Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v1.14 Backports 2024-02-27 #31000

Merged
merged 9 commits into from Mar 1, 2024
Merged

v1.14 Backports 2024-02-27 #31000

merged 9 commits into from Mar 1, 2024

Conversation

YutaroHayakawa
Copy link
Member

@YutaroHayakawa YutaroHayakawa commented Feb 27, 2024
edited

tklauser and others added 4 commits February 27, 2024 18:16
@tklauser @YutaroHayakawa
slices: don't modify input slices in test
0b09afe 
[ upstream commit 32543a4 ]

In Go 1.22, slices.CompactFunc will clear the slice elements that got
discarded. This makes TestSortedUniqueFunc fail if it is run in
succession to other tests modifying the input slice.

Avoid this case by not modifying the input slice in the test case but
make a copy for the sake of the test.

Signed-off-by: Tobias Klauser <tobias@cilium.io>
@tklauser @YutaroHayakawa
lbipam: copy slice before modification in (*LBIPAM).handlePoolModified
7522edc 
[ upstream commit 3441800 ]

In Go 1.22, slices.Delete will clear the slice elements that got
discarded. This leads to the slice containing the existing ranges in
(*LBIPAM).handlePoolModified to be cleared while being looped over,
leading to the following nil dereference in TestConflictResolution:

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃   PANIC  package: github.com/cilium/cilium/operator/pkg/lbipam • TestConflictResolution   ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
	panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1a8c814]

goroutine 22 [running]:
testing.tRunner.func1.2({0x1d5e400, 0x39e3fe0})
	/home/travis/.gimme/versions/go1.22.0.linux.arm64/src/testing/testing.go:1631 +0x1c4
testing.tRunner.func1()
	/home/travis/.gimme/versions/go1.22.0.linux.arm64/src/testing/testing.go:1634 +0x33c
panic({0x1d5e400?, 0x39e3fe0?})
	/home/travis/.gimme/versions/go1.22.0.linux.arm64/src/runtime/panic.go:770 +0x124
github.com/cilium/cilium/operator/pkg/lbipam.(*LBRange).EqualCIDR(0x400021d260?, {{0x24f5388?, 0x3fce4e0?}, 0x400012c018?}, {{0x1ea5e20?, 0x0?}, 0x400012c018?})
	/home/travis/gopath/src/github.com/cilium/cilium/operator/pkg/lbipam/range_store.go:151 +0x74
github.com/cilium/cilium/operator/pkg/lbipam.(*LBIPAM).handlePoolModified(0x400021d260, {0x24f5388, 0x3fce4e0}, 0x40000ed200)
	/home/travis/gopath/src/github.com/cilium/cilium/operator/pkg/lbipam/lbipam.go:1392 +0xfa0
github.com/cilium/cilium/operator/pkg/lbipam.(*LBIPAM).poolOnUpsert(0x400021d260, {0x24f5388, 0x3fce4e0}, {{0xffff88e06108?, 0x10?}, {0x4000088808?, 0x40003ea910?}}, 0x40000ed080?)
	/home/travis/gopath/src/github.com/cilium/cilium/operator/pkg/lbipam/lbipam.go:279 +0xe0
github.com/cilium/cilium/operator/pkg/lbipam.(*LBIPAM).handlePoolEvent(0x400021d260, {0x24f5388?, 0x3fce4e0?}, {{0x214e78e, 0x6}, {{0x400034d1d8, 0x6}, {0x0, 0x0}}, 0x40000ed080, ...})
	/home/travis/gopath/src/github.com/cilium/cilium/operator/pkg/lbipam/lbipam.go:233 +0x1d8
github.com/cilium/cilium/operator/pkg/lbipam.(*newFixture).UpsertPool(0x40008bfe18, 0x40002a4b60, 0x40000ed080)
	/home/travis/gopath/src/github.com/cilium/cilium/operator/pkg/lbipam/lbipam_fixture_test.go:177 +0x148
github.com/cilium/cilium/operator/pkg/lbipam.TestConflictResolution(0x40002a4b60)
	/home/travis/gopath/src/github.com/cilium/cilium/operator/pkg/lbipam/lbipam_test.go:56 +0x3fc
testing.tRunner(0x40002a4b60, 0x22a2558)
	/home/travis/.gimme/versions/go1.22.0.linux.arm64/src/testing/testing.go:1689 +0xec
created by testing.(*T).Run in goroutine 1
	/home/travis/.gimme/versions/go1.22.0.linux.arm64/src/testing/testing.go:1742 +0x318
FAIL	github.com/cilium/cilium/operator/pkg/lbipam	0.043s

Fix this by cloning the slice before iterating over it.

Signed-off-by: Tobias Klauser <tobias@cilium.io>
@oblazek @YutaroHayakawa
endpoint: don't create endpoint with labels
6ded27e 
[ upstream commit cb15333 ]

When endpoint is created and `EndpointChangeRequest`
contains labels, it might cause the endpoint regeneration to not be
triggered as it is only triggered when labels are changed.
Unfortunately this does not happen when epTemplate.Labels are set
with the same labels as `EndpointChangeRequest`.

This commit fixes the above issue by not setting epTemplate.Labels.

Fixes: #29776

Signed-off-by: Ondrej Blazek <ondrej.blazek@firma.seznam.cz>
@YutaroHayakawa
bgpv1: Remove a noisy log in Controller
b60d10e 
[ upstream commit 329fefb ]

[ backporter's note: Fix minor conflict due to the
  c.BGPMgr.ConfigurePeers fixture change. ]

Controller generate a log for every single reconciliation. This is noisy
and doesn't make much sense since users doesn't care about
reconciliation happening, but the outcome of the reconciliation.

Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
@YutaroHayakawa YutaroHayakawa added kind/backports This PR provides functionality previously merged into master. backport/1.14 This PR represents a backport for Cilium 1.14.x of a PR that was merged to main. labels Feb 27, 2024
@YutaroHayakawa YutaroHayakawa marked this pull request as ready for review February 28, 2024 11:21
@YutaroHayakawa YutaroHayakawa requested a review from a team as a code owner February 28, 2024 11:21
@YutaroHayakawa
Copy link
Member Author

/test-backport-1.14

oblazek
oblazek approved these changes Feb 29, 2024
View reviewed changes
Copy link
Contributor

@oblazek oblazek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks.

@YutaroHayakawa
Copy link
Member Author

YutaroHayakawa commented Feb 29, 2024
edited

Cilium IPsec upgrade: #29846
Conformance Cluster Mesh: #30139
Conformance E2E: #30901

Might be a regression. Checking... It was a regression.
Conformance Runtime
Integration Tests
Travis CI

YutaroHayakawa and others added 5 commits February 29, 2024 20:07
@YutaroHayakawa
bgpv1: Inform when the node is not selected anymore
5061ad5 
[ upstream commit 4c5f79d ]

[ backporter's note: Initialize LocalNodeStore on test init and
deinitialize on test deinit. ]

When users stop selecting the node with CiliumBGPPeeringPolicy, BGP
Control Plane removes all running virtual router instances. However, it
is only notified with Debug level. Upgrade it to Info level since this
is an important information which helps users to investigate session
disruption with configuration miss.

Also, the log is generated and full reconciliation happens even if there
is no previous policy applied. This means when there's no policy applied
and any relevant resource (e.g. Service) is updated, it will generate
the log and does full withdrawal meaninglessly. Introduce a flag that
indicates whether there is a previous policy and conditionally trigger
log generation and full withdrawal.

Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
@YutaroHayakawa
bgpv1: Remove noisy logs from neighbor reconciler
0f11725 
[ upstream commit 66e5de6 ]

[ backporter's note: neighbor.go is still under
pkg/bgpv1/manager/. Do the same change for
pkg/bgpv1/manager/reconcile.go. ]

Remove noisy logs generated for every single reconciliation.

Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
@YutaroHayakawa
bgpv1: Remove unnecessary stat logs from neighbor reconciler
ad823d0 
[ upstream commit c00330c ]

[ backporter's note: neighbor.go is still under
pkg/bgpv1/manager/. Do the same change for
pkg/bgpv1/manager/reconcile.go. ]

We don't need to show create/update/delete counts because we show logs
for all create/update/delete operation anyways.

Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
@YutaroHayakawa
bgpv1: Downgrade peer state transition logs to Debug
c2961d8 
[ upstream commit 148f81f ]

Users can now easily check the current peering state with `cilium bgp
peers` command. Thus state transition logs become relatively unimportant
for users. Downgrade the logs to debug level.

Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
@iandrewt @YutaroHayakawa
helm: Probe Envoy DaemonSet localhost IP directly
ba39222 
[ upstream commit 29a7918 ]

On IPv6-only clusters, querying localhost for the health check could attempt to check 127.0.0.1, presumable depending on host DNS configuration.

As the health check does not listen on IPv4 when .Values.ipv4.enabled is false, this health check could fail.

This patch uses the same logic as the bootstrap-config.json file to ensure a valid IP is always used for the health check.

Fixes: #30968
Fixes: 859d2a9 ("helm: use /ready from Envoy admin iface for healthprobes on daemonset")

Signed-off-by: Andrew Titmuss <iandrewt@icloud.com>
@YutaroHayakawa YutaroHayakawa force-pushed the pr/v1.14-backport-2024-02-27-06-16 branch from 138e9a9 to ba39222 Compare February 29, 2024 11:17
@YutaroHayakawa
Copy link
Member Author

/test-backport-1.14

@YutaroHayakawa
Copy link
Member Author

Conformance AKS: #29845

@YutaroHayakawa YutaroHayakawa merged commit 65f2d2e into v1.14 Mar 1, 2024
222 checks passed
@YutaroHayakawa YutaroHayakawa deleted the pr/v1.14-backport-2024-02-27-06-16 branch March 1, 2024 05:15
@thorn3r thorn3r mentioned this pull request Mar 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldelossa ldelossa ldelossa approved these changes

@oblazek oblazek oblazek approved these changes

@tklauser tklauser Awaiting requested review from tklauser

Assignees
No one assigned
Labels
backport/1.14 This PR represents a backport for Cilium 1.14.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@YutaroHayakawa @ldelossa @oblazek @tklauser @iandrewt