Skip to content

fix: add a rule for allowDNS to allow node-local-dns with ip#20683

Closed
eminaktas wants to merge 1 commit intocilium:masterfrom
eminaktas:world-entity
Closed

fix: add a rule for allowDNS to allow node-local-dns with ip#20683
eminaktas wants to merge 1 commit intocilium:masterfrom
eminaktas:world-entity

Conversation

@eminaktas
Copy link
Copy Markdown
Contributor

@eminaktas eminaktas commented Jul 28, 2022
edited
Loading

Fixes: #20055

Update connectivity tests for clusters running NodeLocal DNSCache with Local IP.

Signed-off-by: eminaktas eminaktas34@gmail.com

@eminaktas eminaktas requested a review from a team as a code owner July 28, 2022 11:48
@eminaktas eminaktas requested a review from squeed July 28, 2022 11:48
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jul 28, 2022
@eminaktas eminaktas mentioned this pull request Jul 28, 2022
Merged
@aditighag
Copy link
Copy Markdown
Member

aditighag commented Jul 28, 2022
edited
Loading

I don't think poking holes in the connectivity tests with world entity is a valid workaround, it's too permissive. We should instead try to address #18644. We should have more discussion around Joe's comment - #18644 (comment). Let's consolidate discussions in the same issue.

@eminaktas
Copy link
Copy Markdown
Contributor Author

eminaktas commented Jul 28, 2022

I don't think poking holes in the connectivity tests with world entity is a valid workaround, it's too permissive. We should instead try to address #18644. We should have more discussion around Joe's comment - #18644 (comment). Let's consolidate discussions in the same issue.

I totally agree with your thoughts. If cilium knows who owns the local IP or marks with host entity, we would change the entity to host, or even we can close this PR if cilium has the labels for the local IP.

@eminaktas
fix: add a rule for allowDNS to allow node-local-dns with ip
b22c973 
Signed-off-by: eminaktas <eminaktas34@gmail.com>
@aanm aanm requested review from aditighag and sayboras and removed request for squeed July 29, 2022 15:44
@aanm aanm added the release-note/misc This PR makes changes that have no direct user impact. label Jul 29, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jul 29, 2022
@github-actions
Copy link
Copy Markdown

github-actions bot commented Aug 29, 2022

This pull request has been automatically marked as stale because it
has not had recent activity. It will be closed if no further activity
occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale The stale bot thinks this issue is old. Add "pinned" label to prevent this from becoming stale. label Aug 29, 2022
@github-actions
Copy link
Copy Markdown

github-actions bot commented Sep 13, 2022

This pull request has not seen any activity since it was marked stale.
Closing.

@github-actions github-actions bot closed this Sep 13, 2022
@aditighag aditighag mentioned this pull request Jan 4, 2023
Merged
@rptaylor rptaylor mentioned this pull request Oct 31, 2025
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aditighag aditighag Awaiting requested review from aditighag

@sayboras sayboras Awaiting requested review from sayboras

Assignees

No one assigned

Labels

release-note/misc This PR makes changes that have no direct user impact. stale The stale bot thinks this issue is old. Add "pinned" label to prevent this from becoming stale.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

cilium connectivity test fails when nodelocaldns is running in cluster

3 participants

@eminaktas @aditighag @aanm