v1.17 Backports 2025-06-25 #40205
Merged
v1.17 Backports 2025-06-25 #40205
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/test |
724e293 to
ed66e76
Compare
|
/test |
|
Backport of my commit looks good, but the first two look odd. What I expect is that when I click on each backport, I can click the "Upstream commit ..." link and then compare the changes side-by-side. The commits should be equivalent to the original. However, for the second commit in this branch, it appears to be empty. Probably the conflict resolution merged the changes into the wrong commit? This becomes quite important when tracking down a bug through git blame, because we may want to track back to the original commit+PR to identify which branches are affected by a bug and so on. If the cherrypick changes which commits include the changes, this becomes more difficult. |
joestringer
requested changes
Jun 25, 2025
[ upstream commit dfd8f93 ] This reverts commit 2fc52eb. The commit was added with the intent to have an uniform behavior when Cilium is started on a single stack cluster with ipv6 support enabled, despite the KPR setting being enabled or disabled. Specifically, the added check was stopping the agent startup in case of a missing IPv6 address on the node, even when KPR was disabled. However, the IPv6 detection for NodePort, responsible for the startup error in case of missing IPv6 address with KPR enabled, has been removed in #29033. Therefore, there is no reason anymore to stop the agent at startup when the IPv6 support is enabled and the node is missing an IPv6 address. Moreover, the commit above led to some unintended consequences in environments where KPR is disabled and the IPv6 address is set on the node after the Cilium agent is started (see #34861). The same unintended consequence became more frequent after #32381, where we moved later in the daemon startup process the first call to SetDefaultPrefix. That function, among other things, was in charge of setting up a temporary IPv6 Unique Local Address in case the node does not have one yet. Since now the agent does this later (specifically, while configuring IPAM), the check introduced in 2fc52eb sees the IPv6 node address as nil and stops the agent. Therefore, revert the check to avoid the unintended regressions. Related: #28953 Related: #34861 Related: #29033 Related: #32381 Fixes: #37817 [ Backporter's notes: - resolved conflict in: daemon/k8s/init.go ] Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com> Signed-off-by: viktor-kurchenko <viktor.kurchenko@isovalent.com>
[ upstream commit e7486ec ] Log a warning when the node IPv6 address cannot be found at startup and the IPv6 support is enabled. The agent is not stopped since an IPv6 can still be assigne later to the node (see #34861 as an example of such scenario) [ Backporter's notes: - resolved conflicts in: daemon/k8s/init.go ] Suggested-by: Joe Stringer <joe@cilium.io> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com> Signed-off-by: viktor-kurchenko <viktor.kurchenko@isovalent.com>
[ upstream commit 272cc76 ] Tracing the history all the way back to commit adb32c6 ("docs: Use go-swagger Docker container to generate APIs"), these make targets have always ignore the exit status of the commands to generate the APIs. There's no explanation as to why, and this seems inadvisable since we rely on these commands generating consistent API templates that are used to interact with these APIs. Remove the "-" syntax to require that all such commands succeed. Signed-off-by: Joe Stringer <joe@cilium.io> Signed-off-by: viktor-kurchenko <viktor.kurchenko@isovalent.com>
ed66e76 to
04c9793
Compare
@joestringer thank you for the clarifications. |
|
/test |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Once this PR is merged, a GitHub action will update the labels of these PRs: