Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator: fix identity GC collection #19649

Merged
merged 1 commit into from
Apr 29, 2022
Merged

operator: fix identity GC collection #19649

merged 1 commit into from
Apr 29, 2022

Conversation

aanm
Copy link
Member

@aanm aanm commented Apr 29, 2022

As the operator uses a different constructor for the GC of the
allocator, this constructor was not being initialized with the min and
max values of the identities that it should be GC. This commit adds
those options making it possible for the Operator to GC those
identities.

Fixes: 0c0f965 ("operator: only GC identity keys of its own cluster")
Signed-off-by: André Martins andre@cilium.io

Fixes #19648

@aanm
operator: fix identity GC collection
50d648a 
As the operator uses a different constructor for the GC of the
allocator, this constructor was not being initialized with the min and
max values of the identities that it should be GC. This commit adds
those options making it possible for the Operator to GC those
identities.

Fixes: 0c0f965 ("operator: only GC identity keys of its own cluster")
Signed-off-by: André Martins <andre@cilium.io>
@aanm aanm added release-note/bug This PR fixes an issue in a previous release of Cilium. kind/regression This functionality worked fine before, but was broken in a newer release of Cilium. needs-backport/1.11 labels Apr 29, 2022
@aanm aanm requested review from a team as code owners April 29, 2022 14:58
@aanm aanm requested a review from nebril April 29, 2022 14:58
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from master in 1.11.5 Apr 29, 2022
@aanm aanm mentioned this pull request Apr 29, 2022
Closed
1 task
@aanm
Copy link
Member Author

aanm commented Apr 29, 2022

/test

aditighag
aditighag requested changes Apr 29, 2022
View reviewed changes
Copy link
Member

@aditighag aditighag left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fix seems straightforward so LGTM. But looking at the linked "Fixed" PR, we seem to have different identity allocators, and an operator is required to GC identities only from their cluster. While ideally we should have a unified way of constructing the allocators to avoid such misses, but that's probably out of the scope of your PR. But at the very least, can we add some comments to the code (how min and max are set for the different allocators)?
The linked PR is very light on details in the commit description - aanm@0c0f965.

aditighag
aditighag approved these changes Apr 29, 2022
View reviewed changes
Copy link
Member

@aditighag aditighag left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Synced up offline with André. Looks like the linked PR that introduced this regression relied mainly on unit tests to test the fix? 😕 The unit test passes a different allocator to RunGC.

Edit : Since the regression went unnoticed until now, it's likely that we don't have any e2e tests. :(

@aanm aanm merged commit 6f9fedd into cilium:master Apr 29, 2022
@aanm aanm deleted the pr/fix-kvstore-gc branch April 29, 2022 21:03
christarazi
christarazi reviewed Apr 30, 2022
View reviewed changes
pkg/allocator/allocator.go
// The allocator can be configured by passing in additional options:
// - WithMin(id) - minimum ID to allocate (default: 1)
// - WithMax(id) - maximum ID to allocate (default max(uint64))
func NewAllocatorForGC(backend Backend, opts ...AllocatorOption) *Allocator {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess we can prevent this from ever happening again by making the constructors take the min and max, but maybe that's not useful anymore now. Good catch.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aditi above slightly touched on this.

@aditighag aditighag mentioned this pull request May 2, 2022
Merged
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from master to Backport pending to v1.10 in 1.11.5 May 2, 2022
@aditighag aditighag added backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. and removed backport-pending/1.11 labels May 4, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.10 to Backport done to v1.11 in 1.11.5 May 4, 2022
@aanm aanm mentioned this pull request May 10, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@christarazi christarazi christarazi left review comments

@joestringer joestringer joestringer approved these changes

@aditighag aditighag aditighag approved these changes

@nebril nebril Awaiting requested review from nebril nebril was automatically assigned from cilium/operator

Assignees
No one assigned
Labels
backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. kind/regression This functionality worked fine before, but was broken in a newer release of Cilium. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
No open projects
1.11.5
Backport done to v1.11
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cilium-operator skipped all identity to delete during garbage collect
4 participants
@aanm @joestringer @christarazi @aditighag