Skip to content

Add kpr.Cell for KPRConfig #40026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 16, 2025
Merged

Add kpr.Cell for KPRConfig #40026

merged 2 commits into from
Jun 16, 2025

Conversation

brb
Copy link
Member

@brb brb commented Jun 13, 2025
edited
Loading

See commit msgs.

Needed for #39767.

Blocked by #40022

Fixes: #40028

@brb brb added release-note/minor This PR changes functionality that users may find relevant to operating Cilium. area/loadbalancing Impacts load-balancing and Kubernetes service implementations labels Jun 13, 2025
@brb brb requested a review from joamaki June 13, 2025 10:30
@brb brb force-pushed the pr/brb/kpr-cell branch from c3b5ff3 to ced0815 Compare June 13, 2025 11:27
@brb
Copy link
Member Author

brb commented Jun 13, 2025

/test

@brb brb force-pushed the pr/brb/kpr-cell branch 2 times, most recently from d4fd9c9 to b6f3069 Compare June 13, 2025 11:36
@brb
Copy link
Member Author

brb commented Jun 13, 2025

/test

@brb brb force-pushed the pr/brb/kpr-cell branch from b6f3069 to 27a9e07 Compare June 13, 2025 12:06
@brb
Copy link
Member Author

brb commented Jun 13, 2025

/test

@brb brb force-pushed the pr/brb/kpr-cell branch from 27a9e07 to e780f4e Compare June 13, 2025 12:48
@brb
Copy link
Member Author

brb commented Jun 13, 2025

/ci-runtime

@brb brb marked this pull request as ready for review June 13, 2025 13:40
@brb brb requested review from a team as code owners June 13, 2025 13:40
@brb brb requested review from christarazi, rgo3 and tommyp1ckles June 13, 2025 13:40
@brb
daemon: Add KPR cell for KPR config derivation
9aa2ea1 
This commit introduces kpr.Cell which provides kpr.KPRConfig. The latter
is derived from KPR flags such as --kube-proxy-replacement,
--enable-node-port and so on.

The new cell allows pkg/loadbalancer to *not* depend on the
DaemonConfigPromise when implementing the flags support (will be done in
a separate PR). The promise dependence comes from the fact that
previously initKubeProxyReplacement() could modify some of the flags
(for example, if --kpr=true, then --enable-node-port will be set to
true). The invocation of the helper function happened after the
DaemonConfig has been constructed. Thus, any pkg must consume the
DaemonConfig in a form of the promise to avoid the races.

For now the cell contains only a few flags (required for
#39767). In v1.19 we will move the
rest of the flags. Afterwards, we can re-consider whether having the
dedicated cell for the KPR config makes sense (for example, we could
move it to pkg/loadbalancer).

Signed-off-by: Martynas Pumputis <martynas@isovalent.com>
@brb brb force-pushed the pr/brb/kpr-cell branch from e780f4e to 9aa2ea1 Compare June 16, 2025 10:28
@brb
Copy link
Member Author

brb commented Jun 16, 2025

/test

@brb brb requested a review from aanm June 16, 2025 12:01
rgo3
rgo3 approved these changes Jun 16, 2025
View reviewed changes
Copy link
Contributor

@rgo3 rgo3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Loader changes LGTM!

@brb brb removed the request for review from aditighag June 16, 2025 13:00
@brb brb enabled auto-merge June 16, 2025 13:16
@aanm aanm requested a review from Copilot June 16, 2025 14:04
Copilot

This comment was marked as outdated.

Sign in to view

@brb brb requested review from Copilot and removed request for Copilot June 16, 2025 14:33
Copilot

This comment was marked as outdated.

Sign in to view

@brb brb requested review from Copilot and removed request for tommyp1ckles June 16, 2025 14:40
Copilot
Copilot AI reviewed Jun 16, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces the kpr.KPRConfig struct throughout the datapath, configuration, and daemon code to replace individual option.Config flags for kube-proxy replacement. It updates cell modules, writers, node handlers, and initialization routines to accept and use the central KPRConfig, and revises tests and CLI modules accordingly.

  • Propagate kpr.KPRConfig through loader, node handler, config writer, and daemon startup
  • Replace deprecated option.Config flags (e.g. EnableNodePort, EnableSocketLB) with kprCfg fields
  • Add kpr.Cell to hive modules and update tests to pass KPRConfig

Reviewed Changes

Copilot reviewed 47 out of 47 changed files in this pull request and generated no comments.

Show a summary per file
File Description
pkg/datapath/loader/base.go Pass lnc.KPRConfig into IPSec device checks and socket LB calls
pkg/datapath/linux/{node.go,*.go} Add kprCfg field to handler and use it in rebuild/path logic
pkg/datapath/linux/config/{config.go,cell.go} Inject KPRConfig into header writer and cell params
daemon/cmd/{daemon.go,daemon_main.go,...} Wire KPRConfig into daemon init, kube-proxy replacement logic, and CLI cells
tests Update numerous tests to construct and verify via kpr.KPRConfig
Comments suppressed due to low confidence (3)

daemon/cmd/daemon_main.go:38

  • The alias import for linuxdatapath was removed but linuxdatapath.NodeDeviceNameWithDefaultRoute is still called later, causing a compile error. Re-add the import or adjust the call.
linuxdatapath "github.com/cilium/cilium/pkg/datapath/linux"

daemon/cmd/daemon.go:45

  • Calls to linuxdatapath.NodeDeviceNameWithDefaultRoute appear in this file but the linuxdatapath import is missing. Add the import alias for github.com/cilium/cilium/pkg/datapath/linux.
github.com/cilium/cilium/pkg/kpr

daemon/healthz/kube_proxy_healthz.go:72

  • The KPRConfig field is referenced here but it must be set when building kubeProxyHealthParams. Ensure the provider/invocation that constructs params injects the actual kpr.KPRConfig from the daemon parameters, otherwise this check will always see a zero-value config.
if params.Config.KubeProxyReplacementHealthzBindAddress == "" || params.KPRConfig.KubeProxyReplacement == option.KubeProxyReplacementFalse {

@brb brb disabled auto-merge June 16, 2025 14:42
@brb brb enabled auto-merge June 16, 2025 14:42
@borkmann borkmann mentioned this pull request Jun 16, 2025
Merged
@brb brb removed the dont-merge/blocked Another PR must be merged before this one. label Jun 16, 2025
@brb brb added this pull request to the merge queue Jun 16, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot added ready-to-merge This PR has passed all tests and received consensus from code owners to merge. labels Jun 16, 2025
Merged via the queue into main with commit 21aa075 Jun 16, 2025
380 of 383 checks passed
@brb brb deleted the pr/brb/kpr-cell branch June 16, 2025 15:24
@github-project-automation github-project-automation bot moved this from Proposed to Done in Release blockers Jun 16, 2025
@joestringer
Copy link
Member

Changing the release note here to misc, since this doesn't appear to have any user-facing impact.

@joestringer joestringer added release-note/misc This PR makes changes that have no direct user impact. and removed release-note/minor This PR changes functionality that users may find relevant to operating Cilium. labels Jul 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@joamaki joamaki joamaki approved these changes

@dylandreimerink dylandreimerink dylandreimerink approved these changes

@MrFreezeex MrFreezeex MrFreezeex approved these changes

@christarazi christarazi christarazi approved these changes

@aanm aanm aanm approved these changes

@mhofstetter mhofstetter mhofstetter approved these changes

@rgo3 rgo3 rgo3 approved these changes

Assignees
No one assigned
Labels
area/loadbalancing Impacts load-balancing and Kubernetes service implementations ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-blocker/1.18 This issue will prevent the release of the next version of Cilium. release-note/misc This PR makes changes that have no direct user impact.
Projects
Release blockers
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

socket termination reconciler not triggered when kpr=true
9 participants
@brb @joestringer @joamaki @dylandreimerink @MrFreezeex @christarazi @aanm @mhofstetter @rgo3