[v1.18] Keep non-serving terminating backends#42708
Merged
joamaki merged 3 commits intocilium:v1.18from Nov 17, 2025
Merged
Conversation
[ upstream commit 6f41c98 ] [ backporter's notes: adapted ParseEndpointSliceV1Beta & tests ] A terminating pod that no longer signals readiness will be seen as an endpoint with {ready: false, serving: false, terminating: true}. These were skipped leading to the backend being removed from the backends map which causes connection disruptions. Fix this by keeping the non-serving terminating backends in the backends BPF map, but not using it as a fallback backend if only terminating backends exists. This is implemented by: - Including all conditions in [k8s.Backend], not just Terminating. - Adding a new backend state (TerminatingNotServing) used with Terminating&!Serving conditions. - Not considering TerminatingNotServing backends when selecting the backends. Signed-off-by: Jussi Maki <jussi@isovalent.com>
[ upstream commit af7dde3 ] Skip endpoints in endpoint slices that have no conditions set as those are not yet ready to serve traffic. Before this they were marked quarantined which is unnecessary and it caused issues as the quarantined state was restored and not cleared until health checked (and we usually don't have a health checker). Fixes: cilium#41194 Fixes: 6f41c98 ("loadbalancer: Keep non-serving terminating backends") Signed-off-by: Jussi Maki <jussi@isovalent.com>
[ upstream commit 73812ed ] To avoid disrupting connections to backends that are flapping on their readiness state, keep the backends in the backends BPF map, but not in the services map. This in effect reverts the temporary workaround in cilium#41234. Fixes: cilium#41244 Signed-off-by: Jussi Maki <jussi@isovalent.com>
Contributor
Author
|
/test |
squeed
approved these changes
Nov 13, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This backports #40969, #41234 and #42170 to v1.18. This fixes losing connectivity to terminating endpoints that are marked unready due to pod readiness checks.