Delete stale v6 address from cilium_host#25962
Merged
dylandreimerink merged 1 commit intocilium:v1.13from Jun 8, 2023
Merged
Conversation
Member
Author
|
The patch has been tested and confirmed to fix the issue. |
Member
|
Thanks! I think we should open this PR for the |
brb
reviewed
Jun 7, 2023
d36afa9 to
b775211
Compare
brb
reviewed
Jun 7, 2023
b775211 to
475ce7f
Compare
brb
reviewed
Jun 7, 2023
Prior to 1.14, Cilium set the cilium_host IPv6 addr to the same one as the native iface, but cilium#24208 replaces the native IPv6 with the one allocated from IPAM. That change breaks the downgrade path due to failures on installing CIDR routes. To fix the downgrade path, the ideal way is to delete the stale IPv6 on cilium_host, as long as the IPv6 is from IPAM; but in practical, we don't have a perfect approach to tell if an IPv6 is from IPAM due to the complicated situations for multi-pool IPAM, ENI IPAM, and so on. Therefore, this commit deletes global scope IPv6 on cilium_host as long as the address is not the one we want. We believe this is so far the most robust way to make sure stale addresses are gone. Fixes: cilium#25938 Signed-off-by: Zhichuan Liang <gray.liang@isovalent.com>
475ce7f to
adf8659
Compare
Closed
Member
Author
|
/test |
Member
Author
|
|
Member
Author
|
/test-backport-1.13 |
Member
|
Tested with the downgrade CI - it works! https://github.com/cilium/cilium/actions/runs/5198987404/jobs/9375802753 (please ignore the red builds, as they are suffering from other problems). |
lmb
reviewed
Jun 7, 2023
lmb
approved these changes
Jun 7, 2023
Member
Author
|
/test-1.19-4.19 |
Member
Author
|
All the |
This was referenced Jun 9, 2023
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Prior to 1.14, Cilium set the cilium_host IPv6 addr to the same one as the native iface, but #24208 replaces the native IPv6 with the one allocated from IPAM. That change breaks the downgrade path due to failures on installing CIDR routes.
To fix the downgrade path, the ideal way is to delete the stale IPv6 on cilium_host, as long as the IPv6 is from IPAM; but in practical, we don't have a perfect approach to tell if an IPv6 is from IPAM due to the complicated situations for multi-pool IPAM, ENI IPAM, and so on.
Therefore, this PR deletes global scope IPv6 on cilium_host as long as the address is not the one we want. We believe this is so far the most robust way to make sure stale addresses are gone.
Fixes: #25938
Signed-off-by: Zhichuan Liang gray.liang@isovalent.com