map update details to /var/run/cilium/state/endpoint-policy.log.
The new DebugPolicy option is enabled if the new flag
--debug-verbose=policy is set, but can be enabled also independently
via:
cilium endpoint config DebugPolicy=true
This feature was first developed in the v1.7 branch, so no 1.7 backport is needed.
Signed-off-by: Martynas Pumputis m@lambda.lt
Signed-off-by: Jarno Rajahalme jarno@covalent.io