v1.11 Backports 2023-05-03 Cont #25349
Conversation
Don't be sorry. Use the scripts. |
|
@YutaroHayakawa Please skip the PR backport. I'll backport it manually to 1.11. Thanks! |
There was a problem hiding this comment.
There is no bgp change in this, fix is already backported here #25139.
[ upstream commit 9e83a6f ] Cilium is currently affected by a known bug (#24692) when NodePorts are handled by the KPR implementation, which occurs when the same NodePort is used both in the local and the remote cluster. This causes all traffic targeting that NodePort to be redirected to a local backend, regardless of whether the destination node belongs to the local or the remote cluster. This affects also the clustermesh-apiserver NodePort service, which is configured by default with a fixed port. Hence, let's add a warning message to the corresponding values file setting. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com> Signed-off-by: Jussi Maki <jussi@isovalent.com> Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
[ upstream commit 11e1bcc ] This is to add a small docs for version matrix between Cilium and Cilium envoy versions, which is useful with the upcoming work to move envoy proxy out of Cilium agent container. Co-authored-by: ZSC <zacharysarah@users.noreply.github.com> Signed-off-by: Tam Mach <sayboras@yahoo.com> Signed-off-by: Jussi Maki <jussi@isovalent.com> Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
[ upstream commit db3e015 ] Before this patch, we would hit a controller-gen[1] bug when the temporary file would be of the form tmp.0oXXXXXX. This patch uses a custom mktemp template that will not trigger the bug. [1]: kubernetes-sigs/controller-tools#734 Signed-off-by: Alexandre Perrin <alex@isovalent.com> Signed-off-by: Jussi Maki <jussi@isovalent.com> Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
[ upstream commit 9a38aec ] We've been distributing ARM architecture images for Cilium for almost two years, but neglected to mention this up front in the system requirements or the main docs page. Add this to the docs. Signed-off-by: Joe Stringer <joe@cilium.io> Signed-off-by: Jussi Maki <jussi@isovalent.com> Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
[ upstream commit e695e48 ] Running the test in a cpu constrained environment, such as: ``` docker run -v $(pwd):$(pwd) -w $(pwd) --cpus=0.1 -it golang:bullseye ./inctimer.test -test.v ``` I can fairly consistency reproduce a flake where the inctimer.After does not fire in time. If I allow it to wait for an additional couple of ms, this seems to be sufficient to prevent failure. It appears that goroutine scheduling latency can be significantly delayed in cpu restricted environments. This seems unavoidable, so to fix the flake I'll allow the test to wait another 2ms to see if the inctimer eventually fires. This will also log an error for delayed test fires, so if there is any other issues we can more easily debug them in the future. Fixed: #25202 Signed-off-by: Tom Hadlaw <tom.hadlaw@isovalent.com> Signed-off-by: Jussi Maki <jussi@isovalent.com> Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
YutaroHayakawa
force-pushed
the
pr/v1.11-backport-2023-05-03
branch
from
53088a5
to
b334996
Compare
|
Dropped Aditi's PR. |
|
/test-backport-1.11 Job 'Cilium-PR-K8s-1.22-kernel-4.19' failed: Click to show.Test NameFailure OutputJenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.22-kernel-4.19/1665/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. Job 'Cilium-PR-K8s-1.21-kernel-4.9' failed: Click to show.Test NameFailure OutputJenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.21-kernel-4.9/2621/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. |
|
k8s-1.21-kernel-4.9: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.21-kernel-4.9/2621/ |
|
/test-1.21-4.9 |
|
/test-1.22-4.19 |
|
Conformance AWS-CNI: https://github.com/cilium/cilium/actions/runs/4942916632 Timeout while connecting to EKS kubernetes service. Probably, the AWS side of the issue. Let me retry. |
|
/ci-awscni-1.11 |
|
All green. Ready to merge. |
YutaroHayakawa
added
the
ready-to-merge
|
@YutaroHayakawa @youngnick Run the script to mark backports done. Noticed that you had dropped #24770, marked it back to |
|
@jrajahalme Thanks for running the script. #24770 will be handled by Aditi. |
This PR is a successor of #25250. I didn't make any changes for those who are already approved in the old PR, so you don't have to review this again.
For those who are notified even if you are not listed as a reviewer now, sorry for the spam. I mistakenly open the PR against
mainat the beginning, and that made a huge diff.Once this PR is merged, you can update the PR labels via:
or with