Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cni: Use batch endpoint deletion API in chaining plugin #31456

Merged
merged 1 commit into from
Mar 19, 2024
Merged

cni: Use batch endpoint deletion API in chaining plugin #31456

merged 1 commit into from
Mar 19, 2024

Conversation

sayboras
Copy link
Member

@sayboras sayboras commented Mar 18, 2024
edited
Loading

This commit is to leverage new batch endpoint deletion API instead of singular endpoint deletion based on ID. The main reason is to provide backward compatibility on upgrade path.

The current CNI attachment ID requires a valid containerIfName attribute, however, the endpoints created by old cilium versions (e.g. <1.15) are not having such details. Any CNI DEL command for these endpoints will lead to invalid lookup (e.g. DeleteEndpointIDNotFoundCode), and prevent cleaning up of related resources such as IP addresses.

The impact is only limited to CNI chaining mode, as batch endpoint deletion API is already used cilium-cni/cmd/cmd.go as part of #27351.

Old endpoint details without (or empty) ContainerIfName

{
  "ID": 423,
  "ContainerName": "",
  "dockerID": "415beb119c4b0910f62634510e921a447893195ebedc30ca0e9cd5bf02569645",
  "DockerNetworkID": "",
  "DockerEndpointID": "",
  "IfName": "eni22524e9e591",
  "IfIndex": 13,
  "ContainerIfName": "",
  "DisableLegacyIdentifiers": false,
  ...
}

New endpoint details with valid ContainerIfName (e.g. eth0)

{
  "ID": 3627,
  "ContainerName": "",
  "dockerID": "f89ccf654b878248442981d4c56fe3f50fa127f922b46ee6dccc94ae10e94b79",
  "DockerNetworkID": "",
  "DockerEndpointID": "",
  "IfName": "enia67a2d3c27d",
  "IfIndex": 45,
  "ContainerIfName": "eth0",
  "DisableLegacyIdentifiers": false,
  ...
}

Relates: #26894, #27351
Suggested-by: Sebastian Wicki sebastian@isovalent.com

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Mar 18, 2024
@sayboras sayboras added release-note/bug This PR fixes an issue in a previous release of Cilium. needs-backport/1.15 This PR / issue needs backporting to the v1.15 branch labels Mar 18, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels Mar 18, 2024
@sayboras
Copy link
Member Author

/test

@sayboras
cni: Use batch endpoint deletion API in chaining plugin
afcbb14 
This commit is to leverage new batch endpoint deletion API instead of
singular endpoint deletion based on ID. The main reason is to provide
backward compatibility on upgrade path.

The current CNI attachment ID requires a valid containerIfName attribute,
however, the endpoints created by old cilium versions (e.g. <1.15) are
not having such details. Any CNI DEL command for these endpoints will
lead to invalid lookup (e.g. DeleteEndpointIDNotFoundCode), and prevent
cleaning up of related resources such as IP addresses.

The impact is only limited to CNI chaining mode, as batch endpoint
deletion API is already used cilium-cni/cmd/cmd.go as part of cilium#27351.

Old endpoint details without (or empty) ContainerIfName

```json
{
  "ID": 423,
  "ContainerName": "",
  "dockerID": "415beb119c4b0910f62634510e921a447893195ebedc30ca0e9cd5bf02569645",
  "DockerNetworkID": "",
  "DockerEndpointID": "",
  "IfName": "eni22524e9e591",
  "IfIndex": 13,
  "ContainerIfName": "",
  "DisableLegacyIdentifiers": false,
  ...
}
```

New endpoint details with valid ContainerIfName (e.g. eth0)

```json
{
  "ID": 3627,
  "ContainerName": "",
  "dockerID": "f89ccf654b878248442981d4c56fe3f50fa127f922b46ee6dccc94ae10e94b79",
  "DockerNetworkID": "",
  "DockerEndpointID": "",
  "IfName": "enia67a2d3c27d",
  "IfIndex": 45,
  "ContainerIfName": "eth0",
  "DisableLegacyIdentifiers": false,
  ...
}
```

Relates: cilium#26894, cilium#27351
Suggested-by: Sebastian Wicki <sebastian@isovalent.com>
Signed-off-by: Tam Mach <tam.mach@cilium.io>
@sayboras
Copy link
Member Author

/test

@sayboras sayboras added the affects/v1.14 This issue affects v1.14 branch label Mar 18, 2024
@sayboras sayboras marked this pull request as ready for review March 19, 2024 02:25
@sayboras sayboras requested a review from a team as a code owner March 19, 2024 02:25
@sayboras sayboras requested a review from youngnick March 19, 2024 02:25
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Mar 19, 2024
@sayboras sayboras added this pull request to the merge queue Mar 19, 2024
Merged via the queue into cilium:main with commit 31be787 Mar 19, 2024
62 checks passed
@sayboras sayboras deleted the tam/cni-delete branch March 19, 2024 13:40
@sayboras sayboras added the backport/author The backport will be carried out by the author of the PR. label Mar 20, 2024
@sayboras sayboras mentioned this pull request Mar 20, 2024
Merged
1 task
@sayboras sayboras added backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch and removed needs-backport/1.15 This PR / issue needs backporting to the v1.15 branch backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. labels Mar 20, 2024
@github-actions github-actions bot added backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. and removed backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. labels Mar 20, 2024
@sayboras sayboras mentioned this pull request Mar 25, 2024
Merged
1 task
@jrajahalme jrajahalme mentioned this pull request Mar 26, 2024
Merged
@sayboras sayboras removed the needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch label Mar 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@youngnick youngnick youngnick approved these changes

@gandro gandro gandro approved these changes

Assignees
No one assigned
Labels
affects/v1.14 This issue affects v1.14 branch backport/author The backport will be carried out by the author of the PR. backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
No open projects
cilium v1.15.3
Status: Released
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sayboras @gandro @youngnick