Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator: fix CEP GC #22213

Merged
merged 1 commit into from
Nov 22, 2022
Merged

operator: fix CEP GC #22213

merged 1 commit into from
Nov 22, 2022

Conversation

aanm
Copy link
Member

@aanm aanm commented Nov 16, 2022

When CEP was converted to an internal CEP structure, the UID field was not copied, causing the delete requests of CEPs to have their UID precondition set as empty. When kube-apiserver received this delete request it didn't delete the CEP because an empty CEP UID didn't match an existent UID.

Fixes: 6f7bf6c ("Prevent CiliumEndpoint removal by non-owning agent")

Reported-by: Bruno Custódio bruno@isovalent.com
Signed-off-by: André Martins andre@cilium.io

Fix GC of CEPs that were not GCed by kube-apiserver

@aanm aanm added release-note/bug This PR fixes an issue in a previous release of Cilium. kind/regression This functionality worked fine before, but was broken in a newer release of Cilium. area/operator Impacts the cilium-operator component needs-backport/1.10 labels Nov 16, 2022
@aanm aanm requested a review from bmcustodio November 16, 2022 14:55
@aanm aanm requested a review from a team as a code owner November 16, 2022 14:55
@aanm aanm requested a review from nebril November 16, 2022 14:55
@aanm
operator: fix CEP GC
1853cc1 
When CEP was converted to an internal CEP structure, the UID
field was not copied, causing the delete requests of CEPs to have their
UID precondition set as empty. When kube-apiserver received this delete
request it didn't delete the CEP because an empty CEP UID didn't match
an existent UID.

Fixes: 6f7bf6c ("Prevent CiliumEndpoint removal by non-owning agent")

Reported-by: Bruno Custódio <bruno@isovalent.com>
Signed-off-by: André Martins <andre@cilium.io>
@aanm
Copy link
Member Author

aanm commented Nov 18, 2022

/test

@aanm
Copy link
Member Author

aanm commented Nov 21, 2022

/test-runtime

@aanm aanm merged commit 6c98f15 into cilium:master Nov 22, 2022
@aanm aanm deleted the pr/fix-cep-gc branch November 22, 2022 12:12
@tklauser tklauser mentioned this pull request Nov 22, 2022
Merged
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Backport pending to v1.12 in 1.12.5 Nov 22, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from master in 1.10.18 Nov 22, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from master in 1.11.12 Nov 22, 2022
@tklauser tklauser mentioned this pull request Nov 22, 2022
Merged
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from master to Backport pending to v1.10 in 1.11.12 Nov 22, 2022
@tklauser tklauser mentioned this pull request Nov 22, 2022
Merged
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from master to Backport pending to v1.10 in 1.10.18 Nov 22, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from master to Backport pending to v1.10 in 1.10.18 Nov 22, 2022
@jrajahalme jrajahalme added backport-done/1.12 The backport for Cilium 1.12.x for this PR is done. and removed backport-pending/1.12 labels Nov 24, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.12 to Backport done to v1.12 in 1.12.5 Nov 24, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.10 to Backport done to v1.10 in 1.10.18 Nov 25, 2022
@jrajahalme jrajahalme added backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. and removed backport-pending/1.11 labels Nov 26, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.10 to Backport done to v1.11 in 1.11.12 Nov 26, 2022
This was referenced Dec 15, 2022
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nebril nebril nebril approved these changes

@bmcustodio bmcustodio Awaiting requested review from bmcustodio

Assignees
No one assigned
Labels
area/operator Impacts the cilium-operator component backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. backport-done/1.12 The backport for Cilium 1.12.x for this PR is done. kind/regression This functionality worked fine before, but was broken in a newer release of Cilium. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
No open projects
1.10.18
Backport done to v1.10
1.11.12
Backport done to v1.11
1.12.5
Backport done to v1.12
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@aanm @nebril @tklauser @jrajahalme