-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
identity cache: Support looking up reserved identities #2922
Conversation
) | ||
|
||
// IdentityCache is a cache of identity to labels mapping | ||
type IdentityCache map[NumericIdentity]labels.LabelArray |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
type name will be used as identity.IdentityCache by other packages, and that stutters; consider calling this Cache
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but would be nice to see a green build. Current failure appears unrelated.
I believe that |
Are you referring to something else? |
0164896
to
0f5b1ba
Compare
test-me-please |
Looks like it works from your output. I had previously seen it fail to resolve id |
test-me-please |
0f5b1ba
to
2873de0
Compare
test-me-please |
2873de0
to
e1e3549
Compare
test-me-please |
e1e3549
to
99e8217
Compare
test-me-please |
99e8217
to
aab7419
Compare
test-me-please |
@joestringer @ianvernon PR has changed significantly, please review again |
@@ -323,7 +321,7 @@ elif [ "$MODE" = "lb" ]; then | |||
else | |||
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding | |||
|
|||
CALLS_MAP="cilium_calls_lb_${ID}" | |||
CALLS_MAP="cilium_calls_lb" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this be CALLS_MAP="cilium_calls_lb_${ID_HOST}"
or ID_WORLD?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, LB is always a single program, this was a copy&paste error but it didn't have any negative effect.
} | ||
|
||
if gi, ok := allocatorKey.(globalIdentity); ok { | ||
return NewIdentity(id, gi.Labels) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why don't we store the updated identity from the KVStore into the cache?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The lookup is using the cache in the allocator but falls back to kvstore if it can't be found in the cache. I'm just moving the code here, I'm not adding or modifying code.
* Support resolving and listing reserved identities * Simplify bpf/init.sh by hardcoding the reserved identities which are static. * Convert `cilium identity list` and `cilium identity get` to use `text/tabwriter` and add uniformal `-o json` support. * Always list reserved identities for `cilium identity list` Example: ``` $ cilium identity list ID LABELS 4 [reserved:health] 3 [reserved:cluster] 1 [reserved:host] 2 [reserved:world] 58770 [reserved:health] 12536 [container:id.bar] 2558 [container:id.foo] ``` Fixes: #2857 Signed-off-by: Thomas Graf <thomas@cilium.io>
aab7419
to
dc3d710
Compare
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM for bpf / cli.
which are static.
cilium identity list
andcilium identity get
touse
text/tabwriter
and add uniformal-o json
support.cilium identity list
Example:
Fixes: #2857