New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rebase from upstream master #526
Merged
openshift-merge-robot
merged 57 commits into
openshift:master
from
dulek:openshift-master
Jun 16, 2021
Merged
Rebase from upstream master #526
openshift-merge-robot
merged 57 commits into
openshift:master
from
dulek:openshift-master
Jun 16, 2021
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch enables the tempest test that checks that listener timeout value is configurable. Depends-On: https://review.opendev.org/c/openstack/kuryr-tempest-plugin/+/783966 Implements: blueprint configure-lb-listeners-timeout Change-Id: Ie2f6ec8b193e5a90216f3ff925188ad367826e4c
For OVN Ocatvia provider we need to include service subnet as well, otherwise we will end up in no connectivity to services from pods where network policy which define egress to all namespaces was applied. Change-Id: Ic1d1803c178a9b8375f2a08e021f0a046fd7ff02 Related-Bug: 1915008
This patch is fixing the bug in which was problem after the status field is deleted, kuryr-controller is crashing because of it. So we need to check if status field is missing and add it to the crd. Also I add there fixes of another parts of code where probably in the future could be similar problem is some parts of the CRD would be missing. Closes-Bug: #1921109 Change-Id: Ib195aa4389e310354f163d3ba474eddea18c4f51
This is not the proper way of informing user that Octavia returns 503, we should have a nice message or we'll start getting bug reports on us Closes-bug: 1918708 Change-Id: I871c3998edb5b1d594067b60e908c453ad122dde
pyroute2 has a curious way of reporting details of RuntimeError raised when an IPDB transaction fails - it just sets the .debug property of the exception to a dictionary containing additional info. This is not printed by default, meaning that we end up with ambiguous RuntimeError in the logs when anything wrong happens. This commit improves this by making sure we print traceback included in that additional info. Change-Id: Id86a96a662c071533e187fa1b6d87783a844086a
This commit migrates kuryr_cni to use go mod and updates its Dockerfile. Closes-Bug: #1922235 Change-Id: If8b7c0350c0dcfd3de2735aff2efe9c86bbd4e58
The Neutron community is planning on switching the default network backend in DevStack to OVN soon and to avoid any gate breakages we need to explicitly enable ML2/OVS where it makes sense. This patch is enabling ML2/OVS for the non-OVN jobs in the gate. Prior to this patch the job were enabling the ML2/OVS services such as q-agt and q-dhcp but it wasn't setting other required options (e.g Q_AGENT). Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com> Change-Id: Iae420403d3d84325830bded8633b2a29430b36bb
Whenever a CNI container image is generated, in CNI pod logs there were deprication warning which should be removed. Closes-bug: 1918709 Change-Id: I4d8db9eb021d33b79a5ff688c91ba0df6cae938a
It is unnecessary to use list, set, dict around a generator expression to get object of that type, since there are comprehensions for these types. Change-Id: I11b9b87faacba4321ef54a48edd7f13df18e1df7
Import alias is same as original package, so making the alias unnecessary. Change-Id: I94c23131ee96447be133e33dbda4b443c19d681a
Change-Id: I54e9f18f45b59c3ff6f3cc40e549ab9fd91d4391
Change-Id: Id899688aee86873d3a38638031592ea3e492b2d5
Setuptools v54.1.0 introduces a warning that the use of dash-separated options in 'setup.cfg' will not be supported in a future version [1]. Get ahead of the issue by replacing the dashes with underscores. Without this, we see 'UserWarning' messages like the following on new enough versions of setuptools: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead [1] pypa/setuptools@a2e9ae4cb Change-Id: I40c3d36df3f7b2db683d226f5fb9edf08d2c27c8
In case of hairpin LB traffic (member of the LB calls the LB and the request is directed back to the same member) OVN replaces the source-ip of the request with the LB IP. This means that pods with network policies applied may have that traffic blocked when it should be allowed. To fix that this commit makes sure that SGs used for NPs include ingress rules for each of the Service in it's namespace. It's not ideal but seems to be a fair compromise between opening as little traffic as possible and increasing number of security groups and rules. As this commit makes sure all the NPs in the namespaces are reanalyzed every time a Service is created or deleted, a little fixes in order to support that are also made. Change-Id: I7e0458c4071e4a43ab4d158429e05c67cd897a3c Closes-Bug: 1923452
Due to coding error I not only switched "used" with "limit" in our quota check messages but also made it impossible for the check to fail. This commit fixes it. Closes-Bug: 1927241 Change-Id: I6e6a396d0e0467ec424bb403064a19cb4f1a586e
As Devstack is dropping support for Ubuntu Bionic in favor of Focal and the bionic node is not needed anymore on the crio gate with the change os repos to kubic OBS project[1], we can remove the nodeset definition. [1] openstack/devstack-plugin-container@d4de1bb Change-Id: I64bcfe8f9c5795f1724aa1e3b7278660f79fa7f6
This commit updates the GO Version to 1.16 Change-Id: Ic83148d51bf2cc1b2a8c8e5bf8ba3c28e6fa588f
This patch provides an implementation for joining node to the Kubernetes cluster by using `kubeadm join` command. Change-Id: I71d2b99e0c92a12c4e64395f6c4dafa4b69f168f Depends-On: Ife21874c0a71ba07723094c0f880aabcf5825b77
When executing kubectl drain node it sometimes removing kuryr-controller first, which may happen, that deployments will hang during removing, since the dependency on the controller. Also, turns out, that we can simply skip it, and `kubeadm reset` will remove everything for us, so that's enough. Change-Id: I396fb8fa5658617d03f5fdeed93cc86aa61e4a2d
Upating the tetsing template to Xena testing runtime: https://governance.openstack.org/tc/reference/runtimes/xena.html Change-Id: I59fd5f35320a337a9b8eaa519ca3156d5fcdd25b
The patch bumps min version of tox to 3.18.0 in order to replace tox's whitelist_externals by allowlist_externals option: https://github.com/tox-dev/tox/blob/master/docs/changelog.rst#v3180-2020-07-23 Change-Id: Ib37ac703ae9a49c31f0797f210174c591a4b8109
Change-Id: I5dfcc0786d8cc296f792b268fe3dcd5d73b3341c
Currently, we were relying on our dependencies which pulls golang package, so that we don't need to do that ourselves. Although, as it was pointed out in mentioned bug, explicit is better than implicit. Even though, it's worth to mention, that kuryr-kubernetes relies on both: Neutron and Octavia (which brings golang as it binary dep), and without either of it, it will not work. Change-Id: I3efb100e8ea47b7eb74e5addf5c2171c4606cad0 Closes-Bug: #1930368
It's possible that the Listener timeouts data was included in the CRD status, even though there is no annotation on the Service, probably the Listener was not present on the CRD, but created and the controller attempts to find it and includes the timeouts value. The timeouts included on the CRD then differs from the spec values causing the constant update of the Listener. This commit fixes the issue by ensuring the timeouts information is only included on the CRD when there was annoation(s) on the Service. Closes-bug: 1930220 Change-Id: Iaaa6805287c175de618e0ec20099887f129e7536
pyroute2 0.6.4 seems to break us due to their packages split. This commit attempts to fix it by making sure we import modules correctly. Change-Id: I30ef9ce99b039d00f63ced6e78fd4cfe432b50f6
Neutron should make a subport that is already attached to a trunk ACTIVE immediately. Unfortunately there seems to be an OVN bug causing an event triggering this to be lost, leaving the port in DOWN state forever. This is a disaster for Kuryr, because we can't proceed to wire the pods in such case. This commit attempts to workaround this by making Kuryr reattach the ports that are in DOWN state for more than 90 seconds after they're plugged. Change-Id: If9a3968d68dced588614cd5521d4a111e78d435f
Change-Id: Icd217150c510d9a25759347e2b6d3710b60ad40a
dulek
requested review from
MaysaMacedo,
gryf and
luis5tb
and removed request for
gryf
June 16, 2021 11:03
openshift-ci
bot
added
the
approved
Indicates a PR has been approved by an approver from all required OWNERS files.
label
Jun 16, 2021
Upstream switched to use golang modules, this commit adapts openshift-kuryr-cni-rhel8.Dockerfile to those changes. Change-Id: I1fa697819952e5d25f150219dc805ad0cc911104
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dulek, MaysaMacedo The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.