Skip to content

loader: refactor package and make individual BPF configuration objects pluggable#43479

Merged
ti-mo merged 17 commits intocilium:mainfrom
ti-mo:tb/loader-config-split
Jan 6, 2026
Merged

loader: refactor package and make individual BPF configuration objects pluggable#43479
ti-mo merged 17 commits intocilium:mainfrom
ti-mo:tb/loader-config-split

Conversation

@ti-mo
Copy link
Copy Markdown
Contributor

@ti-mo ti-mo commented Dec 22, 2025
edited
Loading

Best reviewed per commit. The package was long overdue for a split into multiple files for navigability.

Overall, there are 3 main changes:

  • The loader.go swamp has been drained into endpoint.go, overlay.go, host/netdev.go, wireguard.go, xdp.go and encryption.go and moved to pkg/datapath/config next to the generated structs.
  • CollectionOptions.Constants now supports (but doesn't force) an []any, enabling composing slices of configuration objects at runtime, e.g only when certain features are enabled, or to pull chunks of configuration data from Hive or other extra sources within the codebase. The future un-embedding of config.Node will also leverage this work since we want to store it in Hive.
  • CollectionOptions.Constants is now fed with the output of functions (like overlayConfiguration) that gather objects from all registered providers and return it in a single slice.

@ti-mo ti-mo requested review from a team as code owners December 22, 2025 14:42
@ti-mo ti-mo requested a review from ldelossa December 22, 2025 14:42
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Dec 22, 2025
@ti-mo ti-mo added the release-note/misc This PR makes changes that have no direct user impact. label Dec 22, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Dec 22, 2025
@ti-mo ti-mo force-pushed the tb/loader-config-split branch from af2a895 to 4523c10 Compare December 22, 2025 14:44
@ti-mo
Copy link
Copy Markdown
Contributor Author

ti-mo commented Dec 22, 2025

/test

@ti-mo ti-mo force-pushed the tb/loader-config-split branch 2 times, most recently from 842db56 to 548c7c2 Compare December 23, 2025 12:40
@ti-mo
Copy link
Copy Markdown
Contributor Author

ti-mo commented Dec 23, 2025

/test

brb
brb reviewed Jan 6, 2026
View reviewed changes
@brb brb removed the request for review from ldelossa January 6, 2026 09:02
brb
brb reviewed Jan 6, 2026
View reviewed changes
@ti-mo ti-mo force-pushed the tb/loader-config-split branch from 548c7c2 to fa43b76 Compare January 6, 2026 11:13
@ti-mo
Copy link
Copy Markdown
Contributor Author

ti-mo commented Jan 6, 2026

/test

brb
brb approved these changes Jan 6, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@brb brb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@dylandreimerink dylandreimerink self-requested a review January 6, 2026 13:34
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 6, 2026
ti-mo added 5 commits January 6, 2026 17:11
@ti-mo
loader: remove unused constant and unused function arguments
6321af7 
Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: remove unused compilation options to bpf_overlay.c
3edc066 
There used to be some appends here, but these are fortunately long gone.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
tools/dpgen: allow any value for the 'kind' argument
94d4520 
Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
datapath/config: support slices of BPF configuration objects
e3cc880 
This commit renames config.StructToMap to config.Map and teaches it to accept
slices of configuration objects as well as merging their results.

This enables composing slices of configuration at runtime, e.g only when
certain features are enabled, or to pull chunks of configuration data from
Hive or other extra sources within the codebase.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: move endpoint-specific functionality out to a new endpoint.go
7830755 
Signed-off-by: Timo Beckers <timo@isovalent.com>
@aanm aanm added dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. and removed ready-to-merge This PR has passed all tests and received consensus from code owners to merge. labels Jan 6, 2026
ti-mo added 3 commits January 6, 2026 17:19
@ti-mo
loader: move overlay-specific functionality out to a new overlay.go
4a654a6 
Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: move host-specific functionality out to new host.go and netde…
b5bbbfc 
…v.go

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: move wireguard-specific functionality out to new wireguard.go
eadaf4e 
Signed-off-by: Timo Beckers <timo@isovalent.com>
ti-mo added 9 commits January 6, 2026 17:23
@ti-mo
loader: move xdp function symbol const to xdp.go
9d28155 
Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: refactor reinitializeIPSec into reinitializeEncryption
b9265d1 
This commit refactors reinitializeIPSec into reinitializeEncryption for
consistency and in preparation for pluggable datapath configuration objects.

ELF loading and config generation was moved into its own file, encryption.go,
and compilation once again takes place at the start of encrypt program
attachment, while it was moved out before for concurrency reasons. It wasn't
clear if this was still necessary as the surrounding code has changed
significantly.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: introduce funcRegistry, make endpoint BPF configuration plugg…
def72e7 
…able

In preparation of un-embedding config.Node and making the loader's config
mechanism(s) more composable, add a function registry type and refactor
endpoint configuration into configureEndpoint().

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: make overlay BPF configuration pluggable
11d7d70 
Like the previous commit, make bpf_overlay's configuration gathering
pluggable and composable.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: make host BPF configuration pluggable
dae8d5d 
Like the previous commit, make cilium_host, cilium_net and netdev BPF
configuration composable.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: make wireguard BPF configuration pluggable
99143f5 
Like the previous commit, make bpf_wireguard's configuration gathering
pluggable and composable.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: make XDP BPF configuration pluggable
f224050 
Like the previous commit, make bpf_xdp's configuration gathering pluggable and
composable.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: make encryption BPF configuration pluggable
f6d8658 
Like the previous commit, make bpf_network's configuration gathering pluggable
and composable.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo
loader: refactor bpfMasqAddrs
a10b130 
bpfMasqAddrs directly referred to option.Config and it was generally hard to
figure out what exactly it was trying to do. This commit hopefully makes things
a bit more readable and removed the direct dependency on option.Config.

Also added a negative test case to TestBPFMasqAddrs.

Signed-off-by: Timo Beckers <timo@isovalent.com>
@ti-mo ti-mo force-pushed the tb/loader-config-split branch from fa43b76 to a10b130 Compare January 6, 2026 16:32
@ti-mo ti-mo removed the dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. label Jan 6, 2026
@ti-mo
Copy link
Copy Markdown
Contributor Author

ti-mo commented Jan 6, 2026

/test

@ti-mo ti-mo enabled auto-merge January 6, 2026 16:32
@ti-mo ti-mo added this pull request to the merge queue Jan 6, 2026
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 6, 2026
Merged via the queue into cilium:main with commit 665f501 Jan 6, 2026
75 of 76 checks passed
@ti-mo ti-mo deleted the tb/loader-config-split branch January 6, 2026 19:16
@tklauser tklauser mentioned this pull request Jan 7, 2026
Merged
@dylandreimerink dylandreimerink mentioned this pull request Jan 7, 2026
Closed
@gandro gandro mentioned this pull request Jan 28, 2026
Merged
@cilium-release-bot cilium-release-bot bot moved this to Released in cilium v1.19.0 Feb 3, 2026
@tommyp1ckles tommyp1ckles mentioned this pull request Mar 9, 2026
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brb brb brb approved these changes

@dylandreimerink dylandreimerink dylandreimerink approved these changes

Assignees

No one assigned

Labels

ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.

Projects

No open projects
cilium v1.19.0
Status: Released

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@ti-mo @brb @dylandreimerink @msune @aanm