Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

daemon: Do not require NodePort for WireGuard #32249

Merged
merged 2 commits into from
Apr 30, 2024
Merged

daemon: Do not require NodePort for WireGuard #32249

merged 2 commits into from
Apr 30, 2024

Conversation

brb
Copy link
Member

@brb brb commented Apr 30, 2024

See commit msgs. cc @tommyp1ckles

brb added 2 commits April 30, 2024 10:00
@brb
daemon: Do not require NodePort for WG
eabecd6 
Commit 6481b5b ("daemon: Detect bpf_host netdevs when WG is
enabled") extended the disablement of NodePort. In particular,
finishKubeProxyReplacementInit() does not disable NodePort if WG is
enabled.

This does not make any sense, as WG does not depend on NodePort, and
bpf_host attachment (which WG depends on) is controlled via
AreDevicesRequired().

Signed-off-by: Martynas Pumputis <m@lambda.lt>
@brb
gh/workflows: Test WG w/o KPR
f22aa15 
Extend the E2E configurations to test for WG w/o KPR. Previously, we did
not have any config to test it. Considering, that it can be a widely
used configuration, sacrifice the 10th config (egress GW, endpoint
routes, multi-netdev all are tested in other configs).

Signed-off-by: Martynas Pumputis <m@lambda.lt>
@brb brb added area/daemon Impacts operation of the Cilium daemon. release-note/minor This PR changes functionality that users may find relevant to operating Cilium. feature/wireguard Relates to Cilium's Wireguard feature labels Apr 30, 2024
@brb
Copy link
Member Author

brb commented Apr 30, 2024

/test

@brb brb marked this pull request as ready for review April 30, 2024 09:03
@brb brb requested review from a team as code owners April 30, 2024 09:03
@brb brb requested review from ysksuzuki, aanm and nebril April 30, 2024 09:03
@aanm aanm enabled auto-merge April 30, 2024 15:27
@aanm aanm added this pull request to the merge queue Apr 30, 2024
Merged via the queue into main with commit c132abb Apr 30, 2024
266 checks passed
@aanm aanm deleted the pr/brb/wg-enable-kpr branch April 30, 2024 21:27
@joestringer
Copy link
Member

@brb The titles of PRs like this will end up in release notes, so as such it is preferable to fully expand any acronyms so that users can more easily understand the context of things like 'WG' here (or search through release notes if they're really interested in that particular feature). I'll update this one so it's clearer for the upcoming v1.16 release.

@joestringer joestringer changed the title daemon: Do not require NodePort for WG daemon: Do not require NodePort for WireGuard May 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nebril nebril nebril approved these changes

@aanm aanm aanm approved these changes

@tommyp1ckles tommyp1ckles tommyp1ckles approved these changes

@ysksuzuki ysksuzuki Awaiting requested review from ysksuzuki ysksuzuki is a code owner automatically assigned from cilium/sig-datapath

Assignees
No one assigned
Labels
area/daemon Impacts operation of the Cilium daemon. feature/wireguard Relates to Cilium's Wireguard feature release-note/minor This PR changes functionality that users may find relevant to operating Cilium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@brb @joestringer @nebril @aanm @tommyp1ckles