New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Always remove AWS-SNAT-CHAIN
rules when running in ENI mode.
#17845
Always remove AWS-SNAT-CHAIN
rules when running in ENI mode.
#17845
Conversation
The current understanding is that we want to remove these rules all the time, as they can cause issues with features such as egress gateway. Signed-off-by: Bruno M. Custódio <brunomcustodio@gmail.com>
To make room in the future for different post-start scripts depending on different Helm values, and also because the current contents of the file really only make sense if ENI mode is enabled. Signed-off-by: Bruno M. Custódio <brunomcustodio@gmail.com>
AWS-SNAT-CHAIN
rules when running in ENI mode.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! 🚀
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The code looks good to me!
Given this is fixing a bug with egress gateway on EKS, shouldn't it be release-note/bug
with a release note clarifying the bug impact for users and backport to v1.10?
/test Job 'Cilium-PR-Runtime-net-next' failed and has not been observed before, so may be related to your PR: Click to show.Test Name
Failure Output
If it is a flake, comment Job 'Cilium-PR-K8s-GKE' failed and has not been observed before, so may be related to your PR: Click to show.Test Name
Failure Output
If it is a flake, comment |
/test-runtime |
GKE failure is unrelated, marking as ready |
Please see each individual commit for details.