-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v1.13 Backports 2023-05-16 #25503
v1.13 Backports 2023-05-16 #25503
Commits on May 17, 2023
-
test/k8s: for services test, wait for all applied manifests to delete
[ upstream commit 6878133 ] In the K8sDatapathConfig tests "echo-svc" deployment Pods are failing to terminate while waiting to terminate all Pods. These come from a deployment, that shouldn't be applied in this suite. Presumably failure to delete is being cause by the Deployment controller restarting the Pods as they're deleted. To try to fix this, going to wait for applied yamls in K8sServices to be fully deleted, including finalizers. Addresses: #25255 Signed-off-by: Tom Hadlaw <tom.hadlaw@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for 0f4926c - Browse repository at this point
Copy the full SHA 0f4926cView commit details -
test/provision/compile.sh: Make usable from dev VM
[ upstream commit 0112ddb ] Add missing 'sudo' commands so that this can be run from a shell in a dev VM to launch a local cilium agent in docker. Only install the bpf mount unit to systemd if not already mounted. This avoids error message like this: Unit sys-fs-bpf.mount has a bad unit file setting With these changes Cilium agent can be compiled and launced in docker, assuming the VM hostname does NOT include "k8s", like so: $ SKIP_TEST_IMAGE_DOWNLOAD=1 VMUSER=${USER} PROVISIONSRC=test/provision test/provision/compile.sh After this 'docker ps' should show a "cilium" container. This can be used, for example to quickly run Cilium agent locally to observer agent startup and exit logs via 'docker logs cilium -f' when stopping cilium with 'docker stop cilium'. Signed-off-by: Jarno Rajahalme <jarno@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for db4adc7 - Browse repository at this point
Copy the full SHA db4adc7View commit details -
bpf: host: add drop notify for missed POLICY_EGRESSCALL_MAP tail-call
[ upstream commit f601b4c ] We're returning a DROP reason, but nothing outside do_netdev() creates the corresponding drop notification from it. Signed-off-by: Julian Wiedmann <jwi@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for 5226086 - Browse repository at this point
Copy the full SHA 5226086View commit details -
bpf: host: add drop notify for do_netdev_encrypt()
[ upstream commit 9788f53 ] do_netdev_encrypt_encap() can return various errors, but its caller doesn't raise the corresponding drop notification. Also clean up the one case in do_netdev_encrypt_encap() where we currently *do* raise a drop notification. Signed-off-by: Julian Wiedmann <jwi@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for 3a219d7 - Browse repository at this point
Copy the full SHA 3a219d7View commit details -
bpf: host: check ep->tunnel_endpoint in do_netdev_encrypt_encap()
[ upstream commit e92863c ] __encap_and_redirect_with_nodeid() expects the caller to handle this check. Otherwise we end up encapsulating with an OuterDstIP of 0.0.0.0. I looked at all the other users, looks like this was the only one missing. Signed-off-by: Julian Wiedmann <jwi@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for 48f1dcf - Browse repository at this point
Copy the full SHA 48f1dcfView commit details -
bpf: overlay: add drop notify for __encap_and_redirect_with_nodeid()
[ upstream commit c058e9b ] Align with all the other error paths in tail_handle_arp() and raise a drop notification on error. This function is executed as a tail-call, so there's no surrounding code that would do this for us otherwise. Signed-off-by: Julian Wiedmann <jwi@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for e0eaecc - Browse repository at this point
Copy the full SHA e0eaeccView commit details -
bpf: host: add drop notify for __encap_and_redirect_with_nodeid()
[ upstream commit b96624d ] Add an error path for the from-netdev program that handles the missing drop notification. backporting conflicts: * bpf/bpf_host.c: some conflicts in cil_from_netdev as that function differs quite a bit in v1.13 Signed-off-by: Julian Wiedmann <jwi@isovalent.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for 9644c01 - Browse repository at this point
Copy the full SHA 9644c01View commit details -
Configuration menu - View commit details
-
Copy full SHA for e4b6414 - Browse repository at this point
Copy the full SHA e4b6414View commit details -
bpf: nat: fix ICMPv6 ECHO types in snat_v6_rewrite_ingress()
Configuration menu - View commit details
-
Copy full SHA for 8ab9cd6 - Browse repository at this point
Copy the full SHA 8ab9cd6View commit details -
Configuration menu - View commit details
-
Copy full SHA for d86e0db - Browse repository at this point
Copy the full SHA d86e0dbView commit details -
docs: Fix broken link to backends leak issue
[ upstream commit 800c7ef ] Signed-off-by: Akhil Velagapudi <4@4khil.com> Signed-off-by: Gilberto Bertin <jibi@cilium.io>
Configuration menu - View commit details
-
Copy full SHA for 59d5b90 - Browse repository at this point
Copy the full SHA 59d5b90View commit details