remove Cilium node annotations during uninstall when clean-cilium-state is true #39931

AritraDey-Dev · 2025-06-06T20:48:25Z

Deletes Cilium-related annotations from K8s nodes as part of the uninstall process.

Please ensure your pull request adheres to the following guidelines:

For first time contributors, read Submitting a pull request
All code is covered by unit and/or runtime tests where feasible.
All commits contain a well written commit description including a title,
description and a Fixes: #XXX line if the commit addresses a particular
GitHub issue.
If your commit description contains a Fixes: <commit-id> tag, then
please add the commit author[s] as reviewer[s] to this issue.
All commits are signed off. See the section Developer’s Certificate of Origin
Provide a title or release-note blurb suitable for the release notes.
Are you a user of Cilium? Please add yourself to the Users doc
Thanks for contributing!

Cilium uninstall now removes annotations from Kubernetes nodes when clean-cilium-state: true

asauber · 2025-06-09T01:56:39Z

Hi @AritraDey-Dev, thanks for the contribution. Would you mind squashing these two commits into one?

AritraDey-Dev · 2025-06-09T10:10:56Z

Would you mind squashing these two commits into one?

done.

aanm · 2025-06-16T09:51:35Z

/test

joestringer · 2025-06-25T15:51:37Z

The Cilium E2E Upgrade test is consistently failing with the same symptoms, so it looks like this PR may be causing that behavior. Furthermore the last two failures for the Multi Pool IPAM tests also had the same symptoms. I think that for this PR to move forward, these failures will need to be triaged to ensure that the PR doesn't break the tests.

AritraDey-Dev · 2025-06-28T16:16:07Z

Hi, could someone from the team please run a /test?I'm happy to refactor if there are still failures.

Artyop · 2025-06-30T08:51:58Z

/test

tklauser · 2025-07-03T08:47:23Z

@AritraDey-Dev could you please drop the merge commit? Then we should be good to merge this PR.

AritraDey-Dev · 2025-07-03T09:14:45Z

@AritraDey-Dev could you please drop the merge commit? Then we should be good to merge this PR.

rebased. PTAL.

tklauser · 2025-07-03T09:18:22Z

/test

tklauser · 2025-07-03T09:18:34Z

@AritraDey-Dev could you please drop the merge commit? Then we should be good to merge this PR.

rebased. PTAL.

Thanks, LGTM.

Deletes Cilium-related annotations from K8s nodes. Fixes cilium#22306 Signed-off-by: Aritra Dey <adey01027@gmail.com>

AritraDey-Dev · 2025-07-03T10:18:00Z

There was a spacing issue for which tests were failing i have fixed it.

tklauser · 2025-07-03T11:15:24Z

/test

AritraDey-Dev · 2025-07-03T16:47:29Z

These tests passed last time. I believe they are flaky. Could you please retrigger this workflow?

joestringer · 2025-07-03T17:51:28Z

Please investigate failures before asking to re-run the tests. The failure looks like it is consistent (text copy below). At a glance it doesn't seem related to the PR, but that doesn't mean that it will just go away if you keep re-running it:

    cilium    cilium-gp7k9    container cilium-agent is in CrashLoopBackOff, pulling previous Pod logs for further investigation:
2025-07-03T11:24:36.024058392Z time=2025-07-03T11:24:36.023804029Z level=debug msg="Skipped reading configuration file" error="Config File \"cilium\" Not Found in \"[/root]\""
2025-07-03T11:24:36.024530774Z time=2025-07-03T11:24:36.024349869Z level=info source=/go/src/github.com/cilium/cilium/pkg/option/config.go:3301 msg="Memory available for map entries (0.250% of 12550979584B): 31377448B"
2025-07-03T11:24:36.024541825Z time=2025-07-03T11:24:36.024402097Z level=debug source=/go/src/github.com/cilium/cilium/pkg/option/config.go:3308 msg="Total memory for default map entdries: 149422080"
2025-07-03T11:24:36.024545651Z time=2025-07-03T11:24:36.024412907Z level=info source=/go/src/github.com/cilium/cilium/pkg/option/config.go:3346 msg="option bpf-ct-global-tcp-max set by dynamic sizing to 131072"
2025-07-03T11:24:36.024548807Z time=2025-07-03T11:24:36.024418738Z level=info source=/go/src/github.com/cilium/cilium/pkg/option/config.go:3354 msg="option bpf-ct-global-any-max set by dynamic sizing to 65536"
<...>
2025-07-03T11:24:36.587151443Z time=2025-07-03T11:24:36.586284574Z level=error source=/go/src/github.com/cilium/cilium/vendor/github.com/cilium/hive/cell/lifecycle.go:129 msg="Start hook failed" function="cmd.newDaemonPromise.func1 (cmd/daemon_main.go:1430) (agent.controlplane.daemon)" error="daemon creation failed: WireGuard requires an IPv4 underlay"
2025-07-03T11:24:36.587162183Z time=2025-07-03T11:24:36.586305263Z level=error source=/go/src/github.com/cilium/cilium/vendor/github.com/cilium/hive/hive.go:363 msg="Failed to start hive" error="daemon creation failed: WireGuard requires an IPv4 underlay" duration=234.287186ms
<...>

joestringer · 2025-07-03T18:57:28Z

For context, it looks like WireGuard + IPv6 underlay was just recently added into the tree (#40051), and this PR is based on an older version of the main branch from before the feature was added. Still, Cilium runs the latest tests against your PR, so this means that the code does not support the test case but the test case will run from the latest branch. The test case then fails.

Overall this means that the failure should be unrelated to this PR. In general, it can help to rebase against the tip of main whenever you update the PR to mitigate this case. In this specific case, given that this is an isolated failure and the PR looks otherwise fine (and unlikely to cause other regressions), I will bypass the merge criteria to merge the PR.

Thanks for your contribution @AritraDey-Dev .

joestringer · 2025-07-03T18:58:55Z

I updated the release note to remove unclear references like the word this and to communicate the functionality of this PR more clearly to users in the release notes.

AritraDey-Dev requested review from a team as code owners June 6, 2025 20:48

AritraDey-Dev requested review from asauber and Artyop June 6, 2025 20:48

maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jun 6, 2025

github-actions bot added cilium-cli This PR contains changes related with cilium-cli cilium-cli-exclusive This PR only impacts cilium-cli binary kind/community-contribution This was a contribution made by a community member. labels Jun 6, 2025

asauber added the release-note/minor This PR changes functionality that users may find relevant to operating Cilium. label Jun 9, 2025

maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jun 9, 2025

AritraDey-Dev force-pushed the cleanup-cilium-node-annotations branch from 9711ae3 to c9991ff Compare June 9, 2025 10:10

AritraDey-Dev force-pushed the cleanup-cilium-node-annotations branch from c9991ff to 7f87c0c Compare June 9, 2025 10:26

aanm approved these changes Jun 16, 2025

View reviewed changes

aanm enabled auto-merge June 16, 2025 09:51

asauber approved these changes Jun 17, 2025

View reviewed changes

Artyop approved these changes Jun 17, 2025

View reviewed changes

auto-merge was automatically disabled June 28, 2025 16:11
Head branch was pushed to by a user without write access

maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jul 1, 2025

tklauser added the dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. label Jul 3, 2025

AritraDey-Dev force-pushed the cleanup-cilium-node-annotations branch 3 times, most recently from 1ad47e5 to 273bf33 Compare July 3, 2025 09:09

tklauser removed the dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. label Jul 3, 2025

tklauser enabled auto-merge July 3, 2025 09:18

auto-merge was automatically disabled July 3, 2025 10:06
Head branch was pushed to by a user without write access

AritraDey-Dev force-pushed the cleanup-cilium-node-annotations branch from 273bf33 to 85dd3aa Compare July 3, 2025 10:06

feat: remove Cilium node annotations when clean-cilium-state is true

07ae783

Deletes Cilium-related annotations from K8s nodes. Fixes cilium#22306 Signed-off-by: Aritra Dey <adey01027@gmail.com>

AritraDey-Dev force-pushed the cleanup-cilium-node-annotations branch from 85dd3aa to 07ae783 Compare July 3, 2025 10:17

tklauser enabled auto-merge July 3, 2025 11:15

joestringer disabled auto-merge July 3, 2025 18:57

joestringer merged commit e92934e into cilium:main Jul 3, 2025
66 of 68 checks passed

AritraDey-Dev deleted the cleanup-cilium-node-annotations branch July 3, 2025 19:03

remove Cilium node annotations during uninstall when clean-cilium-state is true #39931

remove Cilium node annotations during uninstall when clean-cilium-state is true #39931

Uh oh!

Conversation

AritraDey-Dev commented Jun 6, 2025 • edited by joestringer Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

asauber commented Jun 9, 2025

Uh oh!

AritraDey-Dev commented Jun 9, 2025

Uh oh!

aanm commented Jun 16, 2025

Uh oh!

joestringer commented Jun 25, 2025

Uh oh!

AritraDey-Dev commented Jun 28, 2025

Uh oh!

Artyop commented Jun 30, 2025

Uh oh!

tklauser commented Jul 3, 2025

Uh oh!

AritraDey-Dev commented Jul 3, 2025

Uh oh!

tklauser commented Jul 3, 2025

Uh oh!

tklauser commented Jul 3, 2025

Uh oh!

AritraDey-Dev commented Jul 3, 2025

Uh oh!

tklauser commented Jul 3, 2025

Uh oh!

AritraDey-Dev commented Jul 3, 2025

Uh oh!

joestringer commented Jul 3, 2025

Uh oh!

joestringer commented Jul 3, 2025

Uh oh!

Uh oh!

joestringer commented Jul 3, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

AritraDey-Dev commented Jun 6, 2025 •

edited by joestringer

Loading

joestringer commented Jul 3, 2025 •

edited

Loading