v1.8 backports 2021-03-19 #15400
Merged
v1.8 backports 2021-03-19 #15400
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ upstream commit 9a058d6 ] When using the Bugtool with "direct routing / native routing mode" enabled, we are only getting the encryption and proxy tables (200 / 2005). The goal of this PR is to get the route tables dynamically and remove the hardcoded ones. Fixes: #12250 Signed-off-by: Youssef Azrak yazrak.tech@gmail.com Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
[ upstream commit 390ee46 ] Before this patch, get_user_remote() would ignore its remote argument when provided and always take the auto-detection path. Signed-off-by: Alexandre Perrin <alex@kaworu.ch> Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
[ upstream commit ab4bafc ] Signed-off-by: Sean Winn <sean@isovalent.com> Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
|
test-backport-1.8 |
|
Fails on kernel 4.9 due to complexity issue: |
#15321 seems to be the culprit here, conversation there indicated the same issue on master? |
Umm... I thought the complexity was resolved with one of my commits. The |
Yes, even with the |
|
@jrajahalme Please skip the PR in question. Paul and I will manage the |
[ upstream commit 458c623 ] "kubectl get secret -n kube-system cilium-ipsec-keys" outputs two lines with "keys:", one is the real key data and other is a "managedField": $ kubectl get secret -n kube-system cilium-ipsec-keys -o yaml | grep keys: keys: MyByZmM0MTA2KGdjbShhZXMpKSA3ZTE1YmZlNmQyZjczNGUzZmQ0YTEzM2FlZDU2MGQwMjEzZjBjNmRmIDEyOA== f:keys: {} It makes the whole command to get the key id to fail: $ KEYID=$(kubectl get secret -n kube-system cilium-ipsec-keys -o yaml|grep keys: | awk '{print $2}' | base64 -d | awk '{print $1}') base64: invalid input This will be fixed in next Kubernetes release (kubernetes/kubernetes#96878), in the meanwhile just use a regular expression in awk to match "keys:" at the begining. Fixes: 4ea52ae ("cilium: encryption, docs key updates") Signed-off-by: Mauricio Vásquez <mauricio@accuknox.com> Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io> Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
a5e1c28 to
c6d82bb
Compare
|
Removed backport of #15321 |
|
test-backport-1.8 |
|
retest-upstream-k8s |
|
Upstream k8s test had failed to bring vagrant vm up, retesting. |
kaworu
approved these changes
Mar 22, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Once this PR is merged, you can update the PR labels via: