Skip to content

envoy: Update to use source port in connection pool hash #32270

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 2, 2024
Merged

envoy: Update to use source port in connection pool hash #32270

merged 1 commit into from
May 2, 2024

Conversation

jrajahalme
Copy link
Member

@jrajahalme jrajahalme commented Apr 30, 2024
edited
Loading

Update Envoy image to a version that includes the source port in upstream connection pool hash, so that each unique downstream connection gets a dedicated upstream connection.

Backport note: Backport once the cilium/proxy change is backported to the relevant release branches (cilium/proxy v1.27 & v1.28)

Fixes: #27762

Envoy upstream connections are now unique for each downstream connection when using the original source address of a source pod.

@jrajahalme jrajahalme added release-note/bug This PR fixes an issue in a previous release of Cilium. dont-merge/preview-only Only for preview or testing, don't merge it. labels Apr 30, 2024
@jrajahalme jrajahalme requested review from a team as code owners April 30, 2024 19:27
@jrajahalme
Copy link
Member Author

/test

This was referenced Apr 30, 2024
Merged
Closed
@jrajahalme
Copy link
Member Author

/test

@jrajahalme jrajahalme force-pushed the envoy-use-port-in-conn-pool branch from 288b6a0 to fc54828 Compare May 2, 2024 06:23
@jrajahalme jrajahalme added area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. kind/bug This is a bug in the Cilium logic. needs-backport/1.13 backport/author The backport will be carried out by the author of the PR. and removed dont-merge/preview-only Only for preview or testing, don't merge it. labels May 2, 2024
sayboras
sayboras approved these changes May 2, 2024
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM ✅

@jrajahalme
Copy link
Member Author

/test

@sayboras sayboras enabled auto-merge May 2, 2024 07:06
@jrajahalme
envoy: Update to use source port in connection pool hash
d075c5c 
Update Envoy image to a version that includes the source port in upstream
connection pool hash, so that each unique downstream connection gets a
dedicated upstream connection.

Fixes: cilium#27762
Signed-off-by: Jarno Rajahalme <jarno@isovalent.com>
@jrajahalme jrajahalme force-pushed the envoy-use-port-in-conn-pool branch from fc54828 to d075c5c Compare May 2, 2024 08:14
@jrajahalme
Copy link
Member Author

Rebased to resolve conflict in git diff context.

@jrajahalme
Copy link
Member Author

/test

@sayboras sayboras added this pull request to the merge queue May 2, 2024
Merged via the queue into cilium:main with commit d5efd28 May 2, 2024
This was referenced May 2, 2024
Merged
Merged
Merged
@jrajahalme jrajahalme added backport-pending/1.13 backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. and removed needs-backport/1.13 labels May 3, 2024
@github-actions github-actions bot added backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. backport-done/1.13 The backport for Cilium 1.13.x for this PR is done. and removed backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. backport-pending/1.13 labels May 6, 2024
This was referenced May 10, 2024
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tommyp1ckles tommyp1ckles tommyp1ckles approved these changes

@sayboras sayboras sayboras approved these changes

@squeed squeed Awaiting requested review from squeed squeed is a code owner automatically assigned from cilium/helm

Assignees
No one assigned
Labels
area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. backport/author The backport will be carried out by the author of the PR. backport-done/1.13 The backport for Cilium 1.13.x for this PR is done. backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. kind/bug This is a bug in the Cilium logic. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
No open projects
cilium v1.13.16
Status: Released
cilium v1.14.11
Status: Released
cilium v1.15.5
Status: Released
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CI: Conformance E2E: client-egress-l7-named-port/pod-to-pod: command terminated with exit code 28 (timeout)
3 participants
@jrajahalme @tommyp1ckles @sayboras