Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

helm: Probe Envoy DaemonSet localhost IP directly #30970

Merged
merged 1 commit into from Feb 27, 2024
Merged

helm: Probe Envoy DaemonSet localhost IP directly #30970

merged 1 commit into from Feb 27, 2024

Conversation

iandrewt
Copy link
Contributor

On IPv6-only clusters, querying localhost for the health check could attempt to check 127.0.0.1, presumable depending on host DNS configuration.

As the health check does not listen on IPv4 when .Values.ipv4.enabled is false, this health check could fail.

This patch uses the same logic as the bootstrap-config.json file to ensure a valid IP is always used for the health check.

Fixes: #30968
Fixes: 859d2a9 ("helm: use /ready from Envoy admin iface for healthprobes on daemonset")

Please ensure your pull request adheres to the following guidelines:

  • For first time contributors, read Submitting a pull request
  • All code is covered by unit and/or runtime tests where feasible.
  • All commits contain a well written commit description including a title,
    description and a Fixes: #XXX line if the commit addresses a particular
    GitHub issue.
  • If your commit description contains a Fixes: <commit-id> tag, then
    please add the commit author[s] as reviewer[s] to this issue.
  • All commits are signed off. See the section Developer’s Certificate of Origin
  • Provide a title or release-note blurb suitable for the release notes.
  • Are you a user of Cilium? Please add yourself to the Users doc
  • Thanks for contributing!

@iandrewt
helm: Probe Envoy DaemonSet localhost IP directly
6cbf295 
On IPv6-only clusters, querying localhost for the health check could attempt to check 127.0.0.1, presumable depending on host DNS configuration.

As the health check does not listen on IPv4 when .Values.ipv4.enabled is false, this health check could fail.

This patch uses the same logic as the bootstrap-config.json file to ensure a valid IP is always used for the health check.

Fixes: cilium#30968
Fixes: 859d2a9 ("helm: use /ready from Envoy admin iface for healthprobes on daemonset")

Signed-off-by: Andrew Titmuss <iandrewt@icloud.com>
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Feb 26, 2024
@github-actions github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Feb 26, 2024
@iandrewt iandrewt marked this pull request as ready for review February 26, 2024 13:35
@iandrewt iandrewt requested review from a team as code owners February 26, 2024 13:35
gandro
gandro approved these changes Feb 26, 2024
View reviewed changes
Copy link
Member

@gandro gandro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@gandro gandro added release-note/bug This PR fixes an issue in a previous release of Cilium. needs-backport/1.15 This PR / issue needs backporting to the v1.15 branch labels Feb 26, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels Feb 26, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.15.2 Feb 26, 2024
@gandro gandro added area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels Feb 26, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels Feb 26, 2024
@iandrewt iandrewt mentioned this pull request Feb 27, 2024
Closed
sayboras
sayboras approved these changes Feb 27, 2024
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks and LGTM ✅

@sayboras
Copy link
Member

/test

@sayboras sayboras added the needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch label Feb 27, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.14.8 Feb 27, 2024
@sayboras sayboras added this pull request to the merge queue Feb 27, 2024
@sayboras
Copy link
Member

Thanks for your contribution 👍

Merged via the queue into cilium:main with commit 29a7918 Feb 27, 2024
62 of 63 checks passed
@iandrewt iandrewt deleted the pr/envoy-daemonset-probes branch February 27, 2024 04:23
@YutaroHayakawa YutaroHayakawa mentioned this pull request Feb 27, 2024
Merged
9 tasks
@YutaroHayakawa YutaroHayakawa added backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. and removed needs-backport/1.15 This PR / issue needs backporting to the v1.15 branch labels Feb 27, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.15 in 1.15.2 Feb 27, 2024
@YutaroHayakawa YutaroHayakawa mentioned this pull request Feb 27, 2024
Merged
5 tasks
@YutaroHayakawa YutaroHayakawa added backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. and removed needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch labels Feb 27, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.14 in 1.14.8 Feb 27, 2024
@github-actions github-actions bot added backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. and removed backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. labels Feb 28, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed this from Backport pending to v1.15 in 1.15.2 Feb 28, 2024
@github-actions github-actions bot added backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. and removed backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. labels Mar 1, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed this from Backport pending to v1.14 in 1.14.8 Mar 1, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Backport done to v1.15 in 1.15.2 Mar 1, 2024
@jrajahalme jrajahalme mentioned this pull request Mar 13, 2024
Merged
@thorn3r thorn3r mentioned this pull request Mar 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sayboras sayboras sayboras approved these changes

@gandro gandro gandro approved these changes

@joamaki joamaki Awaiting requested review from joamaki joamaki is a code owner automatically assigned from cilium/sig-k8s

@meyskens meyskens Awaiting requested review from meyskens meyskens is a code owner automatically assigned from cilium/sig-servicemesh

Assignees
No one assigned
Labels
area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. kind/community-contribution This was a contribution made by a community member. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
No open projects
1.15.2
Backport done to v1.15
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Envoy DaemonSet fails probes on IPv6 single-stack cluster
4 participants
@iandrewt @sayboras @gandro @YutaroHayakawa