v1.15 Backports 2024-11-12 #35909
Merged
v1.15 Backports 2024-11-12 #35909
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ upstream commit 03bde2b ] [ backproter's notes: applied the changes to the main Makefile, rather than Makefile.kind that did not exist in the v1.15 tree. ] Simplify locally testing Cilium configured in kvstore mode via the introduction of a dedicated `kind-kvstore-install-cilium` target, which takes care of setting up an etcd pod running in host network (pinned to a control plane node) and configuring Cilium to target it. The creation and deletion of the etcd pod is delegated to the dedicated `kind-kvstore-start` and `kind-kvstore-stop` commands. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
|
/ci-e2e-upgrade |
|
/ci-ipsec-upgrade |
|
/ci-ipsec-e2e |
[ upstream commit 535e7f1 ] [ backporter's notes: hit multiple conflicts due to different surrounding context. Adapted the etcd setup logic to be run within the LVH context. Additionally skipped testing kvstore in combination with WireGuard, as v1.15 and earlier are affected by bugs potentially causing connection disruption upon agent restart in this combination (#31985, #31979). ] Modify a few matrix entries of the Cilium E2E Upgrade workflow to configure Cilium in kvstore mode, to cover this functionality here as well in addition to the clustermesh workflows. In detail, the etcd instance is executed as a pod running in host network, which is setup via the `kind-kvstore-start` makefile target. The matrix entries are selected trying to cover the most common combinations, that is native-routing/tunneling, KPR off/on and wireguard off/on, and avoiding incompatible options (mainly Egress Gateway). Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
[ upstream commit 2056fa9 ] [ backporter's notes: hit minor conflicts due to different surrounding context, adapted as appropriate; additionally configured the matrix entries in the individual workflow files, as ipsec/configs.yaml did not exist in the v1.15 tree. ] Modify a few matrix entries of the Conformance IPSec and IPSec Upgrade workflows to configure Cilium in kvstore mode, to cover this functionality here as well in addition to the E2E and clustermesh workflows. In detail, the etcd instance is executed as a pod running in host network, which is setup via the `kind-kvstore-start` makefile target. The matrix entries are selected to cover both native routing and tunneling, while avoiding incompatible options (mainly Egress Gateway and Mutual Auth). Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
83c8326 to
a248f34
Compare
|
/test-backport-1.15 |
nebril
approved these changes
Nov 12, 2024
sayboras
approved these changes
Nov 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Once this PR is merged, a GitHub action will update the labels of these PRs: