v1.15 Backports 2024-09-25 #35037
Merged
v1.15 Backports 2024-09-25 #35037
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ upstream commit f4fb48b ] [ backporter's notes: Used `ciliumSvcLBISKAnnotation` instead of annotation.LBIPAMSharingKey as the latter is not defined in v1.15 branch ] There was a bug in the LB-IPAM import logic. When one or more services share the same IP, and the agent restarts, the services would not share the IP anymore. This happens because when the import logic allocated an IP, it did not register the sharing group if that service had a sharing key. This caused the non-import path which is called for the second service to conclude that the second service was the first service in the group so it would allocate a new IP. This commit makes sure the import logic registers the sharing group when it allocates an IP. Signed-off-by: Dylan Reimerink <dylan.reimerink@isovalent.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit daf66f2 ] [ backporter's notes: Dropped changes to install/kubernetes/cilium/templates/hubble/tls-certmanager/metrics-server-secret.yaml: file not present in v1.15 branch ] Copied the usages from the certgen (aka tls-cronjob). Signed-off-by: Alexandre Perrin <alex@isovalent.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit 58a64cf ] This fixes issues where prior mark values would not be correctly set if the mark set needed to remove bits. For example: 0x0f00 updated with 0x0400 -> 0xff. As well, mask magic bit set to ensure other parts of the mark do not get changed. Co-authored-by: Yusuke Suzuki <yusuke-suzuki@cybozu.co.jp> Signed-off-by: Tom Hadlaw <tom.hadlaw@isovalent.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit 66c9b0d ] This covers setting and then clearing/overwriting the mark value to ensure the function performs this correctly. Signed-off-by: Tom Hadlaw <tom.hadlaw@isovalent.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
678c6e7 to
3c27f33
Compare
|
/test-backport-1.15 |
dylandreimerink
approved these changes
Sep 25, 2024
tommyp1ckles
approved these changes
Oct 1, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ciliumSvcLBISKAnnotationinstead ofannotation.LBIPAMSharingKeyas the latter is not defined in v1.15 branchinstall/kubernetes/cilium/templates/hubble/tls-certmanager/metrics-server-secret.yaml: file not present in v1.15 branchOnce this PR is merged, a GitHub action will update the labels of these PRs: