-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
endpoint: Fix the initialization of endpoints' datapath configs #15228
Conversation
a00ef58
to
a18530b
Compare
a18530b
to
6c708c0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The health related change looks good to me!
I also didn't spot any obvious defects in the rest of the code, but I'm not familiar enough with the datapath.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that this is potentially breaking modes where the cilium-cni specifies datapath configuration options to the cilium-agent, thread below.
a18530b
to
e549fb5
Compare
Runtime failed with know-flake #14676, other builds are passing. Reviews are in. Marking as ready to merge. |
if epTemplate.DatapathConfiguration == nil { | ||
dpConfig := endpoint.NewDatapathConfiguration() | ||
epTemplate.DatapathConfiguration = &dpConfig | ||
} else { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't this mean that endpoint routes mode is only ever applied if the caller specifies the epTemplate.DatapathConfiguration
? Why isn't this broken?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that's my understanding as well 🤔
Not sure why it doesn't break in tests. I've set a reminder to look tomorrow (or at least open an issue if I don't get time to debug).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm still unsure why it's not breaking anything in CI. I suspected that maybe we never received nil epTemplate.DatapathConfiguration
s but checked the client's code and we should receive it. I even went so far as to reproduce the marshalling bits to double check it doesn't turn nil into an empty structure. It doesn't.
If we were hitting this, the agent would consider endpoint routes to be disabled for all new endpoints added via the API AFAICS. Looking at a couple tests with endpoint routes enabled, that's clearly not the case (I see the expected routes and BPF programs).
It's still a bug so I'll send a PR to fix, but we're missing something here 🤔
See commits for details.
Fixes: #13773.