MAISTRA-2137 Make network namespace setup executable name configurable #273
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jwendell
reviewed
Feb 17, 2021
| @@ -53,6 +53,7 @@ type Kubernetes struct { | |||
| NodeName string `json:"node_name"` | |||
| ExcludeNamespaces []string `json:"exclude_namespaces"` | |||
| CNIBinDir string `json:"cni_bin_dir"` | |||
| NetnsSetupExecutable string `json:"netns_setup_executable"` | |||
There was a problem hiding this comment.
I wonder if concatenating the cni-bin-prefix in this line fixes the problem without having to introduce another setting.
There was a problem hiding this comment.
No, because there is no cni-bin-prefix in this context. The prefix is passed to install-cni, whereas this here is istio-cni, which gets called by the Multus. The only config that it gets is the YAML that comes from the configmap.
jwendell
approved these changes
Feb 18, 2021
|
/test integration |
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 11, 2021
maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 16, 2021
maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 17, 2021
maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 30, 2021
…CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
maistra-bot
pushed a commit
that referenced
this pull request
Jun 30, 2021
…CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 2, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 4, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 4, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 7, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 7, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 7, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 7, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 9, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Feb 28, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
luksa
added a commit
to luksa/istio-maistra
that referenced
this pull request
Mar 1, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
maistra-bot
pushed a commit
that referenced
this pull request
Mar 1, 2022
…Istio CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Jun 29, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Jul 4, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Jul 4, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
maistra-bot
pushed a commit
that referenced
this pull request
Jul 5, 2022
…Istio CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 24, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 25, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 25, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 25, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 29, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 29, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 29, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result.
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 29, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result.
maistra-bot
pushed a commit
that referenced
this pull request
Aug 30, 2022
…Istio CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result.
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 18, 2022
…Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result.
maistra-bot
pushed a commit
that referenced
this pull request
Nov 24, 2022
…Istio CNI (#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 31, 2023
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 31, 2023
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
openshift-merge-robot
pushed a commit
that referenced
this pull request
Sep 1, 2023
…Istio CNI (#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 21, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 22, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
yxun
pushed a commit
to yxun/istio
that referenced
this pull request
May 22, 2024
…Istio CNI (maistra#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (maistra#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (maistra#325) * MAISTRA-2137 Make network namespace setup executable name configurable (maistra#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (maistra#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (maistra#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
openshift-merge-bot bot
pushed a commit
that referenced
this pull request
May 22, 2024
…Istio CNI (#688) * [cni] MAISTRA-2132 Support deployment of multiple plugin versions in Istio CNI (#271) Includes: * MAISTRA-2135 Add unit tests for our CNI binary-prefix work (#325) * MAISTRA-2137 Make network namespace setup executable name configurable (#273) To support the deployment of multiple CNI plugin versions, the name of the executable that is invoked to set up the network namespace must be configurable. * OSSM-1430: CNI: Watch for modified files with a prefix (#510) Because our CNI pod contains more than one container, and they write to the same directory, and they watch for changes on those directories, changes made by one container trigger the watch on the other, which will responde by copying the files to the directory, which will in turn trigger the watcher of the other container in an endless loop. This leads to high CPU usage on the node. This PR changes the logic to only monitor for files that have the desired prefix. Thus, for example, the 2.2 container will only react to changes to files whose names start with "v2-2". This avoid this race condition and achieve the same end result. * [cni] MAISTRA-2051 use correct UID/GID in istio-iptables * OSSM-2082 CNI installer now creates the net.d directory if necessary (#638) * fix(lint): replaces deprecated pkg io/ioutil * fix: reverts back to t.TempDir() calls Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: rcernich <rcernich@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To support the deployment of multiple CNI plugin versions, the name of the
executable that is invoked to set up the network namespace must be configurable.