Skip to content

[v1.16.0] The cluster name is invalid: must not be more than 32 characters. #34006

New issue
New issue
Closed
Bug
Closed
[v1.16.0] The cluster name is invalid: must not be more than 32 characters.#34006
Bug
Labels
area/clustermeshRelates to multi-cluster routing functionality in Cilium.area/datapathImpacts bpf/ or low-level forwarding details, including map management and monitor messages.kind/bugThis is a bug in the Cilium logic.kind/community-reportThis was reported by a user in the Cilium community, eg via Slack.kind/regressionThis functionality worked fine before, but was broken in a newer release of Cilium.needs/triageThis issue requires triaging to establish severity and next steps.
@hswong3i

Description

@hswong3i
hswong3i
opened on Jul 25, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Version

higher than v1.16.0-rc.2 and lower than v1.17.0

What happened?

#32641 introduce the 32 characters limitation to cluster name, which may be generally too small, e.g. If using uuid output as unique cluster name, it will not works because coming with 37 characters:

hswong3i@ubuntu-Inspiron-14-5420:~$ ID=`uuid` && echo $ID && echo -n $ID | wc -m
119d9ef4-4a32-11ef-9d55-8755d52f1094
36
hswong3i@ubuntu-Inspiron-14-5420:~$ ID=`uuid | md5sum | sed 's/\s*-$//g'` && echo $ID && echo -n $ID | wc -m
8e03de2fc4391c1a62644bf8eb4ba7f2
32
hswong3i@ubuntu-Inspiron-14-5420:~$ ID=`uuid | sha1sum | sed 's/\s*-$//g'` && echo $ID && echo -n $ID | wc -m
98dc7c04d5b231e72693502c7d4b0f5a012e1ea4
40
hswong3i@ubuntu-Inspiron-14-5420:~$ ID=`uuid | sha224sum | sed 's/\s*-$//g'` && echo $ID && echo -n $ID | wc -m
1d14cacd968a42963333d487dfca3c851811cee885a9397852636957
56
hswong3i@ubuntu-Inspiron-14-5420:~$ ID=`uuid | sha256sum | sed 's/\s*-$//g'` && echo $ID && echo -n $ID | wc -m
8c15853e8049304be6c3d2805e2e02caf092f54c65a21cb4557f51b8247194c2
64
hswong3i@ubuntu-Inspiron-14-5420:~$ ID=`uuid | sha512sum | sed 's/\s*-$//g'` && echo $ID && echo -n $ID | wc -m
175ff0a20fea01757d025ea742f848bfb2af64d10e0eeece63c30b863f3e6d59a564e7cc8fb0975bc62664e253a3517399d1f81a5eaa09525d239dcd3b6bf67d
128

From https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names as #32641 referenced, having at most 63 characters as "RFC 1123 Label Names" or "RFC 1035 Label Names" should be a good idea.

How can we reproduce the issue?

helm template cilium cilium/cilium \
--version 1.16.0 \
--kube-version v1.28.0 \
--namespace kube-system \
--set bpf.preallocateMaps=false \
--set cleanBpfState=false \
--set cleanState=false \
--set cluster.id=0 \
--set cluster.name=4e8b0505-4c52-57ab-a7f4-481e7ed3a2e3 \
--set cni.binPath=/opt/cni/bin \
--set cni.chainingMode=portmap \
--set cni.exclusive=true \
--set enableIPv4Masquerade=true  \
--set enableIPv6Masquerade=false \
--set envoy.enabled=false \
--set externalIPs.enabled=true \
--set hostPort.enabled=true \
--set hostServices.enabled=true \
--set hubble.enabled=false \
--set ipam.mode=cluster-pool \
--set ipam.operator.clusterPoolIPv4MaskSize=24 \
--set ipam.operator.clusterPoolIPv4PodCIDRList=10.233.64.0/18 \
--set ipv4.enabled=true \
--set ipv6.enabled=false \
--set kubeProxyReplacement=false \
--set nodePort.enabled=true \
--set nodeinit.enabled=true \
--set nodeinit.securityContext.privileged=true \
--set operator.replicas=1 \
--set operator.securityContext.privileged=true \
--set securityContext.privileged=true \
--set sessionAffinity=true \
--set sleepAfterInit=false \
--set tunnel=vxlan \
| yq -P -I 2 .

Error: execution error at (cilium/templates/validate.yaml:100:5): The cluster name is invalid: must not be more than 32 characters. Configure 'upgradeCompatibility' to 1.15 or earlier to temporarily skip this check at your own risk

Use --debug flag to render out invalid YAML

Cilium Version

root@chei9ahwie4f-1:~# cilium status
    /¯¯\
 /¯¯\__/¯¯\    Cilium:             OK
 \__/¯¯\__/    Operator:           OK
 /¯¯\__/¯¯\    Envoy DaemonSet:    disabled (using embedded mode)
 \__/¯¯\__/    Hubble Relay:       disabled
    \__/       ClusterMesh:        disabled

Deployment             cilium-operator    Desired: 1, Ready: 1/1, Available: 1/1
DaemonSet              cilium             Desired: 3, Ready: 3/3, Available: 3/3
Containers:            cilium             Running: 3
                       cilium-operator    Running: 1
Cluster Pods:          2/2 managed by Cilium
Helm chart version:    
Image versions         cilium             quay.io/cilium/cilium:v1.16.0: 3
                       cilium-operator    quay.io/cilium/operator-generic:v1.16.0: 1

Kernel Version

root@chei9ahwie4f-1:~# uname -a
Linux chei9ahwie4f-1 6.8.0-38-generic #38-Ubuntu SMP PREEMPT_DYNAMIC Fri Jun  7 15:25:01 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

Kubernetes Version

root@chei9ahwie4f-1:~# kubectl version
Client Version: v1.30.2
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.30.3

Regression

No response

Sysdump

No response

Relevant log output

No response

Anything else?

No response

Cilium Users Document

  • Are you a user of Cilium? Please add yourself to the Users doc

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/clustermeshRelates to multi-cluster routing functionality in Cilium.area/datapathImpacts bpf/ or low-level forwarding details, including map management and monitor messages.kind/bugThis is a bug in the Cilium logic.kind/community-reportThis was reported by a user in the Cilium community, eg via Slack.kind/regressionThis functionality worked fine before, but was broken in a newer release of Cilium.needs/triageThis issue requires triaging to establish severity and next steps.

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions