v1.11 backports 2021-11-26

.mailmap

@@ -1,4 +1,5 @@
 Àbéjídé Àyodélé <abejideayodele@gmail.com>
+Adam Korcz <adam@adalogics.com>
 Alexei Starovoitov <alexei.starovoitov@gmail.com>
 André Martins <andre@cilium.io>
 Andrew Sy Kim <kim.andrewsy@gmail.com>
@@ -11,21 +12,26 @@ Arvind Soni <arvind@covalent.io>
 Ashwin Paranjpe <ashwin@covalent.io>
 Ashwin Paranjpe <ashwinp.work@gmail.com>
 Barun Acharya <barun1024@gmail.com> <barun.acharya@accuknox.com>
+Barun Acharya <barun1024@gmail.com>
 Bingwu Yang <detailyang@gmail.com>
 Bob Bouteillier <bob.bouteillier@datadoghq.com>
+Bruno Miguel Custódio <brunomcustodio@gmail.com>
 Changyu Wang <changyuwang@tencent.com>
 Charles-Henri Guérin <charles-henri.guerin@zenika.com>
 chenyahui <chenyahui9@jd.com>
 Chen Yaqi <chenyaqi01@baidu.com> <chendotjs@gmail.com>
+Chen Yaqi <chenyaqi01@baidu.com>
 Christine Chen <christine.chen@datadoghq.com>
 Christopher Biscardi <chris@christopherbiscardi.com>
+Claudia J. Kang <claudiajkang@gmail.com>
 Craig Box <craig.box@gmail.com>
 Dan Wendlandt <dan@isovalent.com>
 Daniel Qian <qsj.daniel@gmail.com>
 Darren Mackintosh <unixdaddy@gmail.com>
 Darshan Chaudhary <deathbullet@gmail.com>
 Dawn <lx1960753013@gmail.com>
 Devarshi Sathiya <devarshisathiya5@gmail.com>
+Dmitriy Zinin <admin@kami-no.ru>
 El-Fadel Bonfoh <elfadel@accuknox.com> <bonfohelfadel@gmail.com>
 Fankaixi Li <fankaixi.li@bytedance.com>
 Florian Koch <f0@users.noreply.github.com>
@@ -53,6 +59,7 @@ Kaito Ii <kaitoii1111@gmail.com>
 Karl Heins <karlheins@northwesternmutual.com>
 Kevin Holditch <82885135+kevholditch-f3@users.noreply.github.com>
 Bokang Li <libokang.dev@gmail.com>
+Li Cheng <rapid.li@huolala.cn>
 Lior Rozen <liorr@tailorbrands.com> <liorrozen@users.noreply.github.com>
 Liu Qun <qunliu@zyhx-group.com>
 Livingstone S E <livingstone.s.e@gmail.com>
@@ -62,9 +69,11 @@ Mahadev Panchal <mahadev.panchal@accuknox.com>
 Mandar U Jog <mjog@google.com> <mandarjog@gmail.com>
 Marc Stulz <m@footek.ch>
 Matthew Gumport <me@gum.pt>
+Maxime Visonneau <maxime.visonneau@gmail.com>
 Michael Kashin <mmkashin@gmail.com>
 Michael Vorburger <vorburger@redhat.com>
 Neela Jacques <neela@isovalent.com> <68304471+Neelajacques@users.noreply.github.com>
+Ondrej Blazek <ondrej.blazek@firma.seznam.cz>
 Peiqi Shi <uestc.shi@gmail.com>
 Philippe Lafoucrière <philippe.lafoucriere@gmail.com>
 Pierre-Yves Aillet <pyaillet@gmail.com> <pyaillet@users.noreply.github.com>
@@ -80,7 +89,9 @@ Sergey Generalov <sergey@isovalent.com> <sergey@genbit.ru>
 Tam Mach <sayboras@yahoo.com>
 Thomas Graf <thomas@cilium.io>
 Tobias Mose <tobias.mose@xentom.com>
+Tobias Mose <mosetobias@gmail.com>
 Tomoki Sugiura <cheztomo513@gmail.com> <tomoki.sugiura@mail.shanpu.info>
+Tomoki Sugiura <cheztomo513@gmail.com>
 Tony Lu <tonylu@linux.alibaba.com>
 Trevor Tao <trevor.tao@arm.com>
 Vance Li <vanceli@tencent.com> <liyannois@gmail.com>
@@ -89,6 +100,7 @@ Ville Ojamo <bluikko@users.noreply.github.com> <14869000+bluikko@users.noreply.g
 Vlad Ungureanu <vladu@palantir.com> <ungureanuvladvictor@gmail.com>
 Wayne Haber <whaber@gitlab.com> <41373231+whaber@users.noreply.github.com>
 Weilong Cui <cuiwl@google.com>
+Will Stewart <will@northflank.com>
 Yiannis Yiakoumis <yiannis@selfienetworks.com>
 Youssef Azrak <yazrak.tech@gmail.com>
 Yurii Dzobak <yurii.dzobak@lotusflare.com>

AUTHORS

@@ -2,7 +2,7 @@ The following people, in alphabetical order, have either authored or signed
 off on commits in the Cilium repository:
 
 Àbéjídé Àyodélé                         abejideayodele@gmail.com
-AdamKorcz                               adam@adalogics.com
+Adam Korcz                              adam@adalogics.com
 Adam Wolfe Gordon                       awg@digitalocean.com
 Aditi Ghag                              aditi@cilium.io
 Adrien Trouillaud                       adrienjt@users.noreply.github.com
@@ -42,7 +42,6 @@ Beatriz Martínez                        beatriz@isovalent.com
 Benjamin Pineau                         benjamin.pineau@datadoghq.com
 Bingshen Wang                           bingshen.wbs@alibaba-inc.com
 Bingwu Yang                             detailyang@gmail.com
-Blazek, Ondrej                          ondrej.blazek@firma.seznam.cz
 Bob Bouteillier                         bob.bouteillier@datadoghq.com
 Bokang Li                               libokang.dev@gmail.com
 Bolun Zhao                              blzhao@google.com
@@ -63,7 +62,7 @@ Christian Hörtnagl                      christian2@univie.ac.at
 Christian Hüning                        christian.huening@finleap.com
 Christine Chen                          christine.chen@datadoghq.com
 Christopher Biscardi                    chris@christopherbiscardi.com
-강주희                                  claudiajkang@gmail.com
+Claudia J. Kang                         claudiajkang@gmail.com
 cndoit18                                cndoit18@outlook.com
 Connor Jones                            cj@cjmakes.com
 Craig Box                               craig.box@gmail.com
@@ -93,6 +92,7 @@ Diego Casati                            diego.casati@gmail.com
 Divyansh Kamboj                         divyansh.kamboj@accuknox.com
 Divya Rani                              ranidivya063@gmail.com
 Djalal Harouni                          tixxdz@gmail.com
+Dmitriy Zinin                           admin@kami-no.ru
 Dmitry Kharitonov                       geakstr@me.com
 Dmitry Savintsev                        dsavints@verizonmedia.com
 Dom Del Nano                            ddelnano@gmail.com
@@ -185,6 +185,7 @@ Laurent Bernaille                       laurent.bernaille@datadoghq.com
 Lehner Florian                          dev@der-flo.net
 leonliao                                xiaobo.liao@gmail.com
 Liang Zhou                              zhoul110@chinatelecom.cn
+Li Cheng                                rapid.li@huolala.cn
 LiHui                                   andrewli@yunify.com
 Lior Rozen                              liorr@tailorbrands.com
 Liu Qun                                 qunliu@zyhx-group.com
@@ -216,7 +217,7 @@ Matthew Fenwick                         mfenwick100@gmail.com
 Matthew Gumport                         me@gum.pt
 Matt Layher                             mdlayher@gmail.com
 Mauricio Vásquez                        mauricio@kinvolk.io
-Maxime VISONNEAU                        maxime.visonneau@gmail.com
+Maxime Visonneau                        maxime.visonneau@gmail.com
 Maximilian Bischoff                     maximilian.bischoff@inovex.de
 Maximilian Mack                         max@mack.io
 Melissa Peiffer                         mbp83@nau.edu
@@ -242,6 +243,7 @@ Nick M                                  4718+rkage@users.noreply.github.com
 Nicolas Busseneau                       nicolas@isovalent.com
 Nirmoy Das                              ndas@suse.de
 Ole Markus With                         o.with@sportradar.com
+Ondrej Blazek                           ondrej.blazek@firma.seznam.cz
 Patrice Peterson                        patrice.peterson@mailbox.org
 Patrick Mahoney                         pmahoney@greenkeytech.com
 Patrik Cyvoct                           patrik@ptrk.io
@@ -309,6 +311,7 @@ Timo Beckers                            timo@isovalent.com
 Timo Reimann                            ttr314@googlemail.com
 Tobias Klauser                          tobias@cilium.io
 Tobias Kohlbau                          tobias@kohlbau.de
+Tobias Mose                             mosetobias@gmail.com
 Tom Hadlaw                              thomas.hadlaw@hootsuite.com
 Tomoki Sugiura                          cheztomo513@gmail.com
 Tom Payne                               tom@isovalent.com
@@ -336,8 +339,7 @@ Wazir Ahmed                             wazir@accuknox.com
 Weilong Cui                             cuiwl@google.com
 Wenxian Li                              wofanli@gmail.com
 Will Deuschle                           wdeuschle@palantir.com
-Will                                    will@northflank.com
-xentobias                               mosetobias@gmail.com
+Will Stewart                            will@northflank.com
 Xinyuan Zhang                           zhangxinyuan@google.com
 Yiannis Yiakoumis                       yiannis@selfienetworks.com
 Yongkun Gui                             ygui@google.com
@@ -351,8 +353,6 @@ Zang Li                                 zangli@google.com
 Zhang Qiang                             qiangzhang@qiyi.com
 Zhiyuan Hou                             zhiyuan2048@linux.alibaba.com
 Zhu Yan                                 hackzhuyan@gmail.com
-Zinin D.A                               admin@kami-no.ru
-李成(rapid.li)                          rapid.li@huolala.cn
 
 The following additional people are mentioned in commit logs as having provided
 helpful bug reports, suggestions or have otherwise provided value to the

CODEOWNERS

@@ -127,7 +127,6 @@ Makefile* @cilium/build
 /Documentation/policy/ @cilium/policy @cilium/docs-structure
 /Documentation/requirements.txt @cilium/docs-structure
 /Documentation/spelling_wordlist.txt @cilium/docs-structure
-/Documentation/tech-preview.rst @cilium/docs-structure
 /Documentation/update-cmdref.sh @cilium/docs-structure
 /Documentation/update-spelling_wordlist.sh @cilium/docs-structure
 /Documentation/yaml.config @cilium/docs-structure

Documentation/cheatsheet.rst

@@ -172,30 +172,6 @@ Remove all policies
     cilium policy delete --all
 
 
-Tracing
-~~~~~~~
-
-
-Check policy enforcement between two labels on port 80:
-
-.. code-block:: shell-session
-
-    cilium policy trace -s <app.from> -d <app.to> --dport 80
-
-
-Check policy enforcement between two identities
-
-.. code-block:: shell-session
-
-    cilium policy trace --src-identity <from-id> --dst-identity <to-id>
-
-Check policy enforcement between two pods:
-
-.. code-block:: shell-session
-
-    cilium policy trace --src-k8s-pod <namespace>:<pod.from> --dst-k8s-pod <namespace>:<pod.to>
-
-
 Monitoring
 ~~~~~~~~~~~
 

Documentation/concepts/ebpf/intro.rst

@@ -45,19 +45,6 @@ hook see :ref:`bpf_guide`.
   attached to the tc ingress hook as well Cilium can monitor and enforce
   policy on all traffic entering or exiting the node.
 
-  Depending on the use case, containers may also be connected through ipvlan
-  devices instead of a veth pair. In this mode, the physical device in the
-  host is the ipvlan master where virtual ipvlan devices in slave mode are
-  set up inside the container. One of the benefits of ipvlan over a veth pair
-  is that the stack requires less resources to push the packet into the
-  ipvlan slave device of the other network namespace and therefore may
-  achieve better latency results. This option can be used for unprivileged
-  containers. The BPF programs for tc are then attached to the tc egress
-  hook on the ipvlan slave device inside the container's network namespace
-  in order to have Cilium apply L3/L4 endpoint policy, for example, combined
-  with another BPF program running on the tc ingress hook of the ipvlan master
-  such that also incoming traffic on the node can be enforced.
-
 * **Socket operations:** The socket operations hook is attached to a specific
   cgroup and runs on TCP events. Cilium attaches a BPF socket operations
   program to the root cgroup and uses this to monitor for TCP state transitions,