daemon: Add wildcard support to --devices ("eth+") #15697
Conversation
maintainer-s-little-helper
bot
added
the
dont-merge/needs-release-note-label
joamaki
added
the
release-note/minor
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-release-note-label
|
test-me-please |
| c.Assert(detectDevices(true, true), IsNil) | ||
| c.Assert(option.Config.Devices, checker.DeepEquals, []string{"dummy1"}) | ||
| c.Assert(option.Config.DirectRoutingDevice, Equals, "dummy1") | ||
| act() |
There was a problem hiding this comment.
Which one? act()? This function abstracted the namespace setup and act is the actual test function invoked in the new fresh namespace. Perhaps it could use a better name?
There was a problem hiding this comment.
The diff looks a bit funny as I moved a chunk of code around. Perhaps have a look at the whole file? I added withFreshNetNS function that takes a function as argument and it takes care of setting up and tearing down the namespace around the act() function call.
There was a problem hiding this comment.
Aha, I see it now. Maybe s/act/test/?
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
3d09b54
to
7e2bb90
Compare
|
test-me-please |
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
7e2bb90
to
ff3261e
Compare
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
ff3261e
to
a2fbd38
Compare
There was a problem hiding this comment.
The approach looks good!
A few things:
- My comment re duplicates ^^.
- This needs a doc change https://github.com/cilium/cilium/blob/master/Documentation/gettingstarted/kubeproxy-free.rst (rendered https://docs.cilium.io/en/v1.9/gettingstarted/kubeproxy-free/).
daemon/cmd/kube_proxy_replacement.go
Outdated
| if err != nil { | ||
| log.WithError(err).Fatal("Cannot list network devices via netlink") | ||
| } | ||
| var expandedDevices []string |
There was a problem hiding this comment.
I'd use map (e.g. map[string]struct{}) instead to avoid duplicates.
There was a problem hiding this comment.
Added the deduplication and tests for it.
| c.Assert(detectDevices(true, true), IsNil) | ||
| c.Assert(option.Config.Devices, checker.DeepEquals, []string{"dummy1"}) | ||
| c.Assert(option.Config.DirectRoutingDevice, Equals, "dummy1") | ||
| act() |
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
2 times, most recently
from
0b6b6c6
to
676ed2d
Compare
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
676ed2d
to
7238631
Compare
| listed device has to be named the same on all Cilium managed nodes. Alternatively | ||
| if the devices do not match across different nodes, the wildcard option can be | ||
| used, e.g. ``devices=eth+``, which would match any device starting with prefix | ||
| ``eth``. |
There was a problem hiding this comment.
Maybe add that if no device can be matched, then cilium-agent will try to perform the auto detection.
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
7238631
to
868a007
Compare
|
test-me-please |
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
868a007
to
524ed64
Compare
|
test-net-next |
This adds support for device name wildcards to the "--devices" option, e.g. if user specifies "--devices=eth+,en+" the agent will match devices eth0, eth1, en0, etc. Fixes: cilium#15693 Signed-off-by: Jussi Maki <jussi@isovalent.com>
|
test-gke |
|
test-runtime |
|
test-1.20-4.19 |
|
test-1.21-4.9 |
joamaki
force-pushed
the
pr/joamaki/devices-wildcard
branch
from
524ed64
to
db613b4
Compare
|
test-net-next |
|
test-gke |
|
test-runtime |
|
test-1.21-4.9 |
|
test-1.20-4.19 |
There was a problem hiding this comment.
LGTM. An interesting followup would be to allow this to dynamically apply to new devices as they are attached (common in some cloud environments like EKS), but that's more of a "future wishlist" item. In the mean time if users are concerned about matching dynamic devices, they can restart the agent.
maintainer-s-little-helper
bot
moved this from Backport pending to v1.10
to Backport done to v1.10
in 1.10.0-rc2
This adds support for device name wildcards to the "--devices"
option, e.g. if user specifies "--devices=eth+,en+" the agent
will match devices eth0, eth1, en0, etc.
Fixes: #15693