Skip to content

ipam: Avoid empty CIDR in ENI mode #35695

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 4, 2024
Merged

ipam: Avoid empty CIDR in ENI mode #35695

merged 1 commit into from
Nov 4, 2024

Conversation

sayboras
Copy link
Member

@sayboras sayboras commented Nov 1, 2024
edited
Loading

In some cases, there might be race condition between Instance Manager (running in operator) and IPAM (running in agent) modules, which could lead to IP details are not populated properly, and hence cause the below fatal error. This commit is to make sure that we don't add empty CIDR into the allocation result. Just a note that once the CRD is update, the existing resync process will kick off and perform the needful.

time="2024-10-22T22:48:31Z" level=fatal msg="failed to start: daemon creation failed: failed to coalesce CIDRs: invalid CIDR address: " subsys=daemon

Relates: #32855

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Nov 1, 2024
@sayboras sayboras added release-note/bug This PR fixes an issue in a previous release of Cilium. needs-backport/1.15 needs-backport/1.16 This PR / issue needs backporting to the v1.16 branch labels Nov 1, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels Nov 1, 2024
@sayboras sayboras force-pushed the pr/tammach/eni-empty-cidr branch from 7228b02 to 322c922 Compare November 1, 2024 15:30
@sayboras
ipam: Avoid empty CIDR in ENI mode
fd1450d 
In some cases, there might be race condition between Instance Manager
(running in operator) and IPAM (running in agent) components, this could
lead to the issue, in which IP details are not populated properly, and
hence cause the below fatal error. This commit is to make sure that we
don't add empty CIDR into the allocation result. Just a note that once
the CRD is updated, the existing resync process will kick off and
perform the needful.

```
time="2024-10-22T22:48:31Z" level=fatal msg="failed to start: daemon creation failed: failed to coalesce CIDRs: invalid CIDR address: " subsys=daemon
```

Signed-off-by: Tam Mach <tam.mach@cilium.io>
@sayboras sayboras force-pushed the pr/tammach/eni-empty-cidr branch from 322c922 to fd1450d Compare November 1, 2024 15:37
@sayboras
Copy link
Member Author

sayboras commented Nov 2, 2024

/test

@sayboras sayboras marked this pull request as ready for review November 3, 2024 23:06
@sayboras sayboras requested a review from a team as a code owner November 3, 2024 23:06
@sayboras sayboras requested a review from doniacld November 3, 2024 23:06
doniacld
doniacld approved these changes Nov 4, 2024
View reviewed changes
Copy link
Contributor

@doniacld doniacld left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 4, 2024
@julianwiedmann julianwiedmann added the area/ipam IP address management, including cloud IPAM label Nov 4, 2024
@julianwiedmann julianwiedmann added this pull request to the merge queue Nov 4, 2024
@julianwiedmann julianwiedmann added the area/eni Impacts ENI based IPAM. label Nov 4, 2024
Merged via the queue into main with commit 12bbed5 Nov 4, 2024
275 checks passed
@julianwiedmann julianwiedmann deleted the pr/tammach/eni-empty-cidr branch November 4, 2024 17:11
@sayboras sayboras mentioned this pull request Nov 5, 2024
Closed
1 task
@sayboras sayboras added backport-pending/1.16 The backport for Cilium 1.16.x for this PR is in progress. and removed needs-backport/1.16 This PR / issue needs backporting to the v1.16 branch labels Nov 5, 2024
@sayboras sayboras mentioned this pull request Nov 5, 2024
Closed
1 task
@sayboras sayboras added backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. and removed needs-backport/1.15 labels Nov 5, 2024
gandro
gandro reviewed Nov 5, 2024
View reviewed changes
Copy link
Member

@gandro gandro left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I only noticed this now and I'm a bit worried that this papers over a more serious issue. Generally speaking, the agent must not hand out IPs if the ENI allocator is not ready. In particular, if we have a race where the agent somehow observes incomplete ENI information, then ignoring that missing information and handing out IPs is making things worse:

If we hand out ENI IPs to endpoints without e.g. the the VPC CIDR, then the IP rules created for that endpoint (here) will be incomplete and there is currently no way that will be reconciled later. That endpoint that got the incomplete IPAM result will remain broken forever.

In that sense, having the agent crash loop until the CiliumNode object fully populated prevents us from using incomplete wrong information. In other words, the crash was preventing us from doing even worse things. Ideally of course we would just block instead of crash, but continuing with incomplete information will lead to even worse issues I'm afraid.

sayboras added a commit that referenced this pull request Nov 5, 2024
@sayboras
Revert "ipam: Avoid empty CIDR in ENI mode"
8d2fbf2 
This reverts commit 12bbed5.

Relates: #35695 (review)
sayboras added a commit that referenced this pull request Nov 5, 2024
@sayboras
Revert "ipam: Avoid empty CIDR in ENI mode"
c81a10d 
This reverts commit 12bbed5.

Relates: #35695 (review)
Signed-off-by: Tam Mach <tam.mach@cilium.io>
@sayboras sayboras removed backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. backport-pending/1.16 The backport for Cilium 1.16.x for this PR is in progress. labels Nov 5, 2024
github-merge-queue bot pushed a commit that referenced this pull request Nov 5, 2024
@sayboras
Revert "ipam: Avoid empty CIDR in ENI mode"
1742e11 
This reverts commit 12bbed5.

Relates: #35695 (review)
Signed-off-by: Tam Mach <tam.mach@cilium.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gandro gandro gandro left review comments

+1 more reviewer

@doniacld doniacld doniacld approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
area/eni Impacts ENI based IPAM. area/ipam IP address management, including cloud IPAM ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sayboras @gandro @doniacld @julianwiedmann